Support Questions
Find answers, ask questions, and share your expertise

hadoop ad authentication without using sssd

New Contributor

Hi everyone,

Can hadoop use AD/LDAP authentication without using sssd at the OS-level? I need to authenticate against AD, but have other security products managing OS-level security and OS-level AD integration. I'd rather not have to use sssd. Is this possible?

1 REPLY 1

For Hadoop, OS is the source of truth not SSD.
SSD is hidden underneath your PAM and NSS, hence hadoop never tries to connect to SSD directly, SSSD can replace by any similar technologies like VASD.

Kindly request you to go throught the following links
1. https://community.hortonworks.com/content/kbentry/175124/how-pam-nss-ssd-work-together-on-linux-os.h...

2. https://community.hortonworks.com/content/kbentry/175230/how-hdfs-apply-ranger-policies.html

3. https://docs.hortonworks.com/HDPDocuments/Ambari-2.6.0.0/bk_ambari-security/content/setting_up_hadoo...

as long as one is able to do kinit and id username, hdfs groups username on the OS seamlessly, hadoop should work fine.