I have solved it. It was a connection problem as logs stated. I had to modify /etc/hosts file. servers have two network card. I switched ip-names of two card. ... View more

I have solved it with the help of this article Working shiro_ini_content: # Sample LDAP configuration, for Active Directory user Authentication, currently tested for single Realm [main] ldapRealm=org.apache.zeppelin.realm.LdapRealm ldapRealm.contextFactory.systemUsername=cn=hadoop_srv,ou=hadoop,dc=datalonga,dc=com ldapRealm.contextFactory.systemPassword=hadoop_srv_password ldapRealm.contextFactory.authenticationMechanism=simple ldapRealm.contextFactory.url=ldap://datalonga.ldap:389 # Ability to set ldap paging Size if needed; default is 100 ldapRealm.pagingSize=200 ldapRealm.authorizationEnabled=true ldapRealm.searchBase=OU=hadoop,dc=datalonga,dc=com ldapRealm.userSearchBase=dc=datalonga,dc=com ldapRealm.groupSearchBase=OU=hadoop,dc=datalonga,dc=com ldapRealm.userObjectClass=person ldapRealm.groupObjectClass=group ldapRealm.userSearchAttributeName = sAMAccountName # Set search scopes for user and group. Values: subtree (default), onelevel, object ldapRealm.userSearchScope = subtree ldapRealm.groupSearchScope = subtree ldapRealm.userSearchFilter=(&(objectclass=person)(sAMAccountName={0})) ldapRealm.memberAttribute=member # Format to parse & search group member values in 'memberAttribute' ldapRealm.memberAttributeValueTemplate=CN={0},OU=hadoop,dc=datalonga,dc=com # No need to give userDnTemplate if memberAttributeValueTemplate is provided #ldapRealm.userDnTemplate= # Map from physical AD groups to logical application roles #ldapRealm.rolesByGroup = "hadoop_grp":admin_role,"hadoop":hadoop_users_role # Force usernames returned from ldap to lowercase, useful for AD ldapRealm.userLowerCase = true # Enable support for nested groups using the LDAP_MATCHING_RULE_IN_CHAIN operator ldapRealm.groupSearchEnableMatchingRuleInChain = true sessionManager = org.apache.shiro.web.session.mgt.DefaultWebSessionManager ### If caching of user is required then uncomment below lines cacheManager = org.apache.shiro.cache.MemoryConstrainedCacheManager securityManager.cacheManager = $cacheManager securityManager.sessionManager = $sessionManager securityManager.realms = $ldapRealm # 86,400,000 milliseconds = 24 hour securityManager.sessionManager.globalSessionTimeout = 86400000 shiro.loginUrl = /api/login [urls] # This section is used for url-based security. # You can secure interpreter, configuration and credential information by urls. Comment or uncomment the below urls that you want to hide. # anon means the access is anonymous. # authc means Form based Auth Security # To enfore security, comment the line below and uncomment the next one #/api/version = anon /api/interpreter/** = authc, roles[admin_role,hadoop_users_role] /api/configurations/** = authc, roles[admin_role] /api/credential/** = authc, roles[admin_role,hadoop_users_role] #/** = anon /** = authc ... View more

I solved it. I learned mysqld pid with: top then killed it kill 24678 I started mysqld : service start mysqld Then I retried from Ambari. It worked. The problem was: service mysqld stop couldn't stop mysqld. ... View more