You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/hdinsight/domain-joined/apache-domain-joined-create-configure-enterprise-security-cluster.md
+50-48Lines changed: 50 additions & 48 deletions
Original file line number
Diff line number
Diff line change
@@ -184,20 +184,22 @@ Create an Active Directory tenant administrator.
184
184
185
185
1. On the **Connect to Azure AD** page, enter the username and password of the global administrator for Azure AD. Use the username `fabrikamazureadmin@hdifabrikam.com` that you created when you configured your Active Directory tenant. Then select **Next**.
186
186
187
-
:::image type="content" source="./media/apache-domain-joined-create-configure-enterprise-security-cluster/hdinsight-image-0058.png" alt-text="The "Connect to Azure A D" page." border="true":::
187
+
:::image type="content" source="./media/apache-domain-joined-create-configure-enterprise-security-cluster/hdinsight-image-0058.png" alt-text="Connect to Azure A D" border="true":::
188
188
189
189
1. On the **Connect to Active Directory Domain Services** page, enter the username and password for an enterprise admin account. Use the username `HDIFabrikam\HDIFabrikamAdmin` and its password that you created earlier. Then select **Next**.
190
190
191
-
:::image type="content" source="./media/apache-domain-joined-create-configure-enterprise-security-cluster/hdinsight-image-0060.png" alt-text="The "Connect to A D D S" page." border="true":::
191
+
:::image type="content" source="./media/apache-domain-joined-create-configure-enterprise-security-cluster/hdinsight-image-0060.png" alt-text="Connect to A D D S page." border="true":::
192
+
192
193
1. On the **Azure AD sign-in configuration** page, select **Next**.
193
-
:::image type="content" source="./media/apache-domain-joined-create-configure-enterprise-security-cluster/hdinsight-image-0062.png" alt-text="The "Azure AD sign-in configuration" page" border="true":::
194
+
195
+
:::image type="content" source="./media/apache-domain-joined-create-configure-enterprise-security-cluster/hdinsight-image-0062.png" alt-text="Azure AD sign-in configuration page" border="true":::
194
196
195
197
1. On the **Ready to configure** page, select **Install**.
196
198
197
-
:::image type="content" source="./media/apache-domain-joined-create-configure-enterprise-security-cluster/hdinsight-image-0064.png" alt-text="The "Ready to configure" page" border="true":::
199
+
:::image type="content" source="./media/apache-domain-joined-create-configure-enterprise-security-cluster/hdinsight-image-0064.png" alt-text="Ready to configure page" border="true":::
198
200
199
201
1. On the **Configuration complete** page, select **Exit**.
1. After the sync completes, confirm that the users you created on the IaaS directory are synced to Azure AD.
203
205
1. Sign in to the Azure portal.
@@ -242,28 +244,28 @@ Follow these steps to enable Azure AD DS. For more information, see [Enable Azur
242
244
1. Sign in to the Azure portal.
243
245
1. Select **Create resource**, enter `Domain services`, and select **Azure AD Domain Services** > **Create**.
244
246
1. On the **Basics** page:
245
-
1. Under **Directory name**, select the Azure AD directory you created: **HDIFabrikam**.
246
-
1. For **DNS domain name**, enter *HDIFabrikam.com*.
247
-
1. Select your subscription.
248
-
1. Specify the resource group **HDIFabrikam-CentralUS**. For **Location**, select **Central US**.
247
+
1. Under **Directory name**, select the Azure AD directory you created: **HDIFabrikam**.
248
+
1. For **DNS domain name**, enter *HDIFabrikam.com*.
249
+
1. Select your subscription.
250
+
1. Specify the resource group **HDIFabrikam-CentralUS**. For **Location**, select **Central US**.
249
251
250
-
:::image type="content" source="./media/apache-domain-joined-create-configure-enterprise-security-cluster/hdinsight-image-0084.png" alt-text="Azure AD DS basic details" border="true":::
252
+
:::image type="content" source="./media/apache-domain-joined-create-configure-enterprise-security-cluster/hdinsight-image-0084.png" alt-text="Azure AD DS basic details" border="true":::
251
253
252
254
1. On the **Network** page, select the network (**HDIFabrikam-VNET**) and the subnet (**AADDS-subnet**) that you created by using the PowerShell script. Or choose **Create new** to create a virtual network now.
1. On the **Administrator group** page, you should see a notification that a group named **AAD DC Administrators** has already been created to administer this group. You can modify the membership of this group if you want to, but in this case you don't need to change it. Select **OK**.
