This is the documentation for Cloudera Manager 5.1.x. Documentation for other versions is available at Cloudera Documentation.

Configuring LDAP Group Mappings

Required Role:

To set up LDAP (Active Directory) group mappings for Hadoop, make the following changes to the HDFS service's security configuration:
  1. Open the Cloudera Manager Admin Console and navigate to the HDFS service.
  2. Click the Configuration tab.
  3. Modify the following configuration properties under the Service-Wide > Security section. The table below lists the properties and the value to be set for each property.
    Configuration Property Value
    Hadoop User Group Mapping Implementation org.apache.hadoop.security.LdapGroupsMapping
    Hadoop User Group Mapping LDAP URL ldap://<server>
    Hadoop User Group Mapping LDAP Bind User Administrator@example-ad.local
    Hadoop User Group Mapping LDAP Bind User Password ***
    Hadoop User Group Mapping Search Base dc=example-ad,dc=local
Although the above changes are suffiicient to configure group mappings for Active Directory, some changes to the remaining default configurations might be required for OpenLDAP.
  Important: Ensure all your services are registered users in LDAP.
Page generated September 3, 2015.