Support Questions
Find answers, ask questions, and share your expertise

Prevent users outside of LDAP filter from logging into Cloudera Manager

Explorer

Hello Team,

 

I have a requirement to apply specific filters for user login on Cloudera Manager. I came across a configuration setting that allows for including an external authentication script. But I am not clear on how the script should look like. https://docs.cloudera.com/cdp-private-cloud-base/7.1.7/security-kerberos-authentication/topics/cm-se.... Does anybody have an idea?

 

Thanks

 

4 REPLIES 4

Cloudera Employee

Hey follow the below doc:

https://docs.cloudera.com/cdp-private-cloud-base/7.1.6/security-kerberos-authentication/topics/cm-se...

 

Administration > Settings > Authentication Backend Order > select the appropriate one

eg: External Only (with emergency Administrator access)

Community Manager

@Sayed016, Has the reply helped resolve your issue? If so, please mark the appropriate reply as the solution, as it will make it easier for others to find the answer in the future.  



Regards,

Vidya Sargur,
Community Manager


Was your question answered? Make sure to mark the answer as the accepted solution.
If you find a reply useful, say thanks by clicking on the thumbs up button.
Learn more about the Cloudera Community:

Explorer

Hello @nthomas 

 

Sorry for the delayed reply. I set the LDAP user search filter and LDAP user search base to the Cloudera Manager > Settings. By setting these values I could block the users from showing the cluster information and the settings but I couldn’t completely block the users from logging in. The main intention was to block the users from logging in. Do you know how can I block the users completely?

 

 

Cloudera Employee

This needs to be done from LDAP/AD side. Create a group in LDAP for the users you want to give access to the CM and sync only that group in CM using the group filter.