Support Questions

Find answers, ask questions, and share your expertise
Announcements
Check out our newest addition to the community, the Cloudera Data Analytics (CDA) group hub.

Nifi autherization using Ldap

New Contributor

Hi team ,

In our environment we are using Nifi 1.2.0 in HDF 3. We used Ambari for installation and configuration . We are not installed Nifi CA Certificate authority . We integrated Nifi with AD .

In this scenario how can we create a Initial Admin Identity . Due to this we are not able to login to Nifi UI


Regards

Laiju

1 ACCEPTED SOLUTION

You can set the Initial Admin identity to the identity of one of your LDAP users.

The value will be dependent on how you have configured NiFi's LDAP login-identity-provider.

<property name="Identity Strategy">USE_DN</property>

If Identity Strategy is USE_DN, then the Initial Admin value should be the full DN from LDAP.

If Identity Strategy is USE_USERNAME, then the Initial Admin value should be just the username.

You may also need to shutdown NiFi, and manually remove /var/lib/nifi/conf/users.xml and /var/lib/nifi/conf/authorizations.xml from each node, because NiFi only makes use of the Initial Admin when there are no other users/groups/policies defined.

View solution in original post

2 REPLIES 2

You can set the Initial Admin identity to the identity of one of your LDAP users.

The value will be dependent on how you have configured NiFi's LDAP login-identity-provider.

<property name="Identity Strategy">USE_DN</property>

If Identity Strategy is USE_DN, then the Initial Admin value should be the full DN from LDAP.

If Identity Strategy is USE_USERNAME, then the Initial Admin value should be just the username.

You may also need to shutdown NiFi, and manually remove /var/lib/nifi/conf/users.xml and /var/lib/nifi/conf/authorizations.xml from each node, because NiFi only makes use of the Initial Admin when there are no other users/groups/policies defined.

New Contributor

Hi Bryan ,

Thanks a lot for your help . It worked perfectly .

Take a Tour of the Community
Don't have an account?
Your experience may be limited. Sign in to explore more.