@Neeraj Sabharwal I get this error: Error: Could not open client transport with JDBC Uri: jdbc:hive2://localhost:10010/default: Peer indicated failure: Error validating the login (state=08S01,code=0) Which means that LDAP auth doesn't work. Also you can see that HUE is also not working (beeswax also complains on authentication problem) ... View more

@Neeraj Sabharwal The linux server where hive is installed isn't connected to AD. We only use local accounts. But - hive is a service, just like Ambari & Hue. To Ambari & Hue which are running on the same machine we login using our AD accounts, because those services are configured to authenticate using AD. ... View more

@Neeraj Sabharwal This documentation is about group mapping. It is useful when you want to add permission to groups from AD to HDFS (this is why the mapping is done in core-site.xml which is in HDFS). Unfortunately it has nothing to do with hive authentication :( If your hive is set to authenticate against AD - could you maybe look in your hiveserver2.log and check for anything regarding LDAP during hive startup ? Maybe it will give a clue. ... View more

@Neeraj Sabharwal I went through the text file you uploaded and you can see these values in my hive-site.xml file. LDAP is there and also the LDAP url. I also added hive.server2.authentication.ldap.Domain because we use Active Directory (Not openLDAP). What i'm missing is the manager dn. There has to be a value where i set a user for authenticating against Active Directory but i don't find anything in your documentation about it. I did setup authentication for HUE & Ambari without problems and both use a specific user for authentication... ... View more

@Neeraj Sabharwal Sure, hive-site.xml FYI - i've marked out the domain controller name for security reasons. In the original file the real name is there of course. ... View more

@Alex Miller Hi Alex and thank you for your reply. I did add the hive.server2.authentication.ldap.Domain property with my domain name, and i'm configuring everything while HIVE is completely shutdown - so it's definitely not a restart problem. What i don't understand is where do i setup the user that is in charge of authentication against AD ? Where is the manager dn value located ? Maybe it's also a custom value ? ... View more

During the HiveServer2 startup i see that error in the log (52e) - so HiveServer2 has some sort of configuration problem regarding LDAP. There must be a property in which i setup a user & password for HS2 to check authentication against LDAP but i can't find any... (I've managed to configure Ambari to use LDAP, and HUE to use LDAP, and even Ranger's user sync - all of them use a manager DN or a bind DN. But where is this value in HS2 config ?? ... View more

The HiveServer2 acts the same if the security is set to LDAP or NONE, and it shouldn't. When set to NONE - as long as my user has authorization for a specific table - i can query it without authentication against LDAP. (hence - NONE. no Authentication needed). When set to LDAP, if setup is correct, i won't be able to query anything without connecting using my credentials. ... View more

@Neeraj Sabharwal The beeline in the documentation is just an example for how to test the configuration. My problem is when i use third party querying tools such as SQLdeveloper (or even IBM cognos) - i'm able to connect to the hive, see tables and query - without providing any password or with providing wrong password (As if the Security is set to NONE). ... View more

@Neeraj Sabharwal ... View more