nifi-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mike Thomsen <mikerthom...@gmail.com>
Subject Re: Buttons are greyed out when initial admin account logs in
Date Sun, 03 Dec 2017 14:45:18 GMT
I added the ldap-provider to the identity provider line in nifi.properties,
but I don't see any users from LDAP. I tried deleting users.xml and
authorizations.xml and restarting, but the user listing doesn't show any of
the users from LDAP. Any ideas on how to troubleshoot?

Thanks,

Mike

On Fri, Dec 1, 2017 at 7:05 PM, Kevin Doran <kdoran.apache@gmail.com> wrote:

> Mike,
>
>
>
> I should also mention that since the time of Pierre's inital blog post on
> LDAP integration, support for user & group syncing with LDAP has been added
> to NiFi. See the instructions for the "LdapUserGroupProvider" in
> Authorizers.xml section of the the Admin Guide [1].
>
>
>
> You will still need to set per-group or per-user policies as the initial
> admin, but you do not need to manually add users and groups in order to set
> policies. Also, your initial admin can use an identity from LDAP rather
> than a certificate (if that is preferred, otherwise, you can still use
> certificates alongside LDAP by using a CompositeUserGroupProvider as
> described in the Admin Guide).
>
>
>
> [1] https://nifi.apache.org/docs/nifi-docs/html/administration-
> guide.html#authorizers-setup
>
>
>
> -Kevin
>
>
>
> *From: *Kevin Doran <kdoran.apache@gmail.com>
> *Date: *Friday, December 1, 2017 at 18:43
> *To: *<users@nifi.apache.org>
> *Subject: *Re: Buttons are greyed out when initial admin account logs in
>
>
>
> Hi Mike,
>
>
>
> Your authorizers.xml and nifi.properties look correct to me to establish
> the certificate "CN=admin, OU=NIFI" as an admin user.
>
>
>
> Here's one idea that you may have already thought of... the initial admin
> is only granted admin policies if users/policies are empty on startup. Try
> deleting conf/users.xml and conf/authorizations.xml and restarting NiFi.
>
>
>
> Hope this helps! If you have any other questions about configuring LDAP or
> authorizers, let me know.
>
>
>
> Kevin
>
>
>
>
>
>
>
> *From: *Mike Thomsen <mikerthomsen@gmail.com>
> *Reply-To: *<users@nifi.apache.org>
> *Date: *Friday, December 1, 2017 at 18:27
> *To: *<users@nifi.apache.org>
> *Subject: *Buttons are greyed out when initial admin account logs in
>
>
>
> I'm following Pierre's blog post that shows how to set up LDAP w/ ApacheDS:
>
> https://pierrevillard.com/2017/01/24/integration-of-nifi-with-ldap
>
> I've tried this with 1.4.0 and 1.5.0-SNAPSHOT (toolkits built for each
> too) for what it's worth.
>
> Built the certs with this command:
>
> bin/tls-toolkit.sh standalone -n localhost -C "CN=admin,OU=NIFI" -O -o
> ../security_output
>
> Copied security_output/localhost/* to $NIFI_ROOT/conf
>
> With or without the identity provider set to use the LDAP configuration,
> it's greyed out.
>
>
>
> Any ideas on what I'm doing wrong?
>
>
>
> Thanks,
>
>
>
> Mike
>

Mime
View raw message