https://community.cloudera.com/t5/Support-Questions/Trying-to-integrate-Nifi-with-ldap-gives-the-supplied/m-p/376451#M242919 <P>Congratulations on resolving the issue and thanks for sharing the solution.&nbsp;</P> Mon, 18 Sep 2023 13:11:26 GMT cjervis 2023-09-18T13:11:26Z https://community.cloudera.com/t5/Support-Questions/Trying-to-integrate-Nifi-with-ldap-gives-the-supplied/m-p/376420#M242908 <P>Here is my&nbsp; login-identity-providers.xml</P><P>&nbsp;</P><LI-CODE lang="markup">&lt;provider&gt; &lt;identifier&gt;ldap-provider&lt;/identifier&gt; &lt;class&gt;org.apache.nifi.ldap.LdapProvider&lt;/class&gt; &lt;property name="Authentication Strategy"&gt;SIMPLE&lt;/property&gt; &lt;property name="Manager DN"&gt;cn=admin,dc=example,dc=com&lt;/property&gt; &lt;property name="Manager Password"&gt;secret&lt;/property&gt; &lt;property name="TLS - Keystore"&gt;&lt;/property&gt; &lt;property name="TLS - Keystore Password"&gt;&lt;/property&gt; &lt;property name="TLS - Keystore Type"&gt;&lt;/property&gt; &lt;property name="TLS - Truststore"&gt;&lt;/property&gt; &lt;property name="TLS - Truststore Password"&gt;&lt;/property&gt; &lt;property name="TLS - Truststore Type"&gt;&lt;/property&gt; &lt;property name="TLS - Client Auth"&gt;&lt;/property&gt; &lt;property name="TLS - Protocol"&gt;&lt;/property&gt; &lt;property name="TLS - Shutdown Gracefully"&gt;&lt;/property&gt; &lt;property name="Referral Strategy"&gt;FOLLOW&lt;/property&gt; &lt;property name="Connect Timeout"&gt;10 secs&lt;/property&gt; &lt;property name="Read Timeout"&gt;10 secs&lt;/property&gt; &lt;property name="Url"&gt;ldap://localhost:389&lt;/property&gt; &lt;property name="User Search Base"&gt;cn=vishnu,cn=admin,dc=example,dc=com&lt;/property&gt; &lt;property name="User Search Filter"&gt;(objectClass=*)&lt;/property&gt; &lt;property name="Identity Strategy"&gt;USE_USERNAME&lt;/property&gt; &lt;property name="Authentication Expiration"&gt;12 hours&lt;/property&gt; &lt;property name="User Object Class"&gt;person&lt;/property&gt; &lt;property name="User Search Scope"&gt;ONE_LEVEL&lt;/property&gt; &lt;property name="User Identity Attribute"&gt;cn&lt;/property&gt; &lt;/provider&gt;</LI-CODE><P>&nbsp;</P><P>&nbsp;</P><P>The authorizers is shown below.</P><P>&nbsp;</P><LI-CODE lang="markup">&lt;userGroupProvider&gt; &lt;identifier&gt;file-user-group-provider&lt;/identifier&gt; &lt;class&gt;org.apache.nifi.authorization.FileUserGroupProvider&lt;/class&gt; &lt;property name="Users File"&gt;./conf/users.xml&lt;/property&gt; &lt;property name="Legacy Authorized Users File"&gt;&lt;/property&gt; &lt;property name="Initial User Identity 1"&gt;cn=vishnu,cn=admin,dc=example,dc=com&lt;/property&gt; &lt;/userGroupProvider&gt; &lt;accessPolicyProvider&gt; &lt;identifier&gt;file-access-policy-provider&lt;/identifier&gt; &lt;class&gt;org.apache.nifi.authorization.FileAccessPolicyProvider&lt;/class&gt; &lt;property name="User Group Provider"&gt;file-user-group-provider&lt;/property&gt; &lt;property name="Authorizations File"&gt;./conf/authorizations.xml&lt;/property&gt; &lt;property name="Initial Admin Identity"&gt;cn=vishnu,cn=admin,dc=example,dc=com&lt;/property&gt; &lt;property name="Legacy Authorized Users File"&gt;&lt;/property&gt; &lt;property name="Node Identity 1"&gt;&lt;/property&gt; &lt;property name="Node Group"&gt;&lt;/property&gt; &lt;/accessPolicyProvider&gt; &lt;authorizer&gt; &lt;identifier&gt;managed-authorizer&lt;/identifier&gt; &lt;class&gt;org.apache.nifi.authorization.StandardManagedAuthorizer&lt;/class&gt; &lt;property name="User Group Provider"&gt;ldap-user-group-provider&lt;/property&gt; &lt;property name="Access Policy Provider"&gt;file-access-policy-provider&lt;/property&gt; &lt;property name="Initial Admin Identity"&gt;cn=vishnu,cn=admin,dc=example,dc=com&lt;/property&gt; &lt;property name="Legacy Authorized Users File"&gt;&lt;/property&gt; &lt;property name="Node Identity 1"&gt;&lt;/property&gt; &lt;/authorizer&gt;</LI-CODE><P>&nbsp;</P><P>&nbsp;</P><P>The&nbsp; following values of&nbsp; properties are updated</P><P>&nbsp;</P><LI-CODE lang="markup">nifi.login.identity.provider.configuration.file=./conf/login-identity-providers.xml</LI-CODE><P>&nbsp;</P><P>Below is the view of LDAP from Apache Directory studio.</P><P>&nbsp;</P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="pacman_0-1694899261152.png" style="width: 400px;"><img src="https://community.cloudera.com/t5/image/serverpage/image-id/38466i6DE5A24AE53D7121/image-size/medium?v=v2&amp;px=400" role="button" title="pacman_0-1694899261152.png" alt="pacman_0-1694899261152.png" /></span></P><P>Currently there is only one user in that search base. Can someone help identify why the authentication is failing? I referred other articles within Cloudera community and outside but none seem to be working.</P> Sat, 16 Sep 2023 21:36:19 GMT https://community.cloudera.com/t5/Support-Questions/Trying-to-integrate-Nifi-with-ldap-gives-the-supplied/m-p/376420#M242908 pacman 2023-09-16T21:36:19Z https://community.cloudera.com/t5/Support-Questions/Trying-to-integrate-Nifi-with-ldap-gives-the-supplied/m-p/376427#M242912 <P>After some more time of debugging, looks like all the configurations where correct. The password for the configured user was wrong in LDAP causing the issue.</P> Sun, 17 Sep 2023 10:09:10 GMT https://community.cloudera.com/t5/Support-Questions/Trying-to-integrate-Nifi-with-ldap-gives-the-supplied/m-p/376427#M242912 pacman 2023-09-17T10:09:10Z https://community.cloudera.com/t5/Support-Questions/Trying-to-integrate-Nifi-with-ldap-gives-the-supplied/m-p/376451#M242919 <P>Congratulations on resolving the issue and thanks for sharing the solution.&nbsp;</P> Mon, 18 Sep 2023 13:11:26 GMT https://community.cloudera.com/t5/Support-Questions/Trying-to-integrate-Nifi-with-ldap-gives-the-supplied/m-p/376451#M242919 cjervis 2023-09-18T13:11:26Z