Alex, You are welcome. You might want to check out the API Reference: https://github.com/apache/ambari/blob/trunk/ambari-server/docs/api/v1/index.md
Yusaku On Wed, Mar 5, 2014 at 11:43 AM, Alex Nastetsky <[email protected]>wrote: > Yusako, this is very helpful! This is exactly what I was looking for. > > By the way, is there any documentation about the API somewhere? So far I > just I just know about the http://localhost:8080/api/v1/users and > http://localhost:8080/api/v1/ <http://localhost:8080/api/v1/users/>clusters. > Attempting to access > http://localhost:8080/api/v<http://localhost:8080/api/v1/users/>1 > gives a 404. > > > On Wed, Mar 5, 2014 at 1:41 PM, Yusaku Sako <[email protected]>wrote: > >> Hi Alex, >> >> > Do you mean that admin users CAN change passwords through the API in >> configs.sh? >> >> No, admins cannot change user passwords via configs.sh; configs.sh is a >> wrapper that uses the API to manage "configuration" objects that do not >> deal with user passwords. >> However, admins can change passwords directly via the API (or with a >> similar wrapper script). >> Here's an example: >> >> curl -i -uadmin:admin -H "X-Requested-By: ambari" -X PUT -d >> '{"Users":{"roles":"admin,user","password":"mysecret","old_password":"admin"}}' >> http://localhost:8080/api/v1/users/<user-name> >> >> where: >> * "roles" is a comma-delimited list of roles that the user should belong >> to "admin,user" for admin users; just "user" for non-admin users. >> * "password" is the new password to set for the user >> * "old_password" is misleading, but* it's the password of the admin user >> invoking this call*. If you omit this parameter, the API call seems to >> go thru, but the password does not actually change. This is a bit >> redundant and confusing, but that's how it works today... >> >> I hope this helps! >> >> Yusaku >> >> >> >> On Wed, Mar 5, 2014 at 8:20 AM, Alex Nastetsky <[email protected]>wrote: >> >>> Thanks Yusaku, >>> >>> Do you mean that admin users CAN change passwords through the API in >>> configs.sh? I couldn't find how to do that. None of the CONFIG_TYPE values >>> seem relevant, they all deal directly with other Hadoop services. >>> >>> I'm talking about this: >>> >>> <CONFIG_TYPE>: One of the various configuration types in Ambari. >>> Ex:global, core-site, hdfs-site, mapred-queue-acls, etc. >>> >>> >>> >>> On Wed, Mar 5, 2014 at 11:11 AM, Yusaku Sako <[email protected]>wrote: >>> >>>> Hi Alex, >>>> >>>> Ambari can be configured to use a built-in local user store (default) >>>> or an external LDAP server (including ActiveDirectory), which can be >>>> managed outside of Ambari. >>>> Unfortunately the built-in user store is a bit simplistic in that only >>>> Admins can change the password on behalf of the non-admin user as you >>>> mentioned. The API currently prevents non-admin users from invoking any >>>> write operations, including changing their own password, so there is not a >>>> good way to do this via the API for now. >>>> >>>> Yusaku >>>> On Mar 5, 2014 7:49 AM, "Alex Nastetsky" <[email protected]> >>>> wrote: >>>> >>>>> Hi, >>>>> >>>>> I keep getting spam errors when I send emails to this list. This is my >>>>> attempt to circumvent that by putting my message content in a pastebin: >>>>> >>>>> http://pastebin.com/raw.php?i=K03dwytn >>>>> >>>>> Thanks. >>>>> >>>> >>>> CONFIDENTIALITY NOTICE >>>> NOTICE: This message is intended for the use of the individual or >>>> entity to which it is addressed and may contain information that is >>>> confidential, privileged and exempt from disclosure under applicable law. >>>> If the reader of this message is not the intended recipient, you are hereby >>>> notified that any printing, copying, dissemination, distribution, >>>> disclosure or forwarding of this communication is strictly prohibited. If >>>> you have received this communication in error, please contact the sender >>>> immediately and delete it from your system. Thank You. >>> >>> >>> >> >> CONFIDENTIALITY NOTICE >> NOTICE: This message is intended for the use of the individual or entity >> to which it is addressed and may contain information that is confidential, >> privileged and exempt from disclosure under applicable law. If the reader >> of this message is not the intended recipient, you are hereby notified that >> any printing, copying, dissemination, distribution, disclosure or >> forwarding of this communication is strictly prohibited. If you have >> received this communication in error, please contact the sender immediately >> and delete it from your system. Thank You. >> > > -- CONFIDENTIALITY NOTICE NOTICE: This message is intended for the use of the individual or entity to which it is addressed and may contain information that is confidential, privileged and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are hereby notified that any printing, copying, dissemination, distribution, disclosure or forwarding of this communication is strictly prohibited. If you have received this communication in error, please contact the sender immediately and delete it from your system. Thank You.
