Skip to content

Freeipa autodns mode - with user search filter #95

New issue
New issue
Closed
Closed
Freeipa autodns mode - with user search filter#95
@clevesque

Description

@clevesque
clevesque
opened on Nov 23, 2022

When using the freeipa autodns mode, the Cloudera Manager External Auth field for "LDAP User Search Filter" is being set to a ActiveDirectory type expression
Its being set to "(sAMAccountName={0})" but should be "(uid={0})"

In order to execute a seamless Base + PvC Control Plane + any DS install, this will need to be corrected, as the the CP gets this info from CM. and the DS's need LDAP working for its MagicSSO.

The confusing bit is that it looks like the CM settings are coming from:
https://github.com/cloudera-labs/cloudera.cluster/blob/main/roles/cloudera_manager/external_auth/templates/external_auth_configs.j2

and not at all from:
https://github.com/cloudera-labs/cloudera.cluster/blob/devel-pvc-update/roles/infrastructure/krb5_common/defaults/main.yml

Manual workarounds can be done, but this is actually an important area for proper automation (long term)

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions