Uploaded image for project: 'Zeppelin'
  1. Zeppelin
  2. ZEPPELIN-3875

Groups are not derived when using ActiveDirectory

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 0.7.3, 0.8.0
    • 0.9.0
    • security
    • None

    Description

      ActiveDirectoryGroupRealm is using "userPrincipalName" for deriving groups that user belongs to, however:

      • this field is not mandatory in ActiveDirectory
      • can contain user email where domain is different from REALM

      in such a scenario user is able to log in but no groups are derived

       

      this was also mentioned in https://github.com/apache/zeppelin/pull/986 but never resolved

      Attachments

        Activity

          People

            Unassigned Unassigned
            mvince Michal Vince
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Time Tracking

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0h
                0h
                Logged:
                Time Spent - 0.5h
                0.5h