Community Articles
Find and share helpful community-sourced technical articles
Labels (2)

There have been a number of questions recently on using AD/IPA with HDP 2.3 security:

  1. How to setup Active Directory/IPA?
  2. How to setup cluster OS to recognize users from AD using SSSD?
  3. How to enable kerberos for authentication?
  4. How to install Ranger for authorization/audit and setup plugins for HDFS, Hive, HBase, Kafka, Storm, Yarn, Knox and test these components on kerborized cluster?
  5. How to sync Ranger user/group sync with AD/IPA?
  6. How to integrate Knox with AD/IPA?
  7. How to setup encryption at rest with Ranger KMS?

To help answer some of these questions, the partner team have prepared cheatsheets on security workshops. These are living materials with sample code snippets which are being updated/enhanced per the feedback from the field so rather than replicate the materials here, the latest materials can be referenced at the GitHub repo linked from here:

To help get started with security, we have also made available secured sandbox and LDAP VMs after running through above steps.

Note that these are unofficial and for the final word on security with HDP, the official docs should be referenced at: For example:

For help with the workshop materials please use GitHub issues: