Return-Path: 
 <user-return-1937-apmail-ambari-user-archive=ambari.apache.org@ambari.apache.org>
X-Original-To: apmail-ambari-user-archive@www.apache.org
Delivered-To: apmail-ambari-user-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 3E85B10EAC
	for <apmail-ambari-user-archive@www.apache.org>;
 Sun, 22 Feb 2015 10:23:48 +0000 (UTC)
Received: (qmail 80179 invoked by uid 500); 22 Feb 2015 10:23:48 -0000
Delivered-To: apmail-ambari-user-archive@ambari.apache.org
Received: (qmail 80145 invoked by uid 500); 22 Feb 2015 10:23:48 -0000
Mailing-List: contact user-help@ambari.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:user-help@ambari.apache.org>
List-Unsubscribe: <mailto:user-unsubscribe@ambari.apache.org>
List-Post: <mailto:user@ambari.apache.org>
List-Id: <user.ambari.apache.org>
Reply-To: user@ambari.apache.org
Delivered-To: mailing list user@ambari.apache.org
Received: (qmail 80134 invoked by uid 99); 22 Feb 2015 10:23:48 -0000
Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136)
    by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 22 Feb 2015 10:23:48 +0000
X-ASF-Spam-Status: No, hits=4.2 required=5.0
	tests=FSL_HELO_BARE_IP_2,HTML_MESSAGE,RCVD_IN_DNSWL_NONE,SPF_PASS
X-Spam-Check-By: apache.org
Received-SPF: pass (athena.apache.org: domain of orenault@hortonworks.com
 designates 64.78.52.184 as permitted sender)
Received: from [64.78.52.184] (HELO relayvx11b.securemail.intermedia.net)
 (64.78.52.184)
    by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 22 Feb 2015 10:23:43 +0000
Received: from securemail.intermedia.net (localhost [127.0.0.1])
	by emg-ca-1-1.localdomain (Postfix) with ESMTP id DDEAE53DF8;
	Sun, 22 Feb 2015 02:22:40 -0800 (PST)
Subject: Re: Hadoop Security with FreeIPA
MIME-Version: 1.0
x-echoworx-emg-received: Sun, 22 Feb 2015 02:22:40.889 -0800
x-echoworx-msg-id: ad01b019-aacb-4060-99aa-2b2b29143ac3
x-echoworx-action: delivered
Received: from 10.254.155.14 ([10.254.155.14])
          by emg-ca-1-1 (JAMES SMTP Server 2.3.2) with SMTP ID 98;
          Sun, 22 Feb 2015 02:22:40 -0800 (PST)
Received: from MBX080-W4-CO-2.exch080.serverpod.net (unknown [10.224.117.102])
	by emg-ca-1-1.localdomain (Postfix) with ESMTP id A930153DF8;
	Sun, 22 Feb 2015 02:22:40 -0800 (PST)
Received: from MBX080-W4-CO-1.exch080.serverpod.net (10.224.117.101) by
 MBX080-W4-CO-2.exch080.serverpod.net (10.224.117.102) with Microsoft SMTP
 Server (TLS) id 15.0.1044.25; Sun, 22 Feb 2015 02:22:39 -0800
Received: from MBX080-W4-CO-1.exch080.serverpod.net ([10.224.117.101]) by
 mbx080-w4-co-1.exch080.serverpod.net ([10.224.117.101]) with mapi id
 15.00.1044.021; Sun, 22 Feb 2015 02:22:39 -0800
From: Olivier Renault <orenault@hortonworks.com>
To: "user@ambari.apache.org" <user@ambari.apache.org>, "cdh-user@cloudera.org"
	<cdh-user@cloudera.org>, "user@ambari.apache.org" <user@ambari.apache.org>
Thread-Topic: Hadoop Security with FreeIPA
Thread-Index: AQHQTe0sSSWfyhwkKkCcytJ+4vjMM5z8dx4C
Date: Sun, 22 Feb 2015 10:22:39 +0000
Message-ID: 
 <486AC1914CDE68DB.1-8aa790b2-b93c-41d7-9369-44b0326b2c9a@mail.outlook.com>
References: 
 <CAAQx4TjuzugYA7fcy3Y5+BHT+Kon3vkyqM12LVEXJ1nCbRfggA@mail.gmail.com>
In-Reply-To: 
 <CAAQx4TjuzugYA7fcy3Y5+BHT+Kon3vkyqM12LVEXJ1nCbRfggA@mail.gmail.com>
Accept-Language: en-GB, en-US
Content-Language: en-GB
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-ms-exchange-transport-fromentityheader: Hosted
x-source-routing-agent: Processed
Content-Type: multipart/alternative;
	boundary="_000_486AC1914CDE68DB18aa790b2b93c41d7936944b0326b2c9amailou_"
X-Virus-Checked: Checked by ClamAV on apache.org

--_000_486AC1914CDE68DB18aa790b2b93c41d7936944b0326b2c9amailou_
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

IPA is the red hat directory server (ex Netscape) bundle with a kdc. Its pe=
rfectly suited to run as your kerberos server. I know of few customers who =
are using it in prod with mid to large size clusters.


Thanks,
Olivier
-----
Olivier Renault
_____________________________
From:Hadoop Solutions
Subject:Hadoop Security with FreeIPA
To:cdh-user@cloudera.org, user@ambari.apache.org


Hi,

I want to enable security on HDP production cluster. Is it durable to use F=
reeIPA on production environment to use LADP and Kerberos authentication la=
yer?

Please let me know your suggestions on FreeIPA.

Thanks,
Shaik



--_000_486AC1914CDE68DB18aa790b2b93c41d7936944b0326b2c9amailou_
Content-Type: text/html; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

<html>
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dus-ascii"=
>
</head>
<body>
IPA is the red hat directory server (ex Netscape) bundle with a kdc. Its pe=
rfectly suited to run as your kerberos server. I know of few customers who =
are using it in prod with mid to large size clusters.<br>
<br>
<br>
<div id=3D"acompli_signature">Thanks,<br>
Olivier<br>
-----<br>
Olivier Renault<br>
</div>
_____________________________<br>
From:Hadoop Solutions<br>
Subject:Hadoop Security with FreeIPA<br>
To:cdh-user@cloudera.org, user@ambari.apache.org<br>
<br>
<br>
<meta content=3D"text/html; charset=3Dutf-8">
<div dir=3D"ltr">
<div>Hi, </div>
<div><br>
</div>
<div>I want to enable security on HDP production cluster. Is it durable to =
use <b>
FreeIPA</b> on production environment to use LADP and Kerberos authenticati=
on layer?
</div>
<div><br>
</div>
<div>Please let me know your suggestions on FreeIPA. </div>
<div><br>
</div>
<div>Thanks, </div>
<div>Shaik </div>
</div>
<br>
<br>
</body>
</html>

--_000_486AC1914CDE68DB18aa790b2b93c41d7936944b0326b2c9amailou_--