257
259
258
-
:::image type="content" source="./media/apache-domain-joined-create-configure-enterprise-security-cluster/hdinsight-image-0088.png" alt-text="View the Azure AD administrator group" border="true":::
260
+
:::image type="content" source="./media/apache-domain-joined-create-configure-enterprise-security-cluster/hdinsight-image-0088.png" alt-text="View the Azure AD administrator group" border="true":::
259
261
260
262
1. On the **Synchronization** page, enable complete synchronization by selecting **All** > **OK**.
261
263
262
-
:::image type="content" source="./media/apache-domain-joined-create-configure-enterprise-security-cluster/hdinsight-image-0090.png" alt-text="Enable Azure AD DS synchronization" border="true":::
264
+
:::image type="content" source="./media/apache-domain-joined-create-configure-enterprise-security-cluster/hdinsight-image-0090.png" alt-text="Enable Azure AD DS synchronization" border="true":::
263
265
264
266
1. On the **Summary** page, verify the details for Azure AD DS and select **OK**.
265
267
266
-
:::image type="content" source="./media/apache-domain-joined-create-configure-enterprise-security-cluster/hdinsight-image-0092.png" alt-text="The summary of "Enable Azure AD Domain Services"" border="true":::
268
+
:::image type="content" source="./media/apache-domain-joined-create-configure-enterprise-security-cluster/hdinsight-image-0092.png" alt-text="Enable Azure AD Domain Services" border="true":::
267
269
268
270
After you enable Azure AD DS, a local DNS server runs on the Azure AD VMs.
269
271
@@ -272,19 +274,19 @@ After you enable Azure AD DS, a local DNS server runs on the Azure AD VMs.
272
274
Use the following steps to configure your Azure AD DS virtual network (**HDIFabrikam-AADDSVNET**) to use your custom DNS servers.
273
275
274
276
1. Locate the IP addresses of your custom DNS servers.
275
-
1. Select the `HDIFabrikam.com` Azure AD DS resource.
276
-
1. Under **Manage**, select **Properties**.
277
-
1. Find the IP addresses under **IP address on virtual network**.
277
+
1. Select the `HDIFabrikam.com` Azure AD DS resource.
278
+
1. Under **Manage**, select **Properties**.
279
+
1. Find the IP addresses under **IP address on virtual network**.
278
280
279
-
:::image type="content" source="./media/apache-domain-joined-create-configure-enterprise-security-cluster/hdinsight-image-0096.png" alt-text="Locate custom DNS IP addresses for Azure AD DS" border="true":::
281
+
:::image type="content" source="./media/apache-domain-joined-create-configure-enterprise-security-cluster/hdinsight-image-0096.png" alt-text="Locate custom DNS IP addresses for Azure AD DS" border="true":::
280
282
281
283
1. Configure **HDIFabrikam-AADDSVNET** to use custom IP addresses 10.0.0.4 and 10.0.0.5.
282
284
283
-
1. Under **Settings**, select **DNS Servers**.
284
-
1. Select **Custom**.
285
-
1. In the text box, enter the first IP address (*10.0.0.4*).
286
-
1. Select **Save**.
287
-
1. Repeat the steps to add the other IP address (*10.0.0.5*).
285
+
1. Under **Settings**, select **DNS Servers**.
286
+
1. Select **Custom**.
287
+
1. In the text box, enter the first IP address (*10.0.0.4*).
288
+
1. Select **Save**.
289
+
1. Repeat the steps to add the other IP address (*10.0.0.5*).
288
290
289
291
In our scenario, we configured Azure AD DS to use IP addresses 10.0.0.4 and 10.0.0.5, setting the same IP address on the Azure AD DS virtual network:
290
292
@@ -322,37 +324,37 @@ Verify that the certificate is installed in the computer's **Personal** store:
322
324
323
325
1. On the **Export Private Key** page, select **Yes, export the private key**. The computer where the key will be imported needs the private key to read the encrypted messages.
324
326
325
-
:::image type="content" source="./media/apache-domain-joined-create-configure-enterprise-security-cluster/hdinsight-image-0103.png" alt-text="The Export Private Key page of the Certificate Export Wizard" border="true":::
327
+
:::image type="content" source="./media/apache-domain-joined-create-configure-enterprise-security-cluster/hdinsight-image-0103.png" alt-text="The Export Private Key page of the Certificate Export Wizard" border="true":::
326
328
327
329
1. On the **Export File Format** page, leave the default settings, and then select **Next**.
328
330
1. On the **Password** page, type a password for the private key. For **Encryption**, select **TripleDES-SHA1**. Then select **Next**.
329
331
1. On the **File to Export** page, type the path and the name for the exported certificate file, and then select **Next**. The file name has to have a .pfx extension. This file is configured in the Azure portal to establish a secure connection.
