Cloudera Community
Frank168
user rank
Explorer
My Accepted Solutions
Show All

Re: User Search Base in NiFi LDAP

by Explorer in Support Questions
‎03-04-2026 07:37 PM
‎03-04-2026 07:37 PM
Ok, after further testing, it works with the page size set at 300 when I selected the OU with just under 4000 users. If I change the user search base to a parent OU with much more users e.g. 50000,  it didnt seem to work no matter what page size I set. And logs not showing any errors. However it was actually still loading I think, but NiFi is not accessible during that period. What I found out is that after 30 - 35 minutes, NiFi is accessible. Not sure if its the size or something else, if I change the sync interval from 30 minutes to 10 minutes, it still took at least 30 minutes to make NiFi accessible. Taken your point, will be using the user search filter (only if they are a member of particular AD groups) to manage the expected users to be loaded in NiFi. ... View more

Re: User Search Base in NiFi LDAP

by Explorer in Support Questions
‎03-03-2026 09:37 PM
‎03-03-2026 09:37 PM
Thanks Matt. The user search filter is set with this value: (sAMAccountName={0}) and yes, Referral Strategy set to FOLLOW. No exceptions in the user log. When I set the base dn to a parent OU, it returns roughly 1700 users. I did try to set a page size, but when I do that, NiFi fails to start. Let me try again and set it to a smaller number, and see if works. ... View more

User Search Base in NiFi LDAP

by Explorer in Support Questions
‎03-02-2026 09:15 PM
‎03-02-2026 09:15 PM
I am trying to setup LDAP in NiFi (v2.5.0) , and run into issues that it doesnt show all users from sub-ous, User Search Base: ou=Users,dc=example,dc=com, and User Search Scope is SUBTREE It shows some users, but not all. If I change the User search base to the exact sub OU, and then it will show the expected users, e.g.  ou=XYZ,ou=ABC,ou=Users,dc=example,dc=com I thought by specifying the user search base at a higher level, with substree as the search scope, it should list all users below? Can someone advise anything else I should be changing in the LDAP User/Group provider settings to get this working? ... View more
Labels:

NiFi with nested AD groups

by Explorer in Support Questions
‎02-02-2026 08:00 PM
‎02-02-2026 08:00 PM
Has anyone got nested AD groups working with the ldap-user-group-provider? I have specified the group search scope using SUBTREE in the authoriser.xml. But granting the permission to the parent group A doesnt work for user A, and user A is a member of group B, and group B is a member of group A.  I can see both groups when assigning permissions  via Polices on the UI. Any advice would be appreciated. ... View more
Labels:

Re: Nifi Registry and LDAP

by Explorer in Support Questions
‎10-05-2025 03:44 PM
‎10-05-2025 03:44 PM
Thanks Matt! That was it, the referenced path to ldap-user-group-provider is incorrect.  ... View more

Nifi Registry and LDAP

by Explorer in Support Questions
‎10-02-2025 09:14 PM
‎10-02-2025 09:14 PM
I an trying to configuring NiFi regoistry (2.5.0) with LDAP, have successfully configured so I can login using AD credential. However I am not able to see users or groups from AD in the admininstration sections. I have checked the user  and group sections authorizers.xml) are the same as NiFI, as I can see users and groups when I go to Users or Policies section. I am not using LDAPS (use LDAP in the dev envirobment), and this works fine in NiFi 2.5, and just cant see why it doesnt work with NiFI registry using teh same LDAP usergroup provider settings.  Any thoughts? ... View more
Labels:
Contact Me
Online
Offline
Last Visited
‎03-09-2026 02:26 AM
Community Statistics
Member Since ‎10-02-2025 09:06 PM
Last Visited ‎03-09-2026 02:26 AM
Posts 6