Hello. Thanks for your answer. I did not put the entire file, but the user and group entries are from the ldapusergroupprovider. Pierre already points me out to his docs and help me here to configure this, the ldap auth is working fine.
I just can’t use anything related to groups From: Vishal Jadhav (BLOOMBERG/ 731 LEX) <vjad...@bloomberg.net> Sent: lundi 11 mars 2019 14:11 To: users@nifi.apache.org Subject: Re:LDAP, Groups and nifi users Hello Aurélien, On a quick look at the gist, it looks like you are missing the LdapUserGroupProvider. (1) Pierre has a very informative guide on the LDAP group configuration here - https://pierrevillard.com/?s=ldap. (thank you Pierre! For this one and the other posts!!) (2) Refer to this one in addition - https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html#ldap-based-users-groups-referencing-user-dn Also, I think you will need to have the ldap identity provider to authenticate the users first. I hope the authentication using LDAP is working for you. - Vishal From: users@nifi.apache.org<mailto:users@nifi.apache.org> At: 03/11/19 08:17:45 To: users@nifi.apache.org<mailto:users@nifi.apache.org> Subject: LDAP, Groups and nifi users Hello. I’m struggling to configure a correct authorizes.xml to achieve the following. I’m using nifi 1.8 and 1.9 (freshy install) in secure mode + ldap auth. - I have a LDAP serveur (RH identity manager) where users/groups are stored. - I’d like to be able to grant rights on Nifi based on user group - I’d like to be able to see users and their associated rights in nifi menu => users (not working, see screenshot bellow) I don’t know where is my mistake , I’ve tried a lot of conf in ldap-user-group-provider, I’m not even really sure the problem is here. Authentication itself is working, I can assign policy to users, but nothing works with groups. My configurations are https://gist.github.com/zorel/6934e7e6c1ae9e951ab13a1ce1db2330 Thanks for any pointer. [cid:image001.jpg@01D4D814.DBE0DF00] Aurélien DEHAY Big Data Architect +33 616 815 441 aurelien.de...@faurecia.com<mailto:aurelien.de...@faurecia.com> 23/27 avenue des Champs Pierreux 92735 Nanterre Cedex – France [Faurecia_inspiring_mobility_logo-RVB_150] This electronic transmission (and any attachments thereto) is intended solely for the use of the addressee(s). It may contain confidential or legally privileged information. If you are not the intended recipient of this message, you must delete it immediately and notify the sender. Any unauthorized use or disclosure of this message is strictly prohibited. Faurecia does not guarantee the integrity of this transmission and shall therefore never be liable if the message is altered or falsified nor for any virus, interception or damage to your system. This electronic transmission (and any attachments thereto) is intended solely for the use of the addressee(s). It may contain confidential or legally privileged information. If you are not the intended recipient of this message, you must delete it immediately and notify the sender. Any unauthorized use or disclosure of this message is strictly prohibited. Faurecia does not guarantee the integrity of this transmission and shall therefore never be liable if the message is altered or falsified nor for any virus, interception or damage to your system.
