Closed clevesque closed 1 year ago
Allows install of krb5 & OpenLDAP client libs for external krb5 ldap providers. Like external AD or external MIT/OpenLdap. User is expected to provide accurate krb5-* configs in their definition.
AD example:
krb5_kdc_type: Active Directory krb5_kdc_host: ad-domain.mycompany.com krb5_realm: MYREALM.COM krb5_kdc_admin_user: "admin-user@{{ krb5_realm }}" krb5_kdc_admin_password: "mypass" krb5_kdc_active_directory_prefix: "pvc-" krb5_kdc_active_directory_suffix: "OU=some-ou,DC=company,DC=com" krb5_enc_types: aes256-cts rc4-hmac krb5_kdc_active_directory_set_encryption_types: true
MIT Example:
krb5_kdc_type: MIT KDC krb5_kdc_host: kdc.mycompany.com krb5_realm: MYREALM.COM krb5_kdc_admin_user: "cloudera-scm/admin@{{ krb5_realm }}" krb5_kdc_admin_password: "mypass" krb5_enc_types: "aes256-cts aes128-cts"
Signed-off-by: Chuck Levesque clevesque@cloudera.com
Allows install of krb5 & OpenLDAP client libs for external krb5 ldap providers. Like external AD or external MIT/OpenLdap. User is expected to provide accurate krb5-* configs in their definition.
AD example:
krb5_kdc_type: Active Directory krb5_kdc_host: ad-domain.mycompany.com krb5_realm: MYREALM.COM krb5_kdc_admin_user: "admin-user@{{ krb5_realm }}" krb5_kdc_admin_password: "mypass" krb5_kdc_active_directory_prefix: "pvc-" krb5_kdc_active_directory_suffix: "OU=some-ou,DC=company,DC=com" krb5_enc_types: aes256-cts rc4-hmac krb5_kdc_active_directory_set_encryption_types: true
MIT Example:
krb5_kdc_type: MIT KDC krb5_kdc_host: kdc.mycompany.com krb5_realm: MYREALM.COM krb5_kdc_admin_user: "cloudera-scm/admin@{{ krb5_realm }}" krb5_kdc_admin_password: "mypass" krb5_enc_types: "aes256-cts aes128-cts"
Signed-off-by: Chuck Levesque clevesque@cloudera.com