Hi. Could somebody help me please with composite group provider settings in authorizers. I'm not sure what should I put in "Initial admin identity" and "Initial user identity 1". 1) When I write just username (like nifi-admin) I cannot login to NiFi since I don't undertand where I can get a password. 2) When I write a full LDAP name (like uid=freeipa,cn=users,cn=accounts,dc=foo,dc=bar) I successfully log in but I cannot access a NiFi interface. 3) When I use name of user who already exists in LDAP, I get an error, that user presents in both file and LDAP provider settings. This case is configured below in my authorizers.xml file: <authorizers> <userGroupProvider> <identifier>file-user-group-provider</identifier> <class>org.apache.nifi.authorization.FileUserGroupProvider</class> <property name="Users File">./conf/users.xml</property> <property name="Legacy Authorized Users File"></property> <property name="Initial User Identity 1">freeipa</property> <property name="Initial User Identity A">CN=nifi1.foo.bar, OU=NIFI</property> </userGroupProvider> <authorizers> <userGroupProvider> <identifier>file-user-group-provider</identifier> <class>org.apache.nifi.authorization.FileUserGroupProvider</class> <property name="Users File">./conf/users.xml</property> <property name="Legacy Authorized Users File"></property> <property name="Initial User Identity 1">freeipa</property> <property name="Initial User Identity A">CN=nifi1.foo.bar, OU=NIFI</property> </userGroupProvider> <userGroupProvider> <identifier>ldap-user-group-provider</identifier> <class>org.apache.nifi.ldap.tenants.LdapUserGroupProvider</class> <property name="Authentication Strategy">SIMPLE</property> <property name="Manager DN">uid=freeipa,cn=users,cn=accounts,dc=foo,dc=bar</property> <property name="Manager Password">********</property> <property name="Referral Strategy">FOLLOW</property> <property name="Connect Timeout">10 secs</property> <property name="Read Timeout">10 secs</property> <property name="Url">ldap://192.168.1.1:389</property> <property name="Sync Interval">30 mins</property> <property name="Group Membership - Enforce Case Sensitivity">false</property> <property name="User Search Base">cn=users,cn=accounts,dc=foo,dc=bar</property> <property name="User Object Class">posixaccount</property> <property name="User Search Scope">ONE_LEVEL</property> <property name="User Identity Attribute">uid</property> <property name="User Group Name Attribute">memberOf</property> <property name="User Group Name Attribute - Referenced Group Attribute"></property> <property name="Group Search Base">cn=groups,cn=accounts,dc=foo,dc=bar</property> <property name="Group Object Class">posixgroup</property> <property name="Group Search Scope">ONE_LEVEL</property> <property name="Group Member Attribute">member</property> <property name="Group Member Attribute - Referenced User Attribute"></property> </userGroupProvider> <userGroupProvider> <identifier>composite-configurable-user-group-provider</identifier> <class>org.apache.nifi.authorization.CompositeConfigurableUserGroupProvider</class> <property name="Configurable User Group Provider">file-user-group-provider</property> <property name="User Group Provider 1">ldap-user-group-provider</property> </userGroupProvider> <accessPolicyProvider> <identifier>file-access-policy-provider</identifier> <class>org.apache.nifi.authorization.FileAccessPolicyProvider</class> <property name="User Group Provider">composite-configurable-user-group-provider</property> <property name="Authorizations File">./conf/authorizations.xml</property> <property name="Initial Admin Identity">freeipa</property> <property name="Legacy Authorized Users File"></property> <property name="Node Identity 1">CN=nifi1.foo.bar, OU=NIFI</property> <property name="Node Group"></property> </accessPolicyProvider> <authorizer> <identifier>managed-authorizer</identifier> <class>org.apache.nifi.authorization.StandardManagedAuthorizer</class> <property name="Access Policy Provider">file-access-policy-provider</property> </authorizer> </authorizers> Thank you. ... View more