[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: LDAP - Unix sync

On Wed, 12 Aug 2015, Aneela Saleem wrote:

Hi all, Can anyone please tell me how can i pull users from LDAP server and treat them as local users? So that i can login as an ldap user and test whether particular user have permissions to particular HDFS commands or not.

I'm not sure what you're referring to by "pull." In a typical *ix setup, you'd configure the system name services and/or authentication services to include an LDAP backend.

The precise details and options depend on the exact flavor of the system you're using. nss_ldap, nss-pam-ldapd, and nssov are likely candidates on the name service side; nss-pam-ldapd also provides a pam_ldap on the authentication side. But again, this is somewhat system-dependent (no NSS on OS X/Darwin, for example).

For nssov, see the LDAPCon paper http://ldapcon.org/2011/downloads/cheng-paper.pdf for starters.