Make Hadoop more accessible by integrating multiple LDAP Servers

Published on 29 May 2014 in Administration - 2 minutes read - Last modified on 04 February 2020

Hue 3.6 (coming up this week) LDAP configuration has been drastically improved to enable multiple server support. Here is a quick guide on how to configure LDAP in Hue using this new configuration model.

How it works

As described in How to Make Hadoop Accessible to your Employees with Hue, there are several configuration parameters available. These have been transferred over to the new way of configuring LDAP: server declarations.

 

Adding users through Useradmin with multiple server declarations

Server declarations

You can have multiple LDAP servers configured in the hue.ini by providing multiple server declarations:

[desktop]
    
[[ldap]]
      
[[[ldap_servers]]]
        
[[[[server1]]]]
        
ldap_url=ldap://127.0.0.1
        
create_users_on_login=true
        
base_dn="dc=sub1.dc=example,dc=com"
        
[[[[[users]]]]]
          
user_filter="(objectClass=user)"
          
user_name_attr="uid"
        
[[[[[groups]]]]]
          
group_filter="(objectClass=group)"
          
group_name_attr="cn"
          
group_member_attr="member"

[[[[server2]]]]
        
ldap_url=ldap://127.0.0.2
        
create_users_on_login=true
        
base_dn="dc=sub2,dc=example,dc=com"
        
[[[[[users]]]]]
          
user_filter="(objectClass=user)"
          
user_name_attr="uid"
        
[[[[[groups]]]]]
          
group_filter="(objectClass=group)"
          
group_name_attr="cn"
          
group_member_attr="member"
  

 

The names “server1” and “server2” will be selectable by users when authenticating and admins when managing users. In the example above, the configuration parameters are exactly they would be in the original LDAP configuration, except on a per-server basis. The only parameters that are not defined on a per-server basis are:

  • create_users_on_login
  • ignore_username_case
  • force_username_lowercase

 

To be more explicit, the parameters that are available to server declarations are:

  • base_dn
  • nt_domain
  • ldap_url
  • use_start_tls
  • ldap_cert
  • ldap_username_pattern
  • bind_dn
  • bind_password
  • users
    • user_filter
    • user_name_attr
  • groups
    • group_filter
    • group_name_attr
    • group_member_attr

 

For more information on what these parameters do, check out How to Make Hadoop Accessible to your Employees with Hue.

Backwards compatible

To remain backwards compatible, the original configuration of LDAP is respected if there are no server declarations.

Conclusion

We hope this helps you manage multiple directory service deployments and make Hadoop more accessible within your company.

 

Have any suggestions? Feel free to tell us what you think through hue-user or@gethue!


comments powered by Disqus

More recent stories

11 March 2020
Automatically checking documentation and website dead links with Continuous Integration
Read More
04 March 2020
A better collaborative Data Warehouse Experience with SQL query sharing via links or gists
Read More
27 February 2020
Re-using the JavaScript SQL Parser
Read More