Installing Apache Atlas
Also available as:

Authentication settings

You can set the Authentication Type to File, LDAP, or AD.

File-based Authentication

When file-based authentication is selected, the atlas.authentication.method.file.filename property is automatically set to {{conf_dir}}/

The file should have the following format:


The user group can be ADMIN, DATA_STEWARD, or DATA_SCIENTIST.

The password is encoded with the sha256 encoding method and can be generated using the UNIX tool:

echo -n "Password" | sha256sum
e7cf3ef4f17c3999a94f2c6f612e8a888e5b1026878e4e19398b23bd38ec221a -

You can also set the Admin password using the Ambari UI: Select Advanced > Advanced atlas-env, then use the Admin password and Admin username boxes to set the Admin user name and password.

When updating these settings post-installation, click Save, then restart Atlas and all other components that require a restart.

LDAP Authentication

To enable LDAP authentication, select LDAP, then set the following configuration properties.

Table 1. Apache Atlas LDAP Configuration Settings
Property Sample Values
atlas.authentication.method.ldap.url ldap://
atlas.authentication.method.ldap.userDNpattern uid={0],ou=users,dc=example,dc=com
atlas.authentication.method.ldap.groupSearchBase dc=example,dc=com
atlas.authentication.method.ldap.groupSearchFilter (member=cn={0},ou=users,dc=example,dc=com
atlas.authentication.method.ldap.groupRoleAttribute cn
atlas.authentication.method.ldap.base.dn dc=example,dc=com
atlas.authentication.method.ldap.bind.dn cn=Manager,dc=example,dc=com
atlas.authentication.method.ldap.bind.password PassW0rd
atlas.authentication.method.ldap.referral ignore
atlas.authentication.method.ldap.user.searchfilter (uid={0})
atlas.authentication.method.ldap.default.role ROLE_USER

AD Authentication

To enable AD authentication, select AD, then set the following configuration properties.

Table 2. Apache Atlas AD Configuration Settings
Property Sample Values ldap://
Domain Name (Only for AD) DC=example,DC=com CN=Administrator,CN=Users,DC=example,DC=com PassW0rd ignore (sAMAccountName={0}) ROLE_USER