I have tried to add the base dn in -ldap_uri as "-ldap_uri=ldap://a.b.com:111/<base dn>". But this resulted in INVALID DN in the tcpdump output.
Found hadoop.security.group.mapping.ldap.search.* properties in http://datanode:25000/varz which is set as default . It is being picked from core-site.xml. Tried changing to in Cloudera manager in HDFS service and deployed the configuration but it stills shows the default values.