Community Articles
Find and share helpful community-sourced technical articles.
Announcements
Check out our newest addition to the community, the Cloudera Innovation Accelerator group hub.
Labels (1)
New Contributor

The following steps explain how to configure LDAP for Zeppelin

1) Make sure you can do an ldapsearch with the System Username that has AD permissions to query your OU.

Example:

ldapsearch -h 10.1.1.10:389 -D adsystem@ABC.YOURCO.COM -w abc123 -b OU=users,DC=ABC,DC=YOURCO,DC=COM dn

2) Using Ambari go into Zeppelin Configs and Advanced Zeppelin-env.

3) Edit the shiro_ini_content by adding the following parameters (remove existing first and replace with new):

[users] admin = yourpassword,admin

[main]

adRealm = org.apache.shiro.realm.activedirectory.ActiveDirectoryRealm

adRealm.url = ldap://10.1.1.10 adRealm.searchBase = OU=users,DC=ABC,DC=YOURCO,DC=COM

adRealm.systemUsername = adsystem@ABC.YOURCO.COM

adRealm.systemPassword = abc123

adRealm.principalSuffix = @ABC.YOURCO.COM

adRealm.authorizationCachingEnabled = true sessionManager = org.apache.shiro.web.session.mgt.DefaultWebSessionManager

securityManager.sessionManager = $sessionManager

securityManager.sessionManager.globalSessionTimeout = 86400000

cacheManager = org.apache.shiro.cache.MemoryConstrainedCacheManager

securityManager.cacheManager = $cacheManager

securityManager.realms = $adRealm

shiro.loginUrl = /api/login

[roles]

[urls]

/api/version = anon

/api/interpreter/** = authc, roles[admin]

/api/credential/** = authc, roles[admin]

/api/configurations/** = authc, roles[admin]

/** = authcBasic

4) Save changes in Ambari.

5) Restart Zeppelin.

2,176 Views
Don't have an account?
Version history
Last update:
‎12-30-2016 02:21 PM
Updated by:
Contributors
Top Kudoed Authors