Support Questions
Find answers, ask questions, and share your expertise

configuration knox with ldap

I want use Knox to secure ports like 50070 and WebHdfs requests. I'm confused among these papers.
can someone explain step by step by example?

For example, I use the following command to setup ldap, but I do not know the exact values of the parameters.

ambari-server setup-ldap
Primary URL Host* :  localhost
Primary URL Port* :  33389
Use SSL* [true/false] (false):  false
User object class* (person):  person
User name attribute* (uid):  admin
Group object class* (posixGroup):  posixGroup
Group name attribute* (cn):  cn
Group member attribute* (memberUid):  memberUid
Distinguished name attribute* (dn):  dn
Base DN* (dc=ambari,dc=apache,dc=org):  uid=admin,ou=people,dc=hadoop,dc=apache,dc=org
Bind anonymously* [true/false] (false):  false
Handling behavior for username collisions [convert/skip] for LDAP sync* (convert):  convert
ambari.ldap.connectivity.bind_dn: uid=admin,ou=people,dc=hadoop,dc=apache,dc=org
ambari.ldap.connectivity.bind_password: *****
Save settings [y/n] (y)? y


Also, when I use the following command. The answer is as follows:

ambari-server sync-ldap --all
Using python  /usr/bin/python
Syncing with LDAP...
Enter Ambari Admin login: admin
Enter Ambari Admin password: 

Fetching LDAP configuration from DB.
Syncing all...ERROR: Exiting with exit code 1. 
REASON: Caught exception running LDAP sync. Username cannot be empty

myusers-ldif is same:

# entry for sample user admin
dn: uid=admin,ou=people,dc=hadoop,dc=apache,dc=org
objectclass:top
objectclass:person
objectclass:organizationalPerson
objectclass:inetOrgPerson
cn: Admin
sn: Admin
uid: admin
userPassword:admin-password

I want to understand exactly what things I need to do to use knox for security 50070 and other webui !!!

@Jay Kumar SenSharma

2 REPLIES 2

@abbas mohammadnejad

Please refer to post Knox+HDFS UI. It explains that configuration for HDFS UI through Knox.

thank you @Sindhu

i have problem with this step(step1 😞

1. Make sure Knox is configured properly and it works fine.

what exactly i do for this step?