Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

Authentication methods for Cloudera Express 6.3 (Cloudera Manager)

Solved Go to solution
Highlighted

Authentication methods for Cloudera Express 6.3 (Cloudera Manager)

Explorer

Greetings,

 

I am looking for a way to enforce password complexity requirements, mandatory rotation of passwords and mitigation of brute force password cracking attacks on Cloudera Manager (CM) accounts.

 

I was researching user authentication options in the free version of CM and came to the conclusion that the only available option is Kerberos and SPNEGO, paired with Kerberos password policies.

 

In CM I enabled "Enable SPNEGO/Kerberos Authentication for the Admin Console and API", but I didn't notice anything different after restarting the service.

 

Are there other options (for the free version of CM 6.3) that I am missing? What are the options in the paid version?

 

Thank you, Kind regards,

Julius

1 ACCEPTED SOLUTION

Accepted Solutions

Re: Authentication methods for Cloudera Express 6.3 (Cloudera Manager)

Super Collaborator

Hi @matagyula ,

 

Thanks for reaching out to Cloudera community.

 

Password complexity and account expiration for users in Cloudera Manager is available through external authentication backends. Please note, this need Cloudera Enterprise license.

You can configure external authentication to LDAP/Active Directory or SAML. Read more from below doc:

https://docs.cloudera.com/documentation/enterprise/latest/topics/cm_sg_external_auth.html

 

However, above does not apply to the CM internal users. We currently have an internal jira which will enhance the validation to the passwords for local CM users adhere to a reasonable policy and it will come in future releases.

 

Thanks and hope this helps!

Li Wang, Technical Solution Manager


Was your question answered? Make sure to mark the answer as the accepted solution.
If you find a reply useful, say thanks by clicking on the thumbs up button.

Learn more about the Cloudera Community:

Terms of Service

Community Guidelines

How to use the forum

View solution in original post

2 REPLIES 2

Re: Authentication methods for Cloudera Express 6.3 (Cloudera Manager)

Super Collaborator

Hi @matagyula ,

 

Thanks for reaching out to Cloudera community.

 

Password complexity and account expiration for users in Cloudera Manager is available through external authentication backends. Please note, this need Cloudera Enterprise license.

You can configure external authentication to LDAP/Active Directory or SAML. Read more from below doc:

https://docs.cloudera.com/documentation/enterprise/latest/topics/cm_sg_external_auth.html

 

However, above does not apply to the CM internal users. We currently have an internal jira which will enhance the validation to the passwords for local CM users adhere to a reasonable policy and it will come in future releases.

 

Thanks and hope this helps!

Li Wang, Technical Solution Manager


Was your question answered? Make sure to mark the answer as the accepted solution.
If you find a reply useful, say thanks by clicking on the thumbs up button.

Learn more about the Cloudera Community:

Terms of Service

Community Guidelines

How to use the forum

View solution in original post

Highlighted

Re: Authentication methods for Cloudera Express 6.3 (Cloudera Manager)

Explorer

Hi @lwang ,

 

Thank you very much for your reply, it answered all the questions I had.

 

Kind regards,

Julius

Don't have an account?
Coming from Hortonworks? Activate your account here