Support Questions
Find answers, ask questions, and share your expertise

How can I use an attribute that is not included in distinguishedName for Knox SSO username?

Contributor

Hi,

Now I'm trying setting up Knox SSO for Ranger.

Once I've succeeded with almost default Ambari's knoxsso.xml.

In the Ambari's default knoxsso.xml, `main.ldapRealm.userDnTemplate` is configured and the value of `{0}` in that parameter is used for Knox SSO's "Username".

In my current configuration, the parameter name of `{0}` is cn because the distinguishedName is like "cn=foo,ou=group,dc=example,dc=com".

However, I want to use another attribute like sAMAccount instead of cn that is included in distinguishedName.

How can I do it?