330
332
1. Enable LDAPS for an Azure AD DS managed domain.
331
-
1. From the Azure portal, select the domain `HDIFabrikam.com`.
332
-
1. Under **Manage**, select **Secure LDAP**.
333
-
1. On the **Secure LDAP** page, under **Secure LDAP**, select **Enable**.
334
-
1. Browse for the .pfx certificate file that you exported on your computer.
335
-
1. Enter the certificate password.
333
+
1. From the Azure portal, select the domain `HDIFabrikam.com`.
334
+
1. Under **Manage**, select **Secure LDAP**.
335
+
1. On the **Secure LDAP** page, under **Secure LDAP**, select **Enable**.
336
+
1. Browse for the .pfx certificate file that you exported on your computer.
**HDIFabrikamManagedIdentity** is the user-assigned managed identity. The HDInsight Domain Services Contributor role is enabled for the managed identity that will allow this identity to read, create, modify, and delete domain services operations.
358
360
@@ -406,7 +408,7 @@ This step requires the following prerequisites:
1. On the **Roles** page, under **Assign roles to these**, next to the **Cluster Administrator** role, enter the group *hdiusergroup*.
411
+
1. On the **Roles** page, under **Assign roles to these**, next to the **Cluster Administrator** role, enter the group *hdiusergroup*.
410
412
411
413
:::image type="content" source="./media/apache-domain-joined-create-configure-enterprise-security-cluster/hdinsight-image-0137.jpg" alt-text="Assign the cluster admin role to hdiusergroup" border="true":::
412
414
@@ -418,4 +420,4 @@ If you can sign in with this account, you've configured your ESP cluster correct
418
420
419
421
## Next steps
420
422
421
-
Read [An introduction to Apache Hadoop security with ESP](hdinsight-security-overview.md).
423
+
Read [An introduction to Apache Hadoop security with ESP](hdinsight-security-overview.md).
Copy file name to clipboardExpand all lines: articles/hdinsight/hadoop/apache-hadoop-connect-excel-hive-odbc-driver.md
+4-4Lines changed: 4 additions & 4 deletions
Original file line number
Diff line number
Diff line change
@@ -32,7 +32,7 @@ The following steps show you how to create a Hive ODBC Data Source.
32
32
33
33
1. From Windows, navigate to **Start > Windows Administrative Tools > ODBC Data Sources (32-bit)/(64-bit)**. This action opens the **ODBC Data Source Administrator** window.
34
34
35
-
:::image type="content" source="./media/apache-hadoop-connect-excel-hive-odbc-driver/simbahiveodbc-datasourceadmin1.png "Configure a DSN using ODBC Data Source Administrator"" alt-text="OBDC data source administrator" border="true":::
35
+
:::image type="content" source="./media/apache-hadoop-connect-excel-hive-odbc-driver/simbahiveodbc-datasourceadmin1.png" alt-text="OBDC data source administrator" border="true":::
36
36
37
37
1. From the **User DSN** tab, select **Add** to open the **Create New Data Source** window.
38
38
@@ -58,7 +58,7 @@ The following steps show you how to create a Hive ODBC Data Source.
58
58
| Rows fetched per block |When fetching a large number of records, tuning this parameter may be required to ensure optimal performances. |
59
59
| Default string column length, Binary column length, Decimal column scale |The data type lengths and precisions may affect how data is returned. They cause incorrect information to be returned because of loss of precision and, or truncation. |
1. Select **Test** to test the data source. When the data source is configured correctly, the test result shows **SUCCESS!**
64
64
@@ -76,15 +76,15 @@ The following steps describe the way to import data from a Hive table into an Ex
76
76
77
77
2. From the **Data** tab, navigate to **Get Data** > **From Other Sources** > **From ODBC** to launch the **From ODBC** window.
78
78
79
-
:::image type="content" source="./media/apache-hadoop-connect-excel-hive-odbc-driver/simbahiveodbc-excel-dataconnection1.png "Open Excel data connection wizard"" alt-text="Open Excel data connection wizard" border="true":::
79
+
:::image type="content" source="./media/apache-hadoop-connect-excel-hive-odbc-driver/simbahiveodbc-excel-dataconnection1.png" alt-text="Open Excel data connection wizard" border="true":::
80
80
81
81
3. From the drop-down list, select the data source name that you created in the last section and then select **OK**.
82
82
83
83
4. For the first use, an **ODBC driver** dialog will open. Select **Windows** from the left menu. Then select **Connect** to open the **Navigator** window.
84
84
85
85
5. From **Navigator**, navigate to **HIVE** > **default** > **hivesampletable**, and then select **Load**. It takes a few moments before data gets imported to Excel.
0 commit comments