Support Questions
Find answers, ask questions, and share your expertise

Configuring Cloudera to authenticate to AD

Configuring Cloudera to authenticate to AD

New Contributor

Hello.

 

I am not the Active Directory admin, but with the proper documentation and opening of tickets, I can get the Cloudera system authenticating to AD.

 

What I have:

I have an AD group called ClouderaUsers

I have a service account to query AD when a user logs into Hue

The user must be a member of the ClouderaUsers security group

I have set up kerberos on my development Cloudera environment

 

Looking at the instructions on the Cloudera site, it seems that Cloudera Manager is going to be a user authority, meaning I create user accounts in CM.  I cannot create user accounts in AD, all provisioning goes through a security team, and AD is our authentication authority.

 

My requirements:

I want to use AD to authenticate users in the ClouderaUsers group, if a user is not a member, they will be denied.

 

Is this possible?

 

Tim

 

1 REPLY 1
Highlighted

Re: Configuring Cloudera to authenticate to AD

Super Guru

Hello @TimTeller,

 

I'd start by getting some background on Cloudera Manager authentication here:

 

https://www.cloudera.com/documentation/enterprise/latest/topics/cm_ag_user_accnts.html

and

https://www.cloudera.com/documentation/enterprise/latest/topics/cm_sg_external_auth.html

 

That will likely answer your question and give you some background on how the LDAP configuration in Cloudera Manager works.  If you have questions, let us know.

 

Ben