Support Questions

Find answers, ask questions, and share your expertise
Announcements
Celebrating as our community reaches 100,000 members! Thank you!

With Ambari AD management is it possible to have user names prefixed automatically?

avatar
Super Collaborator
 
1 ACCEPTED SOLUTION

avatar
hide-solution

This problem has been solved!

Want to get a detailed solution you have to login/registered on the community

Register/Login
4 REPLIES 4

avatar
Super Collaborator

If this is for a Kerborized cluster, you can create rules in the auth_to_local setting under the REALMS configuration section of the krb5.conf file. You would have to tinker with the Advanced krb5 configuration settings in Ambari to create and propogate the rules. The rules can use the incoming AD id and manipulate it as you need. The MIT documentation has a few examples at http://web.mit.edu/kerberos/krb5-1.12/doc/admin/conf_files/krb5_conf.html

avatar
hide-solution

This problem has been solved!

Want to get a detailed solution you have to login/registered on the community

Register/Login

avatar
Super Collaborator

What about CN or sAMAccount? As I understand they will be the same as principal name, or?

avatar

Each can be altered independently in the Attribute Template:

http://docs.hortonworks.com/HDPDocuments/Ambari-2.1.2.0/bk_Ambari_Security_Guide/content/_customizin...

When you run through the wizard you'll see the template and the CN, and sAMAccountName and where you have the opportunity to prepend, append, alter their values.