Closed alexfrosa closed 4 years ago
Pahtoe
commented
5 years ago @alexfrosa Hi Alex! Great input and should help customers using AD out a ton. I'm not familiar with the AD setup. Are all these set in User Properties on the AD side? The UNIX Attributes tab? Do some need to be set using Powershell?
alexfrosa
commented
5 years ago @alexfrosa Hi Alex! Great input and should help customers using AD out a ton. I'm not familiar with the AD setup. Are all these set in User Properties on the AD side? The UNIX Attributes tab? Do some need to be set using Powershell?
That's correct. When you enable the Unix compatability it is going to show a tab in the user property for that. There is no need to do that using Powershell.
Pahtoe
commented
4 years ago Changes were made as part of this commit from source CPUB system to add cross-linking to more detail. Changes are reflected in updated MD files.
Added a section with a list of attributes that must exist for the JupyterHub container PAM to find the user on Active Directory. They are called Unix attributes, and they are not created by default when a new user is created. I tested it with AWS managed AD and EMR emr-5.19.0. Without those attributes the JupyterHub is able to authenticate the user, but then generate an internal error (500) because the Linux PAM is not able to get the user information from LDAP, such as the user's home directory where JupyterHub stores the notebook data.
Issue #, if available:
Description of changes:
By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.