Configure HiveServer2 to use LDAP Authentication

Procedure

  1. Configure the following properties in the hive-site.xml file on each node where HiveServer2 is installed:
    Property Value
    hive.server2.authentication LDAP
    hive.server2.authentication.ldap.url The access URL for your LDAP server
    hive.server2.authentication.ldap.baseDN The base LDAP DN for your LDAP server. For example, ou=People,dc=mycompany,dc=com.
    hive.server2.authentication.ldap.userDNPattern User DN Pattern - A DN pattern that can be used to directly login users to the LDAP database. This pattern is used for creating a DN string for "direct" user authentication, where the pattern is relative to the base DN in ldapUrl.
    <property>
      <name>hive.server2.authentication</name>
      <value>LDAP</value>
    </property>
    <property>
      <name>hive.server2.authentication.ldap.url</name>
      <value><LDAP URL></value>
    </property>
    <property>
      <name>hive.server2.authentication.ldap.baseDN</name>
      <value><LDAP Base DN></value>
    </property>
    For generic LDAP servers, you must use:
    1. hive.server2.authentication.ldap.baseDN
    2. hive.server2.authentication.ldap.userDNPattern
    However, Active Directory (AD) does not require the above two options, they can be replaced by the following property:
    • hive.server2.authentication.ldap.Domain
    Property Value
    hive.server2.authentication.ldap.Domain The active directory domain for your environment.
    <property>
      <name>hive.server2.authentication.ldap.Domain</name>
      <value><AD Domain Name></value>
    </property>           
  2. Restart HiveServer2 to apply these changes.
    maprcli node services -name hs2 -action restart -nodes <comma separated list of nodes>