Support Questions

Find answers, ask questions, and share your expertise

Nifi Registry and LDAP

avatar
Frequent Visitor

I an trying to configuring NiFi regoistry (2.5.0) with LDAP, have successfully configured so I can login using AD credential. However I am not able to see users or groups from AD in the admininstration sections.
I have checked the user  and group sections authorizers.xml) are the same as NiFI, as I can see users and groups when I go to Users or Policies section.
I am not using LDAPS (use LDAP in the dev envirobment), and this works fine in NiFi 2.5, and just cant see why it doesnt work with NiFI registry using teh same LDAP usergroup provider settings. 
Any thoughts?


1 REPLY 1

avatar
Master Mentor

@Frank168 

It would be difficult to say what the issue is without being able to see your authorizers.xml file and nifi-registry.properties file.

One common mistake I see individuals make is copying from their NiFi's authorizers.xml.
While they structurally are the same, NiFi-Registry has different class names for each provider in the authorizers.xml.  

The next suggestion i often make is start by reading your authorizers.xml from the bottom up starting with the authorizer (I expect that will be the "managed-authorizer" for you).  That managed-authorizer will reference another provider and that referenced provider will reference another provider and so on.  What you are making sure is that there is a referenced path from the managed-authorizer to your ldap-user-group-provider and likely your user-group-provider as well.  I have seen scenarios where the individual providers were all configured correctly; however, the authorizer was not actually using them because there was not referenced path to them.

Please help our community grow. If you found any of the suggestions/solutions provided helped you with solving your issue or answering your question, please take a moment to login and click "Accept as Solution" on one or more of them that helped.

Thank you,
Matt