Support Questions

I follow your steps as given above but i got connection refused issue that is mension below

[root@sandbox ~]# ambari-server setup-ldap

Using python /usr/bin/python2

Setting up LDAP properties...

Primary URL* {host:port} (localhost:636): localhost:389

Secondary URL {host:port} :

Use SSL* [true/false] (false):

User object class* (person):

User name attribute* (cn):

Group object class* (posixGroup): group

Group name attribute* (memberof): cn

Group member attribute* (memberUid): member

Distinguished name attribute* (dn): dn

Base DN* (ou=people,dc=hadoop,dc=apache,dc=org):

Referral method [follow/ignore] (ignore): follow

Bind anonymously* [true/false] (false):

Manager DN* (uid=hdfs,ou=people,dc=hadoop,dc=apache,dc=org):

Enter Manager Password* :

Re-enter password:

====================

Review Settings

====================

authentication.ldap.managerDn: uid=hdfs,ou=people,dc=hadoop,dc=apache,dc=org authentication.ldap.managerPassword: *****

Save settings [y/n] (y)? y Saving...done

Ambari Server 'setup-ldap' completed successfully.

[root@sandbox ~]# ambari-server start

Using python /usr/bin/python2

Starting ambari-server

Ambari Server running with administrator privileges.

Organizing resource files at /var/lib/ambari-server/resources...

Server PID at: /var/run/ambari-server/ambari-server.pid Server out at: /var/log/ambari-server/ambari-server.out Server log at: /var/log/ambari-server/ambari-server.log

Waiting for server start....................

Ambari Server 'start' completed successfully.

[root@sandbox ~]# ambari-server sync-ldap --

all Using python /usr/bin/python2

Syncing with LDAP...

Enter Ambari Admin login:

admin Enter Ambari Admin password:

Syncing all..ERROR: Exiting with exit code 1. REASON: Caught exception running LDAP sync. localhost:389; nested exception is javax.naming.CommunicationException: localhost:389 [Root exception is java.net.ConnectException: Connection refused (Connection refused)]

[root@sandbox ~]#

hello Neerraj,

i'm looking for integrating LDAP server with hortonworks sandbox Ambari (HDP 2.5) and ambari-server --version 2.4.0.0-1225 i have tried twice to run "ambari-server setup-ldap" and "ambari-server sync-ldap –all" twice, but i'm keeping having error 403 at the beginning of LDAP Sync. when this error come up, i'm not able anymore to logging into Ambari UI with my Ambari credentials (admin/password). even after reseting my password with "ambari-admin-password-reset". but what i've observed so far is that i could in logging with "maria_dev/maria_dev" credential and also with some new user i have added during LDAP setup server. i was wondering if this could be a password migration tools that is doing the wrong password migration? i have checked the user "admin" in my LDAP database, and i can observe that it's not encrypted in the same way as user like maria_dev or raj_ops!! (see below): can this cause trouble during my ambari-server and LDAP synchronization? or it is due to my ambari-server LDAP setup settings?

==> MARIA_DEV INFORMATIONS
[root@sandbox ~]# ldapsearch -x cn=maria_dev -b dc=hortonworks,dc=com
# extended LDIF
#
# LDAPv3
# base with scope subtree
# filter: cn=maria_dev
# requesting: ALL
#

# maria_dev, People, hortonworks.com
dn: uid=maria_dev,ou=People,dc=hortonworks,dc=com
uid: maria_dev
cn: maria_dev
sn: maria_dev
mail: maria_dev@hortonworks.com
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
userPassword:: e2NyeXB0fSQ2JC94YTFDb0dTMnAvOC4yRCQ3MDkuL1pYRHpnV01vVGIzeWdnNnd
HNUNuM2ZXck82QTBzUGhOZzVFZEpodjF2LmRTQnBEelJUMHpPaFBUdmxZSzhGU3NVZEppS1M2QUFo
OXpqLld1MQ==
shadowLastChange: 17099
shadowMin: 0
shadowMax: 99999
shadowWarning: 7
loginShell: /bin/bash
uidNumber: 1023
gidNumber: 1023
homeDirectory: /home/maria_dev

# maria_dev, Group, hortonworks.com
dn: cn=maria_dev,ou=Group,dc=hortonworks,dc=com
objectClass: posixGroup
objectClass: top
cn: maria_dev
userPassword:: e2NyeXB0fXg=
gidNumber: 1023

=======> ADMIN INFORMATION:
[root@sandbox ~]# ldapsearch -x cn=admin -b dc=hortonworks,dc=com
# extended LDIF
#
# LDAPv3
# base with scope subtree
# filter: cn=admin
# requesting: ALL
#

# admin, People, hortonworks.com
dn: uid=admin,ou=People,dc=hortonworks,dc=com
uid: admin
cn: admin
sn: admin
mail: admin@hortonworks.com
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
userPassword:: e2NyeXB0fSEh
shadowLastChange: 17099
shadowMin: 0
shadowMax: 99999
shadowWarning: 7
loginShell: /bin/bash
uidNumber: 1005
gidNumber: 1005
homeDirectory: /home/admin

# admin, Group, hortonworks.com
dn: cn=admin,ou=Group,dc=hortonworks,dc=com
objectClass: posixGroup
objectClass: top
cn: admin
userPassword:: e2NyeXB0fXg=
gidNumber: 1005

# search result
search: 2
result: 0 Success

thanks a lot for your help.

regards.

sidoine.

Do you have admin user in AD?

Yes, admin user is in AD.

If the admin user is synchronized from AD, then you will have to update the Ambari DB and update it. You should probably create a backup admin user with different name with Admin privileges in Ambari.

mysql> use ambaricustom

mysql> update users set ldap_user=0 where user_name='admin';

I tried logging in to mysql using the admin/admin account but won't let me in. Also tried root@hostname, same issue.