Currently Impala use the "ldap_sasl_bind_s" to authenticate LDAP users and it doesn't accept any filter 'LDIF' to restrict the user authentication (as example users that belong to a specific defined LDAP group):
The "ldap_sasl_bind_s" do not accept filters and you cannot use the LDIF approach to specify an additional rule after the CN.
It works differently in the Search "ldap_search_s" where the filters are supported.
'ImpalaUsers' group has been created in our LDAP and corresponding users have been added, so:
However, the intended authentication in Impala doesn't work as it doesn't search, it looks that bind directly and this.
Thank you in advance for evaluate this implementation.