@Frank168  Unfortunately, Apache NiFi does not support Nested Groups. There is an existing Apache NiFi Jira (NIFI-8035) for such an improvement, but it has never been implemented.  The existing implementation of the ldap-user-group-provider would treat all members of a group as users and does not validate the type of member.  Any change here would require NiFi to retrieve the object class of all members of a group and then conduct another search of any that were of identified as a group to retrieve their members and so on until all users are identified throughout the entire nested group tree.    Something to keep in mind here is that all the user and group identities along with associations are held in the NiFi heap memory on every node.  So doing such could result in a lot of user and groups consuming NiFi heap memory.   You should configure your Ldap-user-group-provider to sync only the groups from which users exist that will be accessing your NiFi limiting the length of time it takes to sync every 30 minutes and the heap memory impact.   Please help our community grow. If you found any of the suggestions/solutions provided helped you with solving your issue or answering your question, please take a moment to login and click "Accept as Solution" on one or more of them that helped. Thank you, Matt ... View more

@hegdemahendra  Did you take heap dumps to confirm which class was consuming the heap? Any thread dump analysis when heap usage was growing? What incorrect values were configured that you feel led to this component consuming large amounts of heap memory? Not really finding any known issues of memory with this consumeKafka processor.  Any details you can provide (processor configuration, log exceptions while it was running with bad config, etc) may help. Thank you, Matt ... View more

@zzzz77  FlowFile Metadata/attributes are held in NiFi Heap memory.  For queued FlowFiles, there is a configurable swap threshold in the nifi.properties that will swap batches of 10,000 FlowFIle's worth for metadata/attributes to disk when the threshold is met.  This swapping is there to minimize excessive heap usage when queues grow large.  The NiFi Content is not held in heap memory; however, some processor may need to read the content into heap memory for the processor to perform it's function.    You will notice if you look at the individual components documentation that a "System Resource Considerations" section exists.  If Heap memory usage is a concern for that processor, it will be documented there.  SplitContent processor docs example: Processors like SplitContent will hold the all the FlowFile metadata/attributes (not content) for every split FlowFIle being produced in heap memory until all the output FlowFiles have been produced and committed to the downstream connection.  These FlowFiles being produced can not be swapped to disk until they committed to the downstream connection.  So if a splitContent were to produce 50,000 split FlowFiles, the attributes for all 50,000 would be held in heap.  After committed to the downstream connection. 40,000 of those would get swapped to disk based on default swap thresholds. So heap impact would spike but not persist.  Since you have not shared the specific of your dataflow in question (which processors you are using), I can't provide any specific feedback.   Where is the chunking and de-chunking happening?  Sounds like this may be happening at source and at destination. NiFi is just moving these chunks from source to destination.  How are you sending the chunks to NiFi and transferring them to destination?   Please help our community grow. If you found any of the suggestions/solutions provided helped you with solving your issue or answering your question, please take a moment to login and click "Accept as Solution" on one or more of them that helped. Thank you, Matt ... View more

@MattWho  1. I am using java version 21 2. Using Windows 10  Version number (22H2) 3.  I am using Chrome. Tried to use Mozailla it's still same problem. when I click "view content" it open a new tab with request "https://localhost:8443/nifi/#/content-viewer/?ref....." then immediately it changes to "https://localhost:8443/nifi/#/error" I have opened the DevTools and tried to see the response but nothing appears in the response tab  . I am trying to solve this from last week   ... View more

Pinging directly will not work as it is behind the firewall.  We need to use curl pointing to the proxy to connect to cloudera.com at the OS level (could be any internet hostname) My previous responses tested using curl calling our proxy server at the OS level where NiFi is running and it is working. Only NiFi using Configuration service (Proxy server: HTTP) seems to broken with 2.7.2.  Before the upgrade from 1.26 to 2.7.2, NiFi worked connecting to cloudera using our own proxy server. ... View more

@MattWho  Wow! I think this pattern would work best for my usecase. I hadn't even considered the first challenge you brought up of production flows having their Parameter Context unassigned if I were to update their version. That would've been painful to find out after deploying many instances.   Back in NiFi 1 I used to handle situations such as this with variables, since they could just be directly attached to Process Groups and so I never had to worry about creating separate objects (parameters) and ensuring they get attached, or that every new instance of a versioned flow had to have its own unique context created. It's been a couple years but I believe I even questioned Pierre about this in one of his appearances in the Israeli NiFi meet-ups.   In regards to product work, I've ran into this case of trying to use NiFi as the underlying tool for different SaaS platforms multiple times already. There could definitely be some QoL changes made to make such a use-case easier to implement with NiFi's flow registry, I guess the responsibility lies in people like me opening issues to bring them though 🙂   Thank you very much for the suggestions Matt! Green ... View more

Hello @MattWho thanks for the information.  I'm already running the process only on the Primary node.  I will monitor and take a thread dump if it occurs again.  ... View more

I regenterate the keystore with the common server name.  Nifi UI works but I thought I can find the username/password in the nifi-bootstrap.log  I found the username and password encrypted in login-identity-providers.xml how can I decrypt them, or should I generate a new username/password and how? thank you. BN           ... View more