[Date Prev][Date Next]
Re: LDAP - Unix sync
On Wed, 12 Aug 2015, Aneela Saleem wrote:
Hi all, Can anyone please tell me how can i pull users from LDAP server
and treat them as local users? So that i can login as an ldap user and
test whether particular user have permissions to particular HDFS
commands or not.
I'm not sure what you're referring to by "pull." In a typical *ix setup,
you'd configure the system name services and/or authentication services to
include an LDAP backend.
The precise details and options depend on the exact flavor of the system
you're using. nss_ldap, nss-pam-ldapd, and nssov are likely candidates on
the name service side; nss-pam-ldapd also provides a pam_ldap on the
authentication side. But again, this is somewhat system-dependent (no NSS
on OS X/Darwin, for example).
For nssov, see the LDAPCon paper
http://ldapcon.org/2011/downloads/cheng-paper.pdf for starters.