Interconnecting Impala with External LDAP

This section applies to MRS 3.1.0 or later.

1. Log in to Manager.
2. On Manager, choose Cluster > Name of the desired cluster > Services > Impala > Configurations > All Configurations > Impalad(Role) > LDAP.
3. Set the following parameters.

   Table 1 Parameter configuration

   Parameter	Description	Remarks
   --enable_ldap_auth	Whether to enable LDAP authentication	Value: true or false
   --ldap_bind_pattern	LDAP user DN pattern	Example: cn=#UID,ou=People,dc= huawei,dc=com or cn= %s,ou=People,dc= huawei,dc=com
   --ldap_passwords_in_clear_ok	Whether the LDPA password is sent in plaintext	If this parameter is set to true, the LDAP password can be sent in plaintext. Value: true or false NOTE: If --enable_ldap_auth is set to true, the LDAP TLS protocol is disabled by default during authentication. Therefore, you need to set --ldap_passwords_in_clear_ok to true. Otherwise, the Impalad role will fail to be started. To enable the Ldap TLS protocol, set --ldap_tls to true in the customized configuration of the Impalad role. After the configuration, the password can be sent in ciphertext.
   --ldap_uri-ip	LDAP IP address	-
   --ldap_uri-port	LDAP port number	Default value: 389

4. After the modification, click Save in the upper left corner. In the displayed dialog box, click OK.
5. Choose Cluster > Name of the desired cluster > Services > Impala > Instance. On the displayed page, select the instances whose Configuration Status is Expired, choose More > Restart Instance, and restart the instance.