Details
-
Task
-
Status: Resolved
-
Critical
-
Resolution: Fixed
-
2.7.0
Description
Use internal LDAP configuration values rather than ambari.properties values when accessing the configured LDAP server for LDAP sync and authentication.
- Deprecate setup-ldap from the ambari-server script.
- Rather then perform any operations, alert user to configure LDAP integration from the Ambari UI
- Lookup LDAP-specific properties from the Ambari configuration data under the "ldap-configuration" category.
- Remove relevant properties from org.apache.ambari.server.configuration.Configuration
- ambari.ldap.isConfigured
- authentication.ldap.useSSL
- authentication.ldap.primaryUrl
- authentication.ldap.secondaryUrl
- authentication.ldap.baseDn
- authentication.ldap.bindAnonymously
- authentication.ldap.managerDn
- authentication.ldap.managerPassword
- authentication.ldap.dnAttribute
- authentication.ldap.usernameAttribute
- authentication.ldap.username.forceLowercase
- authentication.ldap.userBase
- authentication.ldap.userObjectClass
- authentication.ldap.groupBase
- authentication.ldap.groupObjectClass
- authentication.ldap.groupNamingAttr
- authentication.ldap.groupMembershipAttr
- authorization.ldap.adminGroupMappingRules
- authentication.ldap.userSearchFilter
- authentication.ldap.alternateUserSearchEnabled
- authentication.ldap.alternateUserSearchFilter
- authorization.ldap.groupSearchFilter
- authentication.ldap.referral
- authentication.ldap.pagination.enabled
- authentication.ldap.sync.userMemberReplacePattern
- authentication.ldap.sync.groupMemberReplacePattern
- authentication.ldap.sync.userMemberFilter
- authentication.ldap.sync.groupMemberFilter
- ldap.sync.username.collision.behavior