About jayGenesis

jayGenesis · ‎08-16-2021

Hi All, So i'm on the latest CDP public cloud trial with AWS, i've successfullly registered an environment and datalake on AWS, I've also added my old CDH 6.3.2 cluster to the CDP platform successfully. I went through replication manager creating policy process, it validated successfully, but when i actually ran the policy, it gave me the error " bad request (policydefinition.hive.externaltable.basedirectory:must be a valid cloud storage path) , can someone help me on this? I'm all at lost

jayGenesis · ‎03-08-2021

Hi all, I've recently set up HDFS with LDAP group mapping, I'm doing it through the cloudera manager, CDH6.3. Everything looks like it was working, i can see the hdfs does recognize my ldap users and the groups, but it doesn't show all the groups my ldap user belongs to, it only shows the primary group. As you can see from below, my ldap user "jchiang" is in primary group testgroup and secondary group red, but the hdfs only shows testgroup. I'm using openldap as my ldap directory. Is there a way to get all the ldap groups show up? I've included my hdfs ldap config below, I assume maybe there's something in the group filter i need to change? thanks [jchiang@ip-172-0-0-203 ~]$ hdfs groups jchiang : testgroup [jchiang@ip-172-0-0-203 ~]$ groups testgroup red Hadoop User Group Mapping Implementation hadoop.security.group.mapping : org.apache.hadoop.security.LdapGroupsMapping Hadoop User Group Mapping LDAP User Search Filter hadoop.security.group.mapping.ldap.search.filter.user: (&(objectClass=posixAccount)(uid={0})) Hadoop User Group Mapping LDAP Group Search Filter hadoop.security.group.mapping.ldap.search.filter.group: (objectclass=posixGroup) Hadoop User Group Mapping LDAP Group Membership Attribute hadoop.security.group.mapping.ldap.search.attr.member: memberUid Hadoop User Group Mapping LDAP Group Name Attribute hadoop.security.group.mapping.ldap.search.attr.group.name: cn

jayGenesis · ‎02-19-2021

Hi tmater, sorry for the delay, yea the user does exist in the directory in that OU. I actually do have an update on this, so originally the cloudera cluster(on AWS network) authenticates against my ldap server(on premise office network) via the WAN traffic. I did open port 389 and 636 both UDP and TCP on my ldap server and firewall. That didn't work. I just finished setting up a VPN tunnel between AWS and on premise network, I use the LAN ip for ldap settings on impala, and now it works. So i'm not sure if there's any additional ports needed to be open for the impala LDAP authentication or I did something wrong. But everything works now through the ldap and VPN tunnel.

jayGenesis · ‎02-11-2021

Hi, I've pretty much read through all the articles and questions about this, but i'm still having issues. the ldap user is definitely there and i can query through ldap port:389. I've set up the HUE ldap to authenticate against my openldap server, it works great. But i couldn't get the impala ldap setup to work. I'm using CDH 6.3. I configured impala ldap settings through CM gui, services restarted okay after the config Advanced Configuratoin snippet(safety valve) :--ldap_passwords_in_clear_ok=true Enable LDAP Authentication: checked LDAP URL: ldap://myldapFQDN:389 LDAP BaseDN: ou=users,dc=ldap,dc=xxx,dc=com Error when using cloudera impala jdbc driver to connect, it worked with AuthMech=0 before I enabled LDAP drv <- RJDBC::JDBC("com.cloudera.impala.jdbc4.Driver", "/opt/jars/ImpalaJDBC4.jar") con <- dbConnect(drv, "jdbc:impala://impalaDaemonIP:21050;AuthMech=3;UID=myuser;PWD=mypassword") Error in .jcall(drv@jdrv, "Ljava/sql/Connection;", "connect", as.character(url)[1], : java.sql.SQLException: [Cloudera][ImpalaJDBCDriver](500176) Error connecting to HiveServer2, please verify connection settings. Error when using the impala-shell impala-shell -i impalaDaemonIP -d default -l -u myuser --auth_creds_ok_in_clear prompted password and entered Socket error None: timed out *********************************************************************************** Welcome to the Impala shell. (Impala Shell v3.2.0-cdh6.3.2 (1bb9836) built on Fri Nov 8 07:22:06 PST 2019) Press TAB twice to see a list of available commands. *********************************************************************************** LDAP authentication is enabled, but the connection to Impala is not secured by TLS. ALL PASSWORDS WILL BE SENT IN THE CLEAR TO IMPALA. [Not connected] > /var/log/impalad/impalad.INFO log info I0211 21:51:14.585675 63449 thrift-util.cc:123] TAcceptQueueServer: Caught TException: invalid sasl status I0211 22:00:26.182997 63450 authentication.cc:254] Trying simple LDAP bind for: uid=myuser,ou=users,dc=ldap,dc=xxx,dc=com W0211 22:02:33.461439 63450 authentication.cc:261] LDAP authentication failure for uid=myuser,ou=users,dc=ldap,dc=xxx,dc=com : Can't contact LDAP server E0211 22:02:33.461570 63450 authentication.cc:164] SASL message (LDAP): Password verification failed

jayGenesis · ‎01-29-2021

Hi Guys, need some help here, has anyone done a reset on cloudera director password before?

jayGenesis · ‎01-23-2021

Is there anyway i can reset the director admin password?

jayGenesis · ‎01-21-2021

I know this is a stupid mistake, I've recently changed my default admin credential for director, and i can't seem to log in with the credentials anymore, i've seen a lot of topics regarding cloudera manager, but nothing for the director admin password reset yet, any help is appreicated, thanks

Online	Offline
Last Visited	‎03-30-2023 03:58 PM

Member Since	‎01-21-2021 07:41 AM
Last Visited	‎03-30-2023 03:58 PM
Posts	7

Cloudera Community

Re: Impala LDAP authentication issues

CDP replication manager copy impala dbs from a cla...

HDFS LDAP with openldap only shows primary group

Re: Impala LDAP authentication issues

Impala LDAP authentication issues

Re: cloudera atlus director 6.3 admin password res...

Re: cloudera atlus director 6.3 admin password res...

cloudera atlus director 6.3 admin password reset