ambari-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Hari Sekhon (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (AMBARI-8737) LDAP vs local accounts
Date Tue, 16 Dec 2014 19:00:14 GMT

     [ https://issues.apache.org/jira/browse/AMBARI-8737?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Hari Sekhon updated AMBARI-8737:
--------------------------------
    Description: 
A local accounts allows a matching ldap account login with either the local password or the
ldap password.

Allowing either the local or the ldap password seems a bit buggy to me, surely ldap should
take priority and local password should not be allowed at that point for that given user.

  was:
Ambari LDAP useres currently require local Ambari accounts. However when creating local accounts
it insists on a local password being given - and testing shows it allows login via either
the local password or the ldap password when they are different.

There should be an option to set the user to be ldap only and store no password.

I can see this should probably have been done via sync-ldap instead... but allowing either
the local or the ldap password seems a bit buggy to me, surely ldap should take priority and
local password should not be allowed at that point.


> LDAP vs local accounts
> ----------------------
>
>                 Key: AMBARI-8737
>                 URL: https://issues.apache.org/jira/browse/AMBARI-8737
>             Project: Ambari
>          Issue Type: Improvement
>    Affects Versions: 1.7.0
>            Reporter: Hari Sekhon
>            Priority: Minor
>
> A local accounts allows a matching ldap account login with either the local password
or the ldap password.
> Allowing either the local or the ldap password seems a bit buggy to me, surely ldap should
take priority and local password should not be allowed at that point for that given user.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message