Support Questions

Find answers, ask questions, and share your expertise

impala-shell ldap login without password

avatar
Explorer

Hello,

 

Connecting impala shell using below options is prompting to enter user password.

impala-shell -i impala-node:21000 -l -u username --auth_creds_ok_in_clear

 

How can we login to impala-shell without entering LDAP user password?

 

Tried to add password in $HOME/.impalarc file and tried, but it didn't worked.

 

Appreciate any help on this.

6 REPLIES 6

avatar
Expert Contributor

You can use --ldap_password_cmd="echo <mypassword>" (or something more secure if you so wish).

 
Best,
Henry

avatar
Explorer

Thank you @HenryR for your reply!

 

I have tried this option, but it is not accepting. 

$ impala-shell -i impala-host:21000 -l -u usernam --ldap_password_cmd="PASSWORD" --auth_creds_ok_in_clear
Starting Impala Shell using LDAP-based authentication
Error retrieving LDAP password (command was: 'PASSWORD', exception was: '[Errno 2] No such file or directory')

avatar
Rising Star

You forgot the echo.

avatar
Explorer

When I tried with --ldap_password_cmd="echo 'PASSWORD'" , getting below error.

 

Starting Impala Shell using LDAP-based authentication
Error connecting: TTransportException, TSocket read 0 bytes
***********************************************************************************
Welcome to the Impala shell. Copyright (c) 2015 Cloudera, Inc. All rights reserved.
(Impala Shell v2.6.0-cdh5.8.2 (f25aa5b) built on Sun Sep 11 11:36:30 PDT 2016)

Press TAB twice to see a list of available commands.
***********************************************************************************
\nLDAP authentication is enabled, but the connection to Impala is not secured by TLS.
ALL PASSWORDS WILL BE SENT IN THE CLEAR TO IMPALA.

[Not connected] >

avatar
Explorer

I faced similar issue try to use echo with -n option to solve the problem.

--ldap_password_cmd='echo -n PASSWORD'

 

it worked for me and i am able to login to the impala-shell without any prompt for password.

avatar
New Contributor

Hi All,

I was facing the same issue where echo command was working but cat command was creating problem and locking the account due to extra $ character in password file. When you will cat the password file using -e option you will get an extra $ character at the end cat -e impala_passwd.pwd  = mypass1234$  extra $ is culprit.

You need to remove it using tr command or create the file in windows using notepad put your password and tranfer it to the linux server and it shall work.

 

impala-shell -l --auth_creds_ok_in_clear --impalad=node2:21000 -u user1 --ldap_password_cmd='cat /home/user1/auto_impala.pwd'