Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

How to configure cloudera navigator to access multiple Active Directory/LDAP servers

How to configure cloudera navigator to access multiple Active Directory/LDAP servers

Expert Contributor

Hi,

 

We are using CM 5.14 and CDH 5.14. We have configured Hue to use multiple AD domains but we do not have any info on how it can be done on Cloudera navigator. Any pointers are appreciated.

 

Thanks

3 REPLIES 3
Highlighted

Re: How to configure cloudera navigator to access multiple Active Directory/LDAP servers

Super Guru

@RajeshBodolla,

 

There isn't any concept of multiple ldap domains in Navigator or Cloudera Manager as you have configured in Hue.

Maybe you could describe what you are trying to accomplish and see if the community can offer some alternatives.

Re: How to configure cloudera navigator to access multiple Active Directory/LDAP servers

Expert Contributor

Hi @bgooley

 

We have users in multiple domins that want access to navigator UI but the configurations allow only one AD domain and there is no option in Navigator to add individual users as well if we have to add local users instead of AD users. The option in cloudera manager provides navigator admin access to local users while we require read-only in navigator.

Re: How to configure cloudera navigator to access multiple Active Directory/LDAP servers

Super Guru

@RajeshBodolla,

 

There are a few options I can offer:

 

  1. Create a separate LDAP server for auth so that you can have your Navigator users in one place
  2. Use SAML
  3. Implement an LDAP proxy solution like OpenLDAP "meta" backend so that Navigator talks to the LDAP proxy and the proxy sends requests to several LDAP backends.

 

Some proxy info:

 

https://wiki.samba.org/index.php/OpenLDAP_as_proxy_to_AD

https://linoxide.com/linux-how-to/configure-ad-authentication-ldap-proxy-tls-ssl/
http://www.openldap.org/software/man.cgi?query=slapd-meta&apropos=0&sektion=0&manpath=OpenLDAP+2.4-R...

 

There may be other solutions, but those are certainly valid

 

 

Don't have an account?
Coming from Hortonworks? Activate your account here