Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

Issue with configuring ldap using 'Knox Demo Ldap' with ambari-server

Highlighted

Issue with configuring ldap using 'Knox Demo Ldap' with ambari-server

New Contributor

Hi Team,

In a POC environment, we're building Ambari 2.6.1 with HDP 2.6 stack.
We would like to test ambari-server with LDAP before we build in Non-prod and prod environment.
We're using the same Knox Demo Ldap(for demo purposes) to configure ambari-server ldap.

We're having trouble with syncing ldap, getting 403 bad credentials but we're successfully able to login using same credentials via Softerra LDAP Browser.

The credentials are the same as in files below:

  • /etc/knox/2.6.4.0-91/0/users.ldif
  • /usr/hdp/2.6.4.0-91/etc/knox/conf/users.ldif


Please assist with the below issue.

Below is what we tried to configure ldap with ambari:

  1. [root@ambarinn ~]# ambari-server setup-ldap
    Using python  /usr/bin/python
    Setting up LDAP properties...
    Primary URL* {host:port} (ambarinn.cluster.com:33389):ambarinn.cluster.com:33389
    Secondary URL {host:port} :
    Use SSL* [true/false] (false):false
    User object class* (person):person
    User name attribute* (uid):uid
    Group object class* (groupofnames):groupofnames
    Group name attribute* (cn):cn
    Group member attribute* (member):member
    Distinguished name attribute* (dn):dn
    Base DN* (dc=hadoop,dc=apache,dc=org):dc=hadoop,dc=apache,dc=org
    Referral method [follow/ignore] (ignore):ignore
    Bind anonymously* [true/false] (false):false
    Handling behavior for username collisions [convert/skip] for LDAP sync* (skip):skip
    Manager DN* (uid=guest,ou=people,dc=hadoop,dc=apache,dc=org):uid=guest,ou=people,dc=hadoop,dc=apache,dc=org
    Enter Manager Password* :guest-password
    Re-enter password:
    ====================
    Review Settings
    ====================
    authentication.ldap.managerDn: uid=guest,ou=people,dc=hadoop,dc=apache,dc=org
    authentication.ldap.managerPassword: *****
    Save settings [y/n] (y)? y
    Saving...done
    Ambari Server 'setup-ldap' completed successfully.
    [root@ambarinn ~]# ambari-server sync-ldap --all
    Using python  /usr/bin/python
    Syncing with LDAP...
    Enter Ambari Admin login: guest
    Enter Ambari Admin password:guest-password
    Syncing all.ERROR: Exiting with exit code 1.
    REASON: Sync event creation failed. Error details: HTTP Error 403: Unable to sign in. Invalid username/password combination.		
Don't have an account?
Coming from Hortonworks? Activate your account here