Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

Problem Sync'ing IPA LDAP Group to Ambari

Solved Go to solution
Highlighted

Problem Sync'ing IPA LDAP Group to Ambari

Super Collaborator

Hi All, I am doing a small prototype trying to sync the IPA ldap groups to Ambari. I am able to sync the users and groups individually. However, when I sync a group, the relations/users under the group are not copied, but only an empty group. Could you point out where I could be going wrong? Below is my configuration used for the set up.

Primary URL* {host:port} (ipa.arunak.com:636): 
Secondary URL {host:port} : 
Use SSL* [true/false] (true): 
User object class* (mepManagedEntry): 
User name attribute* (cn): 
Group object class* (posixGroup): 
Group name attribute* (cn): 
Group member attribute* (member): 
Distinguished name attribute* (dn): 
Base DN* (dc=arunak,dc=com): 
Referral method [follow/ignore] : 
Bind anonymously* [true/false] (false): 
Manager DN* (arun): uid=arun,cn=users,cn=accounts,dc=arunak,dc=com         
Enter Manager Password* : 
Re-enter password: 
Do you want to provide custom TrustStore for Ambari [y/n] (y)?
TrustStore type [jks/jceks/pkcs12] (jks):
Path to TrustStore file (/etc/ambari-server/keys/ldaps-keystore.jks):
Password for TrustStore:
Re-enter password: 
====================Review Settings====================
authentication.ldap.managerDn: uid=arun,cn=users,cn=accounts,dc=arunak,dc=com
authentication.ldap.managerPassword: *****
ssl.trustStore.type: jks
ssl.trustStore.path: /etc/ambari-server/keys/ldaps-keystore.jks
ssl.trustStore.password: *****
Save settings [y/n] (y)? 
Saving...done
Ambari Server 'setup-ldap' completed successfully.

I synced the group as below, but no users were copied to ambari, but just an empty group got created.

ambari-server sync-ldap --groups grp.lst 
Using python  /usr/bin/python2.6
Syncing with LDAP...
Enter Ambari Admin login: ipaadmin
Enter Ambari Admin password: 
Syncing specified users and groups...
Completed LDAP Sync.
Summary:  
memberships:    
removed = 0    
created = 0  
users:    
updated = 0    
removed = 0    
created = 0  
groups:    
updated = 0    
removed = 0    
created = 2
Ambari Server 'sync-ldap' completed successfully.
1 ACCEPTED SOLUTION

Accepted Solutions

Re: Problem Sync'ing IPA LDAP Group to Ambari

Expert Contributor
@Arun A K

Is the problem resolved. If not try giving absolute path for file grp.lst in the argument

3 REPLIES 3

Re: Problem Sync'ing IPA LDAP Group to Ambari

Expert Contributor
@Arun A K

Is the problem resolved. If not try giving absolute path for file grp.lst in the argument

Re: Problem Sync'ing IPA LDAP Group to Ambari

Super Collaborator

@pankaj singh Thank You Pankaj, I will try that and let you know.

Re: Problem Sync'ing IPA LDAP Group to Ambari

Super Collaborator

Worked after specifying the absolute file path.

Don't have an account?
Coming from Hortonworks? Activate your account here