LDAP authentication in Trino

Sergei Tikhomirov
Contents

Enable LDAP

NOTE
The LDAP authentication only works in clusters with active SSL.

To enable LDAP authentication, follow the steps below:

  1. On the Clusters page, select your ADH cluster and proceed to the Services tab in the cluster menu.

  2. Select the Trino service and go to the Components tab.

  3. Click the Trino Coordinator component and activate the Enable LDAP parameter group.

  4. Fill in the LDAP parameters for Active Directory or FreeIPA and restart Trino Coordinator.

    LDAP Active Directory configuration
    LDAP AD configuration

Check

To check that the authentication works, try using the Trino CLI tool:

  1. Connect to Trino Coordinator with specific parameters:

    $ ./trino https://<coordinator_host>:18188 --keystore-path <keystore-path> --keystore-password <keystore_password> --truststore-path <truststore-path> --truststore-password <truststore_password> --user=<username> --password

  2. Enter a password when prompted.

  3. Once the Trino shell is active, run the SHOW CATALOGS; command. The output should be similar to the following:

    Catalog
-------------
hive-adh
iceberg-adh
system
(3 rows)

Query 20250306_005901_00001_6smm5, FINISHED, 1 node
Splits: 7 total, 7 done (100.00%)
0.28 [0 rows, 0B] [0 rows/s, 0B/s]
Found a mistake? Seleсt text and press Ctrl+Enter to report it