https://community.cloudera.com/t5/Support-Questions/NIFI-Authentication-Proxy-Server-not-trusted/m-p/395192#M248880 <P><a href="https://community.cloudera.com/t5/user/viewprofilepage/user-id/118392">@afidos</a>,&nbsp;Welcome to our community! To help you get the best possible answer, I have tagged in our NiFi experts&nbsp;<a href="https://community.cloudera.com/t5/user/viewprofilepage/user-id/80381">@SAMSAL</a>&nbsp;<a href="https://community.cloudera.com/t5/user/viewprofilepage/user-id/35454">@MattWho</a>&nbsp;&nbsp;who may be able to assist you further.<BR /><BR />Please feel free to provide any additional information or details about your query, and we hope that you will find a satisfactory solution to your question.</P> Tue, 15 Oct 2024 05:34:38 GMT VidyaSargur 2024-10-15T05:34:38Z https://community.cloudera.com/t5/Support-Questions/NIFI-Authentication-Proxy-Server-not-trusted/m-p/395123#M248869 <P>I made a docker compose to deploy nifi in cluster on my server.<BR />I get the error Authentication Proxy Server not trusted<BR />Here are my configurations<BR />docker-compose<BR /><BR /></P><DIV><PRE><SPAN>version</SPAN>: <SPAN>'3.8'<BR /></SPAN><SPAN>x-common-nifi</SPAN>:<BR /> <SPAN>environment</SPAN>: &amp;<SPAN>nifi-env<BR /></SPAN> <SPAN>NIFI_WEB_HTTPS_PORT</SPAN>: 8443<BR /> <SPAN>NIFI_CLUSTER_IS_NODE</SPAN>: <SPAN>"true"<BR /></SPAN> <SPAN>NIFI_CLUSTER_NODE_PROTOCOL_PORT</SPAN>: 11444<BR /> <SPAN>NIFI_ZK_CONNECT_STRING</SPAN>: zookeeper:2181<BR /> <SPAN>NIFI_ELECTION_MAX_WAIT</SPAN>: 1 min<BR /> <SPAN>NIFI_ZK_ROOT_NODE</SPAN>: /nifi<BR /> <SPAN>NIFI_SENSITIVE_PROPS_KEY</SPAN>: ${KEY_SENSITIVE}<BR /> <SPAN>NIFI_VARIABLE_REGISTRY_PROPERTIES</SPAN>: http://nifi-registry:18080<BR /> <SPAN>AUTH</SPAN>: ldap<BR /> <SPAN>INITIAL_ADMIN_IDENTITY</SPAN>: <SPAN>'uid=admin,ou=admins,dc=myhost,dc=dev'<BR /></SPAN> <SPAN>#LDAP_AUTHENTICATION_STRATEGY: 'LDAPS'<BR /></SPAN> <SPAN>LDAP_AUTHENTICATION_STRATEGY</SPAN>: <SPAN>'SIMPLE'<BR /></SPAN> <SPAN>LDAP_MANAGER_DN</SPAN>: <SPAN>'cn=admin,dc=myhost,dc=dev'<BR /></SPAN> <SPAN>LDAP_MANAGER_PASSWORD</SPAN>: ${ADMIN_PASSWORD}<BR /> <SPAN>LDAP_URL</SPAN>: <SPAN>'ldap://openldap'<BR /></SPAN> <SPAN>LDAP_USER_SEARCH_BASE</SPAN>: <SPAN>'dc=myhost,dc=dev'<BR /></SPAN> <SPAN>LDAP_USER_SEARCH_FILTER</SPAN>: <SPAN>'uid={0}'<BR /></SPAN> <SPAN>LDAP_IDENTITY_STRATEGY</SPAN>: <SPAN>'USE_DN'<BR /></SPAN> <SPAN>KEYSTORE_TYPE</SPAN>: JKS<BR /> <SPAN>KEYSTORE_PASSWORD</SPAN>: ${KEY_STORE}<BR /> <SPAN>KEYSTORE_PATH</SPAN>: /opt/certs/keystore.jks<BR /> <SPAN>TRUSTSTORE_PATH</SPAN>: /opt/certs/truststore.jks<BR /> <SPAN>TRUSTSTORE_PASSWORD</SPAN>: ${KEY_STORE}<BR /> <SPAN>TRUSTSTORE_TYPE</SPAN>: JKS<BR /> <SPAN>NIFI_WEB_PROXY_HOST</SPAN>: <SPAN>"web.nifiapp.myhost.dev,*.nifiapp.myhost.dev"<BR /></SPAN> <SPAN>NIFI_JVM_HEAP_INIT</SPAN>: 512m<BR /> <SPAN>NIFI_JVM_HEAP_MAX</SPAN>: 512m<BR /> <SPAN>#NODE_IDENTITY: 'CN=*.nifiapp.myhost.dev'<BR /></SPAN> <SPAN>networks</SPAN>: &amp;<SPAN>nifi-net<BR /></SPAN> - nifi_network<BR /> <SPAN>depends_on</SPAN>: &amp;<SPAN>nifi-dep<BR /></SPAN> - openldap<BR /> <SPAN>entrypoint</SPAN>: &amp;<SPAN>nifi-entry<BR /></SPAN> - <SPAN>"/bin/bash"<BR /></SPAN> - <SPAN>"-c"<BR /></SPAN> - <SPAN>"sed -i 's|&lt;appender-ref ref=\"USER_FILE\"/&gt;|&lt;appender-ref ref=\"CONSOLE\"/&gt;|' conf/logback.xml; ../scripts/start.sh"<BR /></SPAN><SPAN><BR /></SPAN><SPAN><BR /></SPAN><SPAN>services</SPAN>:<BR /> <SPAN>zookeeper</SPAN>:<BR /> <SPAN>image</SPAN>: confluentinc/cp-zookeeper:latest<BR /> <SPAN>hostname</SPAN>: zookeeper<BR /> <SPAN>environment</SPAN>:<BR /> <SPAN>ZOOKEEPER_SERVER_ID</SPAN>: 1<BR /> <SPAN>ZOOKEEPER_SERVERS</SPAN>: server.1=zookeeper:2888:3888<BR /> <SPAN>ZOOKEEPER_CLIENT_PORT</SPAN>: 2181<BR /> <SPAN>JVMFLAGS</SPAN>: -Xmx512m -Xms512m<BR /> <SPAN>ports</SPAN>:<BR /> - <SPAN>"7481:2181"<BR /></SPAN> - <SPAN>"7499:8080"<BR /></SPAN> <SPAN>volumes</SPAN>:<BR /> - zookeeper_data:/data<BR /> - zookeeper_datalog:/datalog<BR /> <SPAN>networks</SPAN>:<BR /> - nifi_network<BR /><BR /> <SPAN>nifi1</SPAN>:<BR /> <SPAN>image</SPAN>: apache/nifi:latest<BR /> <SPAN>hostname</SPAN>: n1.nifiapp.myhost.dev<BR /> <SPAN>entrypoint</SPAN>: *<SPAN>nifi-entry<BR /></SPAN> <SPAN>ports</SPAN>:<BR /> - <SPAN>"7498:8443"<BR /></SPAN> - <SPAN>"7400-7425:7400-7425"<BR /></SPAN> <SPAN>environment</SPAN>:<BR /> <SPAN>&lt;&lt;</SPAN>: *<SPAN>nifi-env<BR /></SPAN> <SPAN>NIFI_WEB_HTTPS_HOST</SPAN>: n1.nifiapp.myhost.dev<BR /> <SPAN>NIFI_NODE_IDENTITY</SPAN>: nifi1<BR /> <SPAN>networks</SPAN>: *<SPAN>nifi-net<BR /></SPAN> <SPAN>depends_on</SPAN>: *<SPAN>nifi-dep<BR /></SPAN> <SPAN>volumes</SPAN>:<BR /> - nifi1_logs:/opt/nifi/nifi-current/logs<BR /> - nifi1_state:/opt/nifi/nifi-current/state<BR /> - nifi1_conf:/opt/nifi/nifi-current/conf<BR /> - nifi1_database_repository:/opt/nifi/nifi-current/database_repository<BR /> - nifi1_flowfile_repository:/opt/nifi/nifi-current/flowfile_repository<BR /> - nifi1_content_repository:/opt/nifi/nifi-current/content_repository<BR /> - nifi1_provenance_repository:/opt/nifi/nifi-current/provenance_repository<BR /> - ./exports:/opt/certs<BR /><BR /> <SPAN>nifi2</SPAN>:<BR /> <SPAN>image</SPAN>: apache/nifi:latest<BR /> <SPAN>hostname</SPAN>: n2.nifiapp.myhost.dev<BR /> <SPAN>entrypoint</SPAN>: *<SPAN>nifi-entry<BR /></SPAN> <SPAN>ports</SPAN>:<BR /> - <SPAN>"7497:8443"<BR /></SPAN> - <SPAN>"7426-7451:7426-7451"<BR /></SPAN> <SPAN>environment</SPAN>:<BR /> <SPAN>&lt;&lt;</SPAN>: *<SPAN>nifi-env<BR /></SPAN> <SPAN>NIFI_WEB_HTTPS_HOST</SPAN>: n2.nifiapp.myhost.dev<BR /> <SPAN>NIFI_NODE_IDENTITY</SPAN>: nifi2<BR /> <SPAN>networks</SPAN>: *<SPAN>nifi-net<BR /></SPAN> <SPAN>depends_on</SPAN>: *<SPAN>nifi-dep<BR /></SPAN> <SPAN>volumes</SPAN>:<BR /> - nifi2_logs:/opt/nifi/nifi-current/logs<BR /> - nifi2_state:/opt/nifi/nifi-current/state<BR /> - nifi2_conf:/opt/nifi/nifi-current/conf<BR /> - nifi2_database_repository:/opt/nifi/nifi-current/database_repository<BR /> - nifi2_flowfile_repository:/opt/nifi/nifi-current/flowfile_repository<BR /> - nifi2_content_repository:/opt/nifi/nifi-current/content_repository<BR /> - nifi2_provenance_repository:/opt/nifi/nifi-current/provenance_repository<BR /> - ./exports:/opt/certs<BR /><BR /> <SPAN>nifi3</SPAN>:<BR /> <SPAN>image</SPAN>: apache/nifi:latest<BR /> <SPAN>hostname</SPAN>: n3.nifiapp.myhost.dev<BR /> <SPAN>entrypoint</SPAN>: *<SPAN>nifi-entry<BR /></SPAN> <SPAN>ports</SPAN>:<BR /> - <SPAN>"7496:8443"<BR /></SPAN> - <SPAN>"7452-7475:7452-7475"<BR /></SPAN> <SPAN>networks</SPAN>: *<SPAN>nifi-net<BR /></SPAN> <SPAN>depends_on</SPAN>: *<SPAN>nifi-dep<BR /></SPAN> <SPAN>environment</SPAN>:<BR /> <SPAN>&lt;&lt;</SPAN>: *<SPAN>nifi-env<BR /></SPAN> <SPAN>NIFI_WEB_HTTPS_HOST</SPAN>: n3.nifiapp.myhost.dev<BR /> <SPAN>NIFI_NODE_IDENTITY</SPAN>: nifi3<BR /> <SPAN>volumes</SPAN>:<BR /> - nifi3_logs:/opt/nifi/nifi-current/logs<BR /> - nifi3_state:/opt/nifi/nifi-current/state<BR /> - nifi3_conf:/opt/nifi/nifi-current/conf<BR /> - nifi3_database_repository:/opt/nifi/nifi-current/database_repository<BR /> - nifi3_flowfile_repository:/opt/nifi/nifi-current/flowfile_repository<BR /> - nifi3_content_repository:/opt/nifi/nifi-current/content_repository<BR /> - nifi3_provenance_repository:/opt/nifi/nifi-current/provenance_repository<BR /> - ./exports:/opt/certs<BR /><BR /><BR /> <SPAN>nifi-registry</SPAN>:<BR /> <SPAN>image</SPAN>: apache/nifi-registry:latest<BR /> <SPAN>ports</SPAN>:<BR /> - <SPAN>"7495:18080"<BR /></SPAN> <SPAN>volumes</SPAN>:<BR /> - nifi-registry-data:/opt/nifi-registry/data<BR /> - nifi-registry-conf:/opt/nifi-registry/conf<BR /> - nifi-registry-logs:/opt/nifi-registry/logs<BR /> <SPAN>networks</SPAN>:<BR /> - nifi_network<BR /> <SPAN>depends_on</SPAN>:<BR /> - openldap<BR /><BR /> <SPAN>openldap</SPAN>:<BR /> <SPAN>image</SPAN>: osixia/openldap:1.5.0<BR /> <SPAN>hostname</SPAN>: openldap<BR /> <SPAN>environment</SPAN>:<BR /> <SPAN>LDAP_ORGANISATION</SPAN>: MY ORG<BR /> <SPAN>LDAP_DOMAIN</SPAN>: myhost.dev<BR /> <SPAN>LDAP_ADMIN_PASSWORD</SPAN>: <SPAN>"${ADMIN_PASSWORD}"<BR /></SPAN> <SPAN>LDAP_CONFIG_PASSWORD</SPAN>: <SPAN>"${ADMIN_PASSWORD}"<BR /></SPAN> <SPAN>LDAP_ADMIN_CN</SPAN>: admin<BR /> <SPAN>LDAP_TLS_VERIFY_CLIENT</SPAN>: allow<BR /> <SPAN>LDAP_TLS</SPAN>: <SPAN>"false"<BR /></SPAN> <SPAN>LDAP_BASE_DN</SPAN>: dc=myhost,dc=dev<BR /> <SPAN>ports</SPAN>:<BR /> - <SPAN>"389:389" </SPAN><SPAN># Port LDAP<BR /></SPAN> <SPAN>volumes</SPAN>:<BR /> - openldap-data:/var/lib/ldap<BR /> - openldap-config:/etc/ldap/slapd.d<BR /> <SPAN>networks</SPAN>:<BR /> - nifi_network<BR /> <SPAN>command</SPAN>: [<SPAN>"--loglevel"</SPAN>, <SPAN>"debug"</SPAN>,<SPAN>"--copy-service"</SPAN>]<BR /><BR /> <SPAN>ldap-user-manager</SPAN>:<BR /> <SPAN>image</SPAN>: wheelybird/ldap-user-manager:v1.5<BR /> <SPAN>environment</SPAN>:<BR /> - LDAP_URI=ldap://openldap<BR /> - LDAP_BASE_DN=dc=myhost,dc=dev<BR /> - LDAP_ADMIN_BIND_DN=cn=admin,dc=myhost,dc=dev<BR /> - LDAP_ADMIN_BIND_PWD=${ADMIN_PASSWORD}<BR /> - LDAP_ADMINS_GROUP=cn=admin,ou=MY ORG,dc=myhost,dc=dev<BR /> - LDAP_REQUIRE_STARTTLS=FALSE<BR /> <SPAN>ports</SPAN>:<BR /> - <SPAN>"7494:80"<BR /></SPAN> - <SPAN>"7493:443"<BR /></SPAN> <SPAN>depends_on</SPAN>:<BR /> - openldap<BR /> <SPAN>networks</SPAN>:<BR /> - nifi_network<BR /> <SPAN>platform</SPAN>: linux/amd64<BR /><BR /><SPAN>networks</SPAN>:<BR /> <SPAN>nifi_network</SPAN>:<BR /> <SPAN>name</SPAN>: <SPAN>'nifi_tls_network'<BR /></SPAN><SPAN><BR /></SPAN><SPAN>volumes</SPAN>:<BR /> <SPAN>nifi1_logs</SPAN>:<BR /> <SPAN>nifi1_state</SPAN>:<BR /> <SPAN>nifi1_conf</SPAN>:<BR /> <SPAN>nifi1_database_repository</SPAN>:<BR /> <SPAN>nifi1_flowfile_repository</SPAN>:<BR /> <SPAN>nifi1_content_repository</SPAN>:<BR /> <SPAN>nifi1_provenance_repository</SPAN>:<BR /> <SPAN>nifi2_logs</SPAN>:<BR /> <SPAN>nifi2_state</SPAN>:<BR /> <SPAN>nifi2_conf</SPAN>:<BR /> <SPAN>nifi2_database_repository</SPAN>:<BR /> <SPAN>nifi2_flowfile_repository</SPAN>:<BR /> <SPAN>nifi2_content_repository</SPAN>:<BR /> <SPAN>nifi2_provenance_repository</SPAN>:<BR /> <SPAN>nifi3_logs</SPAN>:<BR /> <SPAN>nifi3_state</SPAN>:<BR /> <SPAN>nifi3_conf</SPAN>:<BR /> <SPAN>nifi3_database_repository</SPAN>:<BR /> <SPAN>nifi3_flowfile_repository</SPAN>:<BR /> <SPAN>nifi3_content_repository</SPAN>:<BR /> <SPAN>nifi3_provenance_repository</SPAN>:<BR /> <SPAN>zookeeper_data</SPAN>:<BR /> <SPAN>zookeeper_datalog</SPAN>:<BR /> <SPAN>nifi-registry-data</SPAN>:<BR /> <SPAN>nifi-registry-conf</SPAN>:<BR /> <SPAN>nifi-registry-logs</SPAN>:<BR /> <SPAN>openldap-data</SPAN>:<BR /> <SPAN>openldap-config</SPAN>:<BR /> <SPAN>postgres_data</SPAN>:<BR /><BR /></PRE></DIV><P>&nbsp;</P><P>on my server I use a Nginx that configure below</P><DIV><PRE><SPAN>upstream nifibalancer </SPAN>{<BR /> ip_hash;<BR /> <SPAN>server </SPAN>localhost:7498;<BR /> <SPAN>server </SPAN>localhost:7497;<BR /> <SPAN>server </SPAN>localhost:7486;<BR />}<BR /><BR /><SPAN>server </SPAN>{<BR /> <SPAN>listen </SPAN>443 <SPAN>ssl</SPAN>;<BR /> <SPAN>server_name </SPAN>~^p(?&lt;port&gt;\d+)\.nifiapp.myhost\.dev$;<BR /> <SPAN>ignore_invalid_headers off</SPAN>;<BR /><BR /> <SPAN># Vérification de l'intervalle de ports autorisés (de 8900 à 8999)<BR /></SPAN><SPAN><BR /></SPAN><SPAN><BR /></SPAN> <SPAN>location </SPAN>/ {<BR /> <SPAN>proxy_set_header Host </SPAN>$host;<BR /> <SPAN>proxy_set_header </SPAN>X-Real-IP $remote_addr;<BR /> <SPAN>proxy_set_header </SPAN>X-Forwarded-For $proxy_add_x_forwarded_for;<BR /> <SPAN>proxy_set_header </SPAN>X-Forwarded-Proto $scheme;<BR /> <SPAN>if </SPAN>($port ~* "^(74[0-8]{1}[0-9]{1})$") {<BR /> <SPAN>proxy_pass </SPAN>http://localhost:$port;<BR /> }<BR /> <SPAN>return </SPAN>403; <SPAN># Refuse les requêtes en dehors de cet intervalle<BR /></SPAN> }<BR /> <SPAN>access_log </SPAN>/var/log/nginx/nifiapp-listener-app-access.log;<BR /> <SPAN>error_log </SPAN>/var/log/nginx/nifiapp-listener-app-error.log;<BR /> <SPAN>ssl_certificate </SPAN>/etc/letsencrypt/live/nifiapp.myhost.dev/fullchain.pem;<BR /> <SPAN>ssl_certificate_key </SPAN>/etc/letsencrypt/live/nifiapp.myhost.dev/privkey.pem;<BR />}<BR /><BR /><SPAN>server </SPAN>{<BR /> <SPAN>listen </SPAN>443 <SPAN>ssl</SPAN>;<BR /> <SPAN>server_name </SPAN>web.nifiapp.myhost.dev;<BR /> <SPAN>ignore_invalid_headers off</SPAN>;<BR /><BR /> <SPAN>location </SPAN>/ {<BR /> <SPAN>proxy_pass </SPAN>https://nifibalancer/;<BR /> <SPAN>proxy_set_header Host </SPAN>$host;<BR /> <SPAN>proxy_set_header </SPAN>X-Real-IP $remote_addr;<BR /> <SPAN>proxy_set_header </SPAN>X-Forwarded-Host $host;<BR /> <SPAN>proxy_set_header </SPAN>X-Forwarded-For $proxy_add_x_forwarded_for;<BR /> <SPAN>proxy_set_header </SPAN>X-Forwarded-Proto $scheme;<BR /> <SPAN>proxy_set_header </SPAN>X-Original-URI $request_uri;<BR /><BR /> <SPAN>proxy_set_header </SPAN>X-ProxyScheme $scheme;<BR /> <SPAN>proxy_set_header </SPAN>X-ProxyHost $host;<BR /> <SPAN>proxy_set_header </SPAN>X-ProxyPort $port;<BR /> <SPAN>#proxy_set_header X-ProxyContextPath /;<BR /></SPAN><SPAN><BR /></SPAN><SPAN> # Add ProxiedEntitiesChain using client certificate's distinguished name (DN)<BR /></SPAN> <SPAN>proxy_set_header </SPAN>X-ProxiedEntitiesChain $ssl_client_s_dn;<BR /> }<BR /> <SPAN>access_log </SPAN>/var/log/nginx/nifiapp-app-access.log;<BR /> <SPAN>error_log </SPAN>/var/log/nginx/nifiapp-app-error.log;<BR /> <SPAN>ssl_certificate </SPAN>/etc/letsencrypt/live/nifiapp.myhost.dev/fullchain.pem;<BR /> <SPAN>ssl_certificate_key </SPAN>/etc/letsencrypt/live/nifiapp.myhost.dev/privkey.pem;<BR />}<BR /><BR /><SPAN>server </SPAN>{<BR /> <SPAN>listen </SPAN>443 <SPAN>ssl</SPAN>;<BR /> <SPAN>server_name </SPAN>zookeeper.nifiapp.myhost.dev;<BR /> <SPAN>ignore_invalid_headers off</SPAN>;<BR /><BR /> <SPAN>location </SPAN>/ {<BR /> <SPAN>proxy_pass </SPAN>http://localhost:7499;<BR /> <SPAN>proxy_set_header Host </SPAN>$host;<BR /> <SPAN>proxy_set_header </SPAN>X-Real-IP $remote_addr;<BR /> <SPAN>proxy_set_header </SPAN>X-Forwarded-Host $host;<BR /> <SPAN>proxy_set_header </SPAN>X-Forwarded-For $proxy_add_x_forwarded_for;<BR /> <SPAN>proxy_set_header </SPAN>X-Forwarded-Proto $scheme;<BR /> <SPAN>proxy_set_header </SPAN>X-Original-URI $request_uri;<BR /> }<BR /><BR /> <SPAN>error_page </SPAN>404 =200 /index.html;<BR /> <SPAN>access_log </SPAN>/var/log/nginx/nifiapp-zookeeper-app-access.log;<BR /> <SPAN>error_log </SPAN>/var/log/nginx/nifiapp-zookeeper-app-error.log;<BR /> <SPAN>ssl_certificate </SPAN>/etc/letsencrypt/live/nifiapp.myhost.dev/fullchain.pem;<BR /> <SPAN>ssl_certificate_key </SPAN>/etc/letsencrypt/live/nifiapp.myhost.dev/privkey.pem;<BR />}</PRE></DIV><P><BR /><BR /></P> Mon, 14 Oct 2024 14:49:13 GMT https://community.cloudera.com/t5/Support-Questions/NIFI-Authentication-Proxy-Server-not-trusted/m-p/395123#M248869 afidos 2024-10-14T14:49:13Z https://community.cloudera.com/t5/Support-Questions/NIFI-Authentication-Proxy-Server-not-trusted/m-p/395192#M248880 <P><a href="https://community.cloudera.com/t5/user/viewprofilepage/user-id/118392">@afidos</a>,&nbsp;Welcome to our community! To help you get the best possible answer, I have tagged in our NiFi experts&nbsp;<a href="https://community.cloudera.com/t5/user/viewprofilepage/user-id/80381">@SAMSAL</a>&nbsp;<a href="https://community.cloudera.com/t5/user/viewprofilepage/user-id/35454">@MattWho</a>&nbsp;&nbsp;who may be able to assist you further.<BR /><BR />Please feel free to provide any additional information or details about your query, and we hope that you will find a satisfactory solution to your question.</P> Tue, 15 Oct 2024 05:34:38 GMT https://community.cloudera.com/t5/Support-Questions/NIFI-Authentication-Proxy-Server-not-trusted/m-p/395192#M248880 VidyaSargur 2024-10-15T05:34:38Z https://community.cloudera.com/t5/Support-Questions/NIFI-Authentication-Proxy-Server-not-trusted/m-p/395245#M248901 <P>I create my first user with this script</P><DIV><PRE><SPAN>#!/bin/bash<BR /></SPAN><SPAN><BR /></SPAN><SPAN>group</SPAN>=<SPAN>'admins'<BR /></SPAN><SPAN>username</SPAN>=<SPAN>'admin'<BR /></SPAN><SPAN>uidNumber</SPAN>=<SPAN>1001<BR /></SPAN><SPAN>gidNumber</SPAN>=<SPAN>1001<BR /></SPAN><SPAN>firstName</SPAN>=<SPAN>'My First'<BR /></SPAN><SPAN>lastName</SPAN>=<SPAN>"My Last"<BR /></SPAN><SPAN>password</SPAN>=<SPAN>"password"<BR /></SPAN><SPAN><BR /></SPAN><SPAN>ldapadd </SPAN>-x -D <SPAN>"cn=admin,dc=myhost,dc=dev" </SPAN>-w <SPAN>$password </SPAN>&lt;&lt;<SPAN>EOF<BR /></SPAN><SPAN>dn: ou=$group,dc=myhost,dc=dev<BR /></SPAN><SPAN>objectClass: organizationalUnit<BR /></SPAN><SPAN>ou: $group<BR /></SPAN><SPAN>EOF<BR /></SPAN><SPAN><BR /></SPAN><SPAN>cat </SPAN>&lt;&lt;<SPAN>EOF<BR /></SPAN><SPAN> dn: uid=$username,ou=$group,dc=myhost,dc=dev<BR /></SPAN><SPAN> objectClass: inetOrgPerson<BR /></SPAN><SPAN> objectClass: posixAccount<BR /></SPAN><SPAN> uid: $username<BR /></SPAN><SPAN> cn: $username<BR /></SPAN><SPAN> sn: $lastName<BR /></SPAN><SPAN> givenName: $firstName<BR /></SPAN><SPAN> uidNumber: $uidNumber<BR /></SPAN><SPAN> gidNumber: $gidNumber<BR /></SPAN><SPAN> homeDirectory: /home/$username<BR /></SPAN><SPAN> loginShell: /bin/bash<BR /></SPAN><SPAN> userPassword: $(slappasswd -s $password)<BR /></SPAN><SPAN>EOF<BR /></SPAN><SPAN># Ajouter l'utilisateur via ldapadd<BR /></SPAN><SPAN>ldapadd </SPAN>-x -D <SPAN>"cn=admin,dc=myhost,dc=dev" </SPAN>-w <SPAN>$password </SPAN>&lt;&lt;<SPAN>EOF<BR /></SPAN><SPAN>dn: uid=$username,ou=$group,dc=myhost,dc=dev<BR /></SPAN><SPAN>objectClass: inetOrgPerson<BR /></SPAN><SPAN>objectClass: posixAccount<BR /></SPAN><SPAN>uid: $username<BR /></SPAN><SPAN>cn: $username<BR /></SPAN><SPAN>sn: $lastName<BR /></SPAN><SPAN>givenName: $firstName<BR /></SPAN><SPAN>uidNumber: $uidNumber<BR /></SPAN><SPAN>gidNumber: $gidNumber<BR /></SPAN><SPAN>homeDirectory: /home/$username<BR /></SPAN><SPAN>loginShell: /bin/bash<BR /></SPAN><SPAN>userPassword: $(slappasswd -s $password)<BR /></SPAN><SPAN>EOF<BR /></SPAN></PRE></DIV><DIV class="message-pane hidden"><DIV class="message-pane-message-box"><DIV class="message-pane-content">Authentication Proxy Server not trusted<BR /><BR /></DIV><DIV class="message-pane-content">&nbsp;</DIV><DIV class="message-pane-content">&nbsp;</DIV></DIV></DIV> Tue, 15 Oct 2024 15:25:44 GMT https://community.cloudera.com/t5/Support-Questions/NIFI-Authentication-Proxy-Server-not-trusted/m-p/395245#M248901 afidos 2024-10-15T15:25:44Z