CDH开启ldap

参考:

官网ldap:

https://www.cloudera.com/documentation/enterprise/6/6.2/topics/cm_sg_ldap_grp_mappings.html

如何在RedHat7上安装OpenLDA并配置客户端
https://cloud.tencent.com/developer/article/1100819?from=10680   GG
如何在RedHat7中实现OpenLDAP集成SSH登录并使用sssd同步用户
https://cloud.tencent.com/developer/article/1100823

如何为Hive配置OpenLDAP认证
https://cloud.tencent.com/developer/article/1078635   GG

SSSD:
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/deployment_guide/sssd-introduction
https://cloud.tencent.com/developer/article/1100823

hue配置ldap:

https://docs.cloudera.com/documentation/enterprise/6/6.2/topics/hue_sec_ldap_auth.html

 

HDFS:

配置之前:

 

 

 

 

 

配置之后:

hdfs配置-security

 

hive:

 

 

HUE;

参考没经过验证：　https://blog.csdn.net/weixin_38655836/article/details/89848681

配置之前:

配置之后：

 

检查：ldapsearch -D "cn=admin,dc=xx,dc=com" -w "密码" -p 389 -h ldap服务器ip  -b "cn=user, dc=xx,dc=com " 

 

 

impala:

https://cloud.tencent.com/developer/article/1078631 

 

 

 配置之后;

 

注: 配置后用公司的ldap在hive不能访问,有时间搭一个openldap测试

LDAP:
vim ldap.conf #末尾添加
URI ldap://xxxxx:389
BASE dc=opayride,dc=com

#查找ldap的用户,验证连通性
[root@zhep-opay-temp-big-data-1 ~]# ldapsearch -D "cn=admin,dc=opayride,dc=com" -W |grep feng.hong
Enter LDAP Password:
# hive, Users, opayride.com
dn: cn=hive,cn=Users,dc=opayride,dc=com
cn: hive
homeDirectory: /home/users/hive
sn: hive
uid: hive