...
LDAP base DN (distinguished name).
hive.server2.authentication.ldap.guidKey
- Default Value: uid
- Added In: Hive 2.1.0 with HIVE-13295
This property is to indicate what prefix to use when building the bindDN for LDAP connection (when using just baseDN). So bindDN will be "<guidKey>=<user/group>,<baseDN>". If userDNPattern and/or groupDNPattern is used in the configuration, the guidKey is not needed. Primarily required when just baseDN is being used.
hive.server2.authentication.ldap.Domain
- Default Value: (empty)
- Added In: Hive 0.12.0 with HIVE-4707
...
A COMMA-separated list of group names that the users should belong to (at least one of the groups) for authentication to succeed. See Group Membership for details.
hive.server2.authentication.ldap.groupMembershipKey
- Default Value: member
- Added In: Hive 2.1.0 with HIVE-13295
This property is used in LDAP search queries when finding LDAP group names a particular user belongs to. The value of the LDAP attribute, indicated by this property, should be a full DN for the user or the short username or userid. For example: A group entry for say "fooGroup" containing "member : uid=fooUser,ou=Users,dc=domain,dc=com" will help determine that "fooUser" belongs to LDAP group "fooGroup".
hive.server2.authentication.ldap.groupClassKey
- Default Value: groupOfNames
- Added In: Hive 1.3 with HIVE-13295
This property is used in LDAP search queries for finding LDAP group names a user belongs to. The value of this property is used to contruct LDAP group search query and is used to indicate what a group's objectClass is. Every LDAP group has certain objectClass. For example: group, groupOfNames, groupOfUniqueNames etc.
hive.server2.authentication.ldap.userDNPattern
...