Support Questions

saikrishna_tara · ‎08-28-2017

Hi,I am trying to configure LDAP authentication to our NiFi instance, I am using SIMPLE authentication strategy , with the below settings.

<provider> <identifier>ldap-provider</identifier>

<class>org.apache.nifi.ldap.LdapProvider</class>

<property name="Authentication Strategy">SIMPLE</property>

<property name="Manager DN">CN=admintarapare,OU=Admins,OU=Users and Groups,OU=GC AMS,OU=AMS,OU=Organizations,DC=mycompany,DC=com></property>

<property name="Manager Password">mypwd></property>

</property> <property name="Referral Strategy">FOLLOW</property>

<property name="Url">ldap://ourserver:389</property>

<property name="User Search Base">OU=Admins,OU=Users and Groups,OU=GC AMS,OU=AMS,OU=Organizations,DC=mycompany,DC=com></property>

<property name="User Search Filter">sAMAccountName={0}</property>

<property name="Identity Strategy">USE_DN</property> <property name="Authentication Expiration">12 hours</property> </provider>

i am not getting any exception in the nifi-app.log, but getting this in nifi-user.log

o.a.n.w.a.c.IllegalArgumentExceptionMapper java.lang.IllegalArgumentException: The supplied username and password are not valid.. Returning Bad Request response.

I am using this user admintarapare(which i used in my Manager CN) to login and i know the pwd is correct and i used LDP on my server to verify its connecting to the LDAP server.

Any idea on what i am doing wrong here.?

Regards,

Sai

Wynner · ‎08-29-2017

@Saikrishna Tarapareddy

There is an extra character at the end of both of those properties.

">" this is the extra character, on the end of your value.

View solution in original post

Wynner · ‎08-29-2017

@Saikrishna Tarapareddy

Try changing the User Search Filter from sAMAccountName={0} to (sAMAccountName={0})

saikrishna_tara · ‎08-29-2017

@wynner ,

I am getting the same error after changing sAMAccountName={0} to (sAMAccountName={0})

Wynner · ‎08-29-2017

@Saikrishna Tarapareddy

Just to be sure. Did you restart NiFi after making the change?

saikrishna_tara · ‎08-29-2017

@Wynner ,

Yes , i did.

Wynner · ‎08-29-2017

@Saikrishna Tarapareddy

Another just to be sure, you have an extra character at the end of a couple of the properties.

This property appears to have an extra character

Manager DN

CN=admintarapare,OU=Admins,OU=Users and Groups,OU=GC AMS,OU=AMS,OU=Organizations,DC=mycompany,DC=com>

and this property also

User Search Base

OU=Admins,OU=Users and Groups,OU=GC AMS,OU=AMS,OU=Organizations,DC=mycompany,DC=com>

saikrishna_tara · ‎08-29-2017

@Wynner,

i do not have any extra chars , i just double checked..

<property name="Manager DN">CN=admintarapa,OU=Admins,OU=Users and Groups,OU=GC AMS,OU=AMS,OU=Organizations,DC=mycomp,DC=com></property>

<property name="User Search Base">OU=Admins,OU=Users and Groups,OU=GC AMS,OU=AMS,OU=Organizations,DC=mycomp,DC=com></property>

One interesting thing is , i tried with wrong password for my manager DN in the login-identity-providers.xml file , even then i get the same error.

o.a.n.w.a.c.IllegalArgumentExceptionMapper java.lang.IllegalArgumentException: The supplied username and password are not valid.. Returning Bad Request response.

Regards,

Sai

Wynner · ‎08-29-2017

@Saikrishna Tarapareddy

There is an extra character at the end of both of those properties.

">" this is the extra character, on the end of your value.

jpetro416 · ‎08-29-2017

If your password has any unique characters such as "&" it will break the XML

The fix for this example would be changing the & to: "& amp;" without the space (this website will not show the correct value).

saikrishna_tara · ‎08-29-2017

@Wynner ,

Sorry , i missed it..Thanks a lot..

now i am getting

insufficient permissions error ..let me check in my user..

Cloudera Community

Support Questions

LDAP Authentication Issue