[ https://issues.apache.org/jira/browse/AMBARI-6432?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15189916#comment-15189916 ]
Bolke de Bruin commented on AMBARI-6432: ---------------------------------------- And it should be possible (did not try) to use this with IPA 3 > FreeIPA Support in Ambari > ------------------------- > > Key: AMBARI-6432 > URL: https://issues.apache.org/jira/browse/AMBARI-6432 > Project: Ambari > Issue Type: Improvement > Components: ambari-server > Affects Versions: trunk > Reporter: jay vyas > Assignee: Bolke de Bruin > Fix For: 2.4.0 > > Attachments: AMBARI-6432-FreeIPA.patch, AMBARI-6432.patch, > AMBARI-6432.patch, AMBARI-6432.trunk.v1.patch, AMBARI-6432.trunk.v2.patch, > AMBARI-6432.trunk.v3.patch, AMBARI-6432.trunk.v4.patch, > AMBARI-6432.trunk.v5.patch, AMBARI-6432.trunk.v5.patch, ipa-patch-v0.5.patch > > > FreeIPA Is a powerful tool for unifying identity, kerberos credentials, > across a cluster. > A great value add for ambari would be to provide support for using FreeIPA to > kerberize services. This would allow for > 1) better HCFS interoperability, because first class GID/UID is critical for > certain file systems (GlusterFS, Lustre, and any other file system which uses > kernel / FUSE apis for determining identity) > 2) better enterprise interoperability. Because of the fact that FreeIPA > makes it easy to interop with different identity solutions (like active > directory), it would make ambari easier to adopt for various enterprises. > 3) broadens ambaris scope. Now ambari could also allow people to setup the > users of their clusters, and at least some of the security features of their > clusters, all from one interface (no more manual handling of TGTs and such - > it could all be done quite easily via the ambari UI which could make calls to > underlying FreeIPA clients). -- This message was sent by Atlassian JIRA (v6.3.4#6332)