Posts: 25
Registered: ‎04-26-2016

Kerberos is enabled on Hue, users with Ad credentials who are part of cloudera users group

We have kerberos enabled on hue and is working fine, but enabling sentry is the problem, reading knowledge base saying if our Kerberos ldap is enabled based on winbind which cloudera is saying does'nt support. they support with SSSD instead of winbind.


Question: our main objective is getting sentry enabled, in that process what si the proper way for enabling kerberos with SSSD. should kerberos be enabled on both HUE and also cloudera manager. currently users that are on cloudera manager cannot access hue and on cloudera manager if i want to create a new user, there is no way i see a user part of cloudera users AD group.


in a properly functioning environment are all cloudera hue, cloudera navigator and cloudera manager all are enabled with Kerberos LDAP?


I tried to out above as much info as possible to put this question.


Thank you very much for the helpful info.