Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

Configuring Cloudera to authenticate to AD

Configuring Cloudera to authenticate to AD

New Contributor

Hello.

 

I am not the Active Directory admin, but with the proper documentation and opening of tickets, I can get the Cloudera system authenticating to AD.

 

What I have:

I have an AD group called ClouderaUsers

I have a service account to query AD when a user logs into Hue

The user must be a member of the ClouderaUsers security group

I have set up kerberos on my development Cloudera environment

 

Looking at the instructions on the Cloudera site, it seems that Cloudera Manager is going to be a user authority, meaning I create user accounts in CM.  I cannot create user accounts in AD, all provisioning goes through a security team, and AD is our authentication authority.

 

My requirements:

I want to use AD to authenticate users in the ClouderaUsers group, if a user is not a member, they will be denied.

 

Is this possible?

 

Tim

 

1 REPLY 1
Highlighted

Re: Configuring Cloudera to authenticate to AD

Super Guru

Hello @TimTeller,

 

I'd start by getting some background on Cloudera Manager authentication here:

 

https://www.cloudera.com/documentation/enterprise/latest/topics/cm_ag_user_accnts.html

and

https://www.cloudera.com/documentation/enterprise/latest/topics/cm_sg_external_auth.html

 

That will likely answer your question and give you some background on how the LDAP configuration in Cloudera Manager works.  If you have questions, let us know.

 

Ben