Community Articles
Find and share helpful community-sourced technical articles.
Check out our newest addition to the community, the Cloudera Innovation Accelerator group hub.
Labels (1)
New Contributor

The following steps explain how to configure LDAP for Zeppelin

1) Make sure you can do an ldapsearch with the System Username that has AD permissions to query your OU.


ldapsearch -h -D adsystem@ABC.YOURCO.COM -w abc123 -b OU=users,DC=ABC,DC=YOURCO,DC=COM dn

2) Using Ambari go into Zeppelin Configs and Advanced Zeppelin-env.

3) Edit the shiro_ini_content by adding the following parameters (remove existing first and replace with new):

[users] admin = yourpassword,admin


adRealm = org.apache.shiro.realm.activedirectory.ActiveDirectoryRealm

adRealm.url = ldap:// adRealm.searchBase = OU=users,DC=ABC,DC=YOURCO,DC=COM

adRealm.systemUsername = adsystem@ABC.YOURCO.COM

adRealm.systemPassword = abc123

adRealm.principalSuffix = @ABC.YOURCO.COM

adRealm.authorizationCachingEnabled = true sessionManager = org.apache.shiro.web.session.mgt.DefaultWebSessionManager

securityManager.sessionManager = $sessionManager

securityManager.sessionManager.globalSessionTimeout = 86400000

cacheManager = org.apache.shiro.cache.MemoryConstrainedCacheManager

securityManager.cacheManager = $cacheManager

securityManager.realms = $adRealm

shiro.loginUrl = /api/login



/api/version = anon

/api/interpreter/** = authc, roles[admin]

/api/credential/** = authc, roles[admin]

/api/configurations/** = authc, roles[admin]

/** = authcBasic

4) Save changes in Ambari.

5) Restart Zeppelin.

Don't have an account?
Version history
Last update:
‎12-30-2016 02:21 PM
Updated by:
Top Kudoed Authors