drill-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sorabh Hamirwasia <shamirwa...@mapr.com>
Subject Re: OS user and AD user works simultaneously in Drill
Date Mon, 04 Jun 2018 16:01:23 GMT
Hi Divya,

You can create a custom PAM profile to allow that and place that in /etc/pam.d/ location.
Configure Drill to use that pam-profile by using below parameter in drill-override.conf.

drill.exec.security.user.auth.pam_profiles: ["sudo", "login", "customProfile"]

Basically in your PAM profile you will have a condition such that if authentication using
either of OS user / LDAP user is successful then that's a sufficient condition. You can learn
more about different parameters of the configuration file from [1].

Example: Something like below for auth module:

auth    sufficient      pam_unix.so nullok_secure
auth    required      pam_ldap.so use_first_pass

[1]: http://www.linux-pam.org/Linux-PAM-html/sag-configuration-file.html

P.S. Please consult your security administrator for correct configuration based on your environment.


From: Divya Gehlot <divya.htconex@gmail.com>
Sent: Saturday, June 2, 2018 9:42 AM
To: user@drill.apache.org
Subject: OS user and AD user works simultaneously in Drill

Hi ,
I have query regarding authenticate OS user as Drill user.
Here is how my drill is being set up -It is configured with PAM
configurations and it’s connected to AD .All the users login using AD
credentials .Admin of the drill is OS user .
Now my query is if I would like OS user(not admin ) to login to Drill , how
should I do it ?
Has anybody has this kind of hybrid set where OS user and PAM
authentication both works simultaneously.
Appreciate if any one can share drill conf where both works together as
mentioned above .

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message