Its Solved after upgrading to 1.14.0 ... View more

Its Solved in the latest version 1.14.0. I'm not sure if they addressed this issue in later releases of 1.13 version ... View more

Hi Matt,   Thank you very much for taking the time and explaining how this process works. I spent a lot of time trying to troubleshoot the issue and I think I was able to resolve. what caught my eye in other similar post is the case of DN being authenticated and authorized which what you also highlighted "...which means the DN form that clientAuth certificate is going to be the user that needs to be authorized for both the "retrieve Site-To-Site details" and "receive data via site-to-site" NiFi authorization policies". Im not a security expert here but I assume DN refers to Domain, right? In any case for me to resolve this issue I had to do the following:   1- In the "SiteToSiteBulletinReportingTask" properties I kept the default value for "Instance URL" which is "http://${hostname(true)}:8080/nifi" despite my nifi instance is being secured. Im stil not very clear what this value is for and the tutorial doesnt give much info on and I always thought it has to match what is set for the Destination URL but its not.   2- In Nifi I have added the user "CN=localhost , OU=NIFI" and made sure to give it all kind of permission including view & modify data. Im thinking since my domain is "locahost" and the domain "DN" is what is being authenticated\authorized I needed to create this user account.   3- In the nifi.properties file I made sure the following properties are set as follows:          nifi.remote.input.host=          nifi.remote.input.secure=          nifi.remote.input.socket.port=8080          nifi.remote.input.http.enabled=true     If I set the "nifi.remote.input.secure" to true then I will keep getting 403 Forbidden error  despite my instance is secured!   Not sure if all of the above helped or combination of it but at least its working and I'm able to replicate playing with those parameters. Im hoping someone from the Nifi community can maybe elaborate more on this to confirm as Im not a security expert. Thank you.     ... View more

OK, Its unfortunate that  I did not get any help from the support community about this but the good news after several trials and many hours I was able to resolve it and Im sharing my experience to help those who might get stuck in the future regarding the same issue:   1- No need to set up any of the TLS properties if you are connecting to LDAP:// url and not LDAPS://. You can comment or remove this part. 3- Authentication Strategy: SIMPLE 2- Manager DN: if you are using windows  open Active Directory Administrative Center  (can be installed ). Do global search for one of the accounts you are familiar with and going to use, once located right click to select properties, scroll down to Extensions section and click Attribute Editor tab, locate the distinguishedName attribute and that will be the value to use in the Manager DN. It will be something like : CN=lastName.FirstName,OU=Standard Users,OU=Users,OU=LocationOU,OU=OrgName,OU=SomeOU,OU=AnotherOU,DC=DomainName,DC=com 3- Manager Password: the selected account password from above. 4-Url: The Ldap url, example : LDAP://ldap.DomainName.com/ 5- User Search Base: Use the Same string from Step 2 without the the account CN, Example: OU=Standard Users,OU=Users,OU=Location,OU=OrgName,OU=SomeOU,OU=AnotherOU,DC=DomainName,DC=com 6- User Search Filter:  This is what you will use to add user and login to nifi. What worked for me is the  "sAMAccountName={0}" which you can find set under the Attribute Editor (step 2)  and it refers to search by the user name (example: lastname.firstname). 7- Identity Strategy: USE_USERNAME   8- Make sure to add the provider name (Example: ldap-provider) to nifi.properties. 9- Restart nifi. 10- using the default admin account created when setting up secure TLS on the installation server (Example: my_username) to add the AD user to Users and Set the Policies using user name from above. 11- From another machine launch nifi from the browser and you should be prompted to log in. Login using the same account credential you added to nifi and you should be in.   Other helpful information can be found: https://pierrevillard.com/2017/01/24/integration-of-nifi-with-ldap/comment-page-1/   good luck.         ... View more

Can someone help please. Im trying to run a test pilot for to see if Nifi can be adapted as tool of choice. The tool is impressive in terms of capabilities and out of the box components but It cant be used if its not easily integrated with our environment. I tried calling support on the phone and left a message, contacted sales via email but no response. One of the factor we have to adapt a tool is the ease of getting support when needed and so far the coulder community is not showing that unless Im doing something wrong.   ... View more

Can someone answer my question please? Thank you ... View more