Community Articles
Find and share helpful community-sourced technical articles
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.
Labels (1)
New Contributor

The following steps explain how to configure LDAP for Zeppelin

1) Make sure you can do an ldapsearch with the System Username that has AD permissions to query your OU.

Example:

ldapsearch -h 10.1.1.10:389 -D adsystem@ABC.YOURCO.COM -w abc123 -b OU=users,DC=ABC,DC=YOURCO,DC=COM dn

2) Using Ambari go into Zeppelin Configs and Advanced Zeppelin-env.

3) Edit the shiro_ini_content by adding the following parameters (remove existing first and replace with new):

[users] admin = yourpassword,admin

[main]

adRealm = org.apache.shiro.realm.activedirectory.ActiveDirectoryRealm

adRealm.url = ldap://10.1.1.10 adRealm.searchBase = OU=users,DC=ABC,DC=YOURCO,DC=COM

adRealm.systemUsername = adsystem@ABC.YOURCO.COM

adRealm.systemPassword = abc123

adRealm.principalSuffix = @ABC.YOURCO.COM

adRealm.authorizationCachingEnabled = true sessionManager = org.apache.shiro.web.session.mgt.DefaultWebSessionManager

securityManager.sessionManager = $sessionManager

securityManager.sessionManager.globalSessionTimeout = 86400000

cacheManager = org.apache.shiro.cache.MemoryConstrainedCacheManager

securityManager.cacheManager = $cacheManager

securityManager.realms = $adRealm

shiro.loginUrl = /api/login

[roles]

[urls]

/api/version = anon

/api/interpreter/** = authc, roles[admin]

/api/credential/** = authc, roles[admin]

/api/configurations/** = authc, roles[admin]

/** = authcBasic

4) Save changes in Ambari.

5) Restart Zeppelin.

1,514 Views
Don't have an account?
Coming from Hortonworks? Activate your account here
Version history
Revision #:
1 of 1
Last update:
‎12-30-2016 02:21 PM
Updated by:
 
Contributors
Top Kudoed Authors