Support Questions

frank93 · ‎05-11-2016

Hi,

I have a problem with configuring LDAP/AD with Knox. The DEMO LDAP works great for both: sandbox and my own cluster. I am configuring LDAP connection using this document: Setting Up LDAP Authentication. I configured main.ldapRealm.userDnTemplate and main.ldapRealm.contextFactory.url. I tried both classes in main.ldapRealm (KnoxLdapRealm and Jndi...) I am using Ambari to make changes. The versions I use is: sandbox - 2.4.0 and my cluster 2.3.2. When I configure my LDAP - Knox keeps saying that I am unauthorized (401). The credentials are correct because I can use them to log in beeline which is also configured with LDAP + AD.

Do I need to change Advanced users-ldif section in Ambari as well?

Thank you in advance.

frank93 · ‎05-11-2016

Thank you very much @Alex Miller for your quick response. According to doc that you linked and log I found out that I had misconfigured userDnTemplate.

I have another problem. In my AD/LDAP I am using sAMAccountName to identify user, so I need to type at the begging of userDnTemplate something like: sAMAccountName={0},ou=... so on, but it does not recognize users. I cant use cn={0} because as a cn I use two separate words - so I will not work. I dont use uid, and I am not AD admin to add or edit anything.

frank93 · ‎05-11-2016

I found the solution. If anyone else is facing the same problem, review this link and use @bsaini topology. Thanks!

Cloudera Community

Support Questions

Setting up LDAP/AD in Knox

This problem has been solved!

This problem has been solved!