@LKB  I'd expect a full stack trace in the nifi-app.log following that ERROR. The ldap-provider is configured inside the login-identity-providers.xml file.  Does your LDAP Manager password happen to contain any XML special characters?  If so, you should escape them. https://xml.silmaril.ie/specials.html Have you tried using ldapsearch to manually make a connection to your LDAPS from the server where you have NiFi installed using same manager DN, Manager password, and keystore and trustsore?  Was it successful? If you found any of the suggestions/solutions provided helped you with your issue, please take a moment to login and click "Accept as Solution" on one or more of them that helped. Thank you, Matt ... View more

@manishg  The ListFile does not pickup any files.  It simply generates a zero content NiFI FlowFile for each file found in the target directory.  That FlowFile only has metadata about the target content.  The FetchFile processor utilizes that metadata to fetch that actual content and add it to the FlowFile.  The value added here happens when you have a lot target files to ingest.  To avoid having all the disk I/o related to that content on one node, you can redistribute the zero byte FlowFiles across all nodes so that each node now in a distributed way fetches the content (This works assuming that same target directory is mounted on all NiFi cluster nodes).  As @SAMSAL shared you could use Process Group (PG) FlowFile concurrency to accomplish the processing of one FlowFile at a time. The ListFile will still continue to list all FlowFiles in target directory (writes state and continues to list new files as they get added to input directory).  You can then feed the outbound connection of your ListFile to a PG configured with "Single FlowFile Per Node" FlowFile concurrency.  This will prevent any other FlowFile queued between ListFile and the PG to enter the PG until the first FlowFile has processed through that PG.   So your first processor inside the PG would be your FetchFile processor.   Now if you were to configure Load Balanced Connection on that connection between ListFile and the PG, You would end up with each node in your NiFi cluster processing a single File at a time.  This gives you some concurrency if you want it.  However, if you have a strict one file at a time, you would not configure load balanced connection. Hope this helps, Matt ... View more

@LKB  I am not clear what you mean by "NiFi rejects" it.  What is the exact exception you are seeing. NiFi does not reject anything, the ldap endpoint would be what would be responding to the query. The "{0}" is replaced with the username string you enter in the "user" field presented by NiFi.   So let's assume you login with "user_admin".  Your configured LDAP endpoint would be queried for user with "sAMAccountName=user_admin" as an attribute. I would get the ldap listing for your user_admin user from ldap server and verify that "sAMAccountName=user_admin" exists.   sAMAccountName is an attribute more commonly associated with Active Directory (AD), but can be added to LDAP as a useable attribute with some custom ldifs. Two authentication happen here: First is the Manager DN along with Manager password is used to facilitate a connection to your ldap.  Then the supplied username via login UI is used to lookup the specific user record for password verification.   Additionally, since you are using LDAPS instead of LDAP, you are enabling a TLS encrypted connection to your LDAPS. So something else you'll want to verify is that the keystore and truststore you configured in your ldap-provider contains the necessary entries to facilitate that successful TLS connection. Something other configs that strikes me as incorrect: 1. Your user DN is "uid=user_admin,OU=USERS,DC=abc,DC=com"; however, your configured user search base is "DC=abc,DC=net".  That means your user you are trying to authenticate would not be found under that search base. 2. Your LDAPS url is missing the port number "ldaps://test.com:<port>" (commonly 636 and 3269 are defaults for ldaps).   If your LDAP support unencrypted connections you could change your "Authentication Strategy" from "START_TLS" to "SIMPLE" and then set your LDAP URL to ldap://test.com:389 (389 is default unencrypted port). Make sure you are checking your nifi-app.log and nifi-user.log for any exceptions that may be thrown as you try to login to help you troubleshoot further. If you found any of the suggestions/solutions provided helped you with your issue, please take a moment to login and click "Accept as Solution" on one or more of them that helped. Thank you, Matt ... View more

@LKB  Does the user "uid=user_admin,OU=USERS,DC=abc,DC=com" exist in your LDAP server? Also I have never seen a LDAP user entry that used a full DistinquishedName (DN) in the sAMAccountName attribute.  sAMAccountName is typically a short name for the user. NiFi does not install a LDAP/AD server or create/add users and groups to an existing LDAP/AD .  NiFi can be configured to authenticate user that already exists in some external existing LDAP/AD server. So if the login username and password would be whatever was setup in your externally installed and managed LDAP server. If you found any of the suggestions/solutions provided helped you with your issue, please take a moment to login and click "Accept as Solution" on one or more of them that helped. Thank you, Matt ... View more

@RRG  I have never used bitbucket before.  Version control of Process Groups in NiFi is handled by the NiFi-Registry service that integrates with NiFi. The NiFi-Registry service offers a GitHub integration option https://nifi.apache.org/docs/nifi-registry-docs/html/administration-guide.html#flow-persistence-providers I am not sure how interchangeable git hub is with bitbucket.  But you may want to have a look at the following on how NiFi-registry can be integrated with Github: https://community.cloudera.com/t5/Community-Articles/Storing-Apache-NiFi-Versioned-Flows-in-a-Git-Repository/ta-p/248713 If you found any of the suggestions/solutions provided helped you with your issue, please take a moment to login and click "Accept as Solution" on one or more of them that helped. Thank you, Matt   ... View more

@manishg  I am not clear, can you share the processor type where the expected data is not present? The View Status History "Record Processed" will only appear on some component "Record" type processors (example: PartitionRecord processor).  It would not exist as on processors that don't process "records".   If you found any of the suggestions/solutions provided helped you with your issue, please take a moment to login and click "Accept as Solution" on one or more of them that helped. Thank you, Matt ... View more