Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

how to drop "ranger.usersync.ldap.ldapbindpassword" using config.sh script

Solved Go to solution
Highlighted

how to drop "ranger.usersync.ldap.ldapbindpassword" using config.sh script

Expert Contributor

I am trying to automate ranger ldap integration. I am stuck at on how to drop "ranger.usersync.ldap.ldapbindpassword" value using ambari "config.sh" script ?

Can you please guide on how to achieve this ?

I tried to check in working cluster which has ranger ldap integrated and the output is as below -

# ./configs.sh -u admin -p admin -port 8080  get `hostname` hdptest ranger-ugsync-site |grep ldapbind
"ranger.usersync.ldap.ldapbindpassword" : "SECRET:ranger-ugsync-site:11:ranger.usersync.ldap.ldapbindpassword",

Not sure how the password is stored or taken in the value.

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted

Re: how to drop "ranger.usersync.ldap.ldapbindpassword" using config.sh script

Super Mentor

@Sagar Shimpi

Not sure if i understood the query correctly... But i tried this

1. Get the "ranger-ugsync-site" config as following using "action=get"

# /var/lib/ambari-server/resources/scripts/configs.py --user=admin --password=admin --port=8080 --action=get --host=localhost --cluster=plain_ambari --config-type=ranger-ugsync-site --file=/tmp/ranger-ugsync-site_payload.json

2. Edited the file "/tmp/ranger-ugsync-site_payload.json" and changed the value of property "ranger.usersync.ldap.ldapbindpassword" in clear text like "ABCD..blah..blah"

3. set this file back using the following command. (action=set)

# /var/lib/ambari-server/resources/scripts/configs.py --user=admin --password=admin --port=8080 --action=set --host=localhost --cluster=plain_ambari --config-type=ranger-ugsync-site --file=/tmp/ranger-ugsync-site_payload.json

.

Done.

In order to verify the password was set correctly or not i then tried to get the value again:

#  /var/lib/ambari-server/resources/scripts/configs.py --user=admin --password=admin --port=8080 --action=get --host=localhost --cluster=plain_ambari --config-type=ranger-ugsync-site | grep 'ldapbindpassword'

  "ranger.usersync.ldap.ldapbindpassword": "SECRET:ranger-ugsync-site:3:ranger.usersync.ldap.ldapbindpassword",

.

View solution in original post

3 REPLIES 3
Highlighted

Re: how to drop "ranger.usersync.ldap.ldapbindpassword" using config.sh script

Expert Contributor
Highlighted

Re: how to drop "ranger.usersync.ldap.ldapbindpassword" using config.sh script

Super Mentor

@Sagar Shimpi

Not sure if i understood the query correctly... But i tried this

1. Get the "ranger-ugsync-site" config as following using "action=get"

# /var/lib/ambari-server/resources/scripts/configs.py --user=admin --password=admin --port=8080 --action=get --host=localhost --cluster=plain_ambari --config-type=ranger-ugsync-site --file=/tmp/ranger-ugsync-site_payload.json

2. Edited the file "/tmp/ranger-ugsync-site_payload.json" and changed the value of property "ranger.usersync.ldap.ldapbindpassword" in clear text like "ABCD..blah..blah"

3. set this file back using the following command. (action=set)

# /var/lib/ambari-server/resources/scripts/configs.py --user=admin --password=admin --port=8080 --action=set --host=localhost --cluster=plain_ambari --config-type=ranger-ugsync-site --file=/tmp/ranger-ugsync-site_payload.json

.

Done.

In order to verify the password was set correctly or not i then tried to get the value again:

#  /var/lib/ambari-server/resources/scripts/configs.py --user=admin --password=admin --port=8080 --action=get --host=localhost --cluster=plain_ambari --config-type=ranger-ugsync-site | grep 'ldapbindpassword'

  "ranger.usersync.ldap.ldapbindpassword": "SECRET:ranger-ugsync-site:3:ranger.usersync.ldap.ldapbindpassword",

.

View solution in original post

Highlighted

Re: how to drop "ranger.usersync.ldap.ldapbindpassword" using config.sh script

Expert Contributor

@Jay Kumar SenSharma It worked. thanks you alot for quick help.

Don't have an account?
Coming from Hortonworks? Activate your account here