After LDAP authentication is enabled for a service, you must provide your LDAP username
and password when you access the service. This improves the security of the service.
The OpenLDAP service that is deployed in your EMR cluster is used to support LDAP
authentication. You can enable LDAP authentication for a service in the EMR console
by performing simple operations. This frees you from the complex configuration of
LDAP authentication. This topic describes how to enable and disable LDAP authentication
with one click.
Prerequisites
A Hadoop cluster is created. For more information, see Create a cluster.
Limits
You can enable LDAP authentication with one click for a Hadoop cluster only in EMR
V3.34.0 and later V3.X.X, and in EMR V4.8.0 and later V4.X.X.
Enable LDAP authentication
- Go to the Hue service page.
- Log on to the Alibaba Cloud EMR console.
- In the top navigation bar, select the region where your cluster resides and select a resource group based on your business requirements.
- Click the Cluster Management tab.
- On the Cluster Management page, find your cluster and click Details in the Actions column.
- In the left-side navigation pane, choose .
- Enable LDAP authentication.
- On the Hue service page, choose in the upper-right corner.
- In the Cluster Activities dialog box, click OK.
- Click History in the upper-right corner.
After Successful appears in the Status column, the operation is successful.
- Restart Hue.
- On the Hue service page, choose in the upper-right corner.
- In the Cluster Activities dialog box, specify Description and click OK.
- In the Confirm message, click OK.
Access the Hue web UI
- Go to the Cluster Overview page.
- Log on to the Alibaba Cloud EMR console.
- In the top navigation bar, select the region where your cluster resides and select a resource group based on your business requirements.
- Click the Cluster Management tab.
- On the Cluster Management page, find your cluster and click Details in the Actions column.
- In the left-side navigation pane, click Connect Strings.
- On the Public Connect Strings page, click the link for Hue.
Use your LDAP username and password to log on to the Hue web UI.
Notice The first user who logs on to the Hue web UI after LDAP authentication is enabled
becomes the administrator of Hue.
Disable LDAP authentication
- Go to the Hue service page.
- Log on to the Alibaba Cloud EMR console.
- In the top navigation bar, select the region where your cluster resides and select a resource group based on your business requirements.
- Click the Cluster Management tab.
- On the Cluster Management page, find your cluster and click Details in the Actions column.
- In the left-side navigation pane, choose .
- Disable LDAP authentication.
- On the Hue service page, choose in the upper-right corner.
- In the Cluster Activities dialog box, click OK.
- Click History in the upper-right corner.
After Successful appears in the Status column, the operation is successful.
- Restart Hue.
- On the Hue service page, choose in the upper-right corner.
- In the Cluster Activities dialog box, specify Description and click OK.
- In the Confirm message, click OK.