Sorry, I missed the jar file...  But I actually got it working...  Turns out we thought going to "Clusters" - selecting the cluster - Actions - Restart, did not actually restart the necessary services. Every change I made, no matter how drastic, it still reported the same errors in the log.   After finding the correct way to restart the necessary services [Link], the errors started to make more sense. Now I cannot get it to work using “Active Directory,” I wonder if because of referrals [Link], but it does work using LDAP now which is fine by us… Thanks for the help/insight! ... View more

I have tried everything I can think of - but it always fails.  I can query with no problems using the ldapsearch from the shell of the Cloudera server; however, no matter the configuration it seems to fail...   Authentication failure for user: 'username' from x.x.x.x Incorrect result size: expected 1, actual 0 LDAP/AD authentication failure for username@domain.org Bad credentials LDAP/AD authentication failure for DOMAIN\username Bad credentials I have tried a simplier password for the bind account, more narrowed/broad user/group base DNs, different user accounts for the bind, various search filters...   We have 2x domains (1x domain.org & a sub domain - intranet.domain.org) the host I am pointing the config to is a domain controller for intranet.domain.org - all the users sit in this domain.   I have tried with a blank and populated A.D. directory domain... ... View more

Thank you, that path does not show when doing an LS under /var/log, but cd /var/log/cloudera-scm-server does work... I made a few attempts using different username styles (username, username@domain.org, domain/username) and in the log it says "LDAP/AD authentication failed" / "Authentication failure for user: 'username' from x.x.x.219" for each attempt... this is my personal account and I know I am entering my password correctly.   I also know I am a member of the group "UsrGrpFullAdmin" which is the group configured to be "LDAP Full Administrators Group."   Could this suggest there is a problem with the bind account (which is different then the account I am using to log in via the main page).  How should the bind account be typed for A.D.? (i.e.)   CN=username,OU=Hadoop,OU=Prod,OU=ServiceAccounts,OU=Users,OU=Site,DC=domain,DC=org username username@domain.org  I ran the following successfully from the Cloudera Management server via SSH: ldapsearch -h x.x.x.x -b OU=Site,DC=domain,DC=org -x -w 'password' -D CN=username,OU=Hadoop,OU=Prod,OU=ServiceAccounts,OU=Users,OU=Site,DC=domain,DC=org sAMAccountName=endusername   What was interesting, it was finicky with the password.  But with the single quotes it was successful.  Both the server via IP and FQDN worked.   Are there any limitations regarding the password or what not? ... View more