https://community.cloudera.com/t5/Support-Questions/Active-Directory-Group-to-Role-Mapping-CDP-7-1-6/m-p/322314#M228746 <P>With some help from a colleague, we figured out that all I needed to do was go into Administration &gt; Users &amp; Roles &gt; LDAP/PAM Groups.</P><P>There, I clicked on the "Add LDAP/PAM Group Mapping" and added the group I expected to be synced from Active Directory, along with a role assignment.&nbsp;</P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="CaptainJa_0-1628589033903.png" style="width: 400px;"><img src="https://community.cloudera.com/t5/image/serverpage/image-id/32043iA5511A8DC12437AA/image-size/medium?v=v2&amp;px=400" role="button" title="CaptainJa_0-1628589033903.png" alt="CaptainJa_0-1628589033903.png" /></span></P><P>This was enough to make sure that the user after being authenticated, was able to login in with the right role privileges.</P> Tue, 10 Aug 2021 09:51:07 GMT CaptainJa 2021-08-10T09:51:07Z https://community.cloudera.com/t5/Support-Questions/Active-Directory-Group-to-Role-Mapping-CDP-7-1-6/m-p/322310#M228744 <P>Hello,</P><P>&nbsp;</P><P>I am facing a&nbsp;challenge with authentication and authorizing Active Directory users on Cloudera CDP 7.1.6. I followed the steps here to make the necessary configurations (<A href="https://docs.cloudera.com/cdp-private-cloud-base/7.1.6/security-kerberos-authentication/topics/cm-security-external-authentication-ad.html" target="_blank" rel="noopener">https://docs.cloudera.com/cdp-private-cloud-base/7.1.6/security-kerberos-authentication/topics/cm-security-external-authentication-ad.html</A>).</P><P>The challenge is that I am able to login with AD users but there is no group to role mapping, which results in a blank page for the user.</P><P>I checked this other page (<A href="https://docs.cloudera.com/cdp-private-cloud-base/7.1.6/managing-clusters/topics/cm-security-authorization-user-roles.html)" target="_blank" rel="noopener">https://docs.cloudera.com/cdp-private-cloud-base/7.1.6/managing-clusters/topics/cm-security-authorization-user-roles.html)</A> which handles mapping external authentication to roles. However, it skips Active Directory instructions and mentions only that of external programs and SAML scripts.</P><P>&nbsp;</P><P>Does anyone have an idea of how to map groups from an Active Directory source to Cloudera Roles? or is there some other documentation I should refer to?</P><P>&nbsp