Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

Who agreed with this topic

Authorization questions LDAP

Rising Star

 Hi, I'm trying to enable authorization system in Cloudera.

I'm reading this link https://www.cloudera.com/documentation/enterprise/5-3-x/topics/cm_sg_ldap_grp_mappings.html .

Q0: Why can we use LdapGroupsMapping in production environment? I would like to use Apache Zeppline to integreted Apache Spark. I would like to use LDAP as a unifined account system.

Q1: If I use org.apache.hadoop.security.ShellBasedUnixGroupsMapping, Should I create users and groups in EVERY host in my cluster?

Q2: If I use org.apache.hadoop.security.LdapGroupsMapping. When new users and groups are created, will they sync to EVERY host in my cluster?

Q3:When adding new service in Cloudera Manager, for example, kafka service, will `kafka` user created both in LDAP database and EVERY host in my cluster?

Q4: I've enabled MIT kerberos in my cluster. Can I submit task from Windows IDE with proper kerberos keytab files. For example, using impyla in Python in Windows machine.

Who agreed with this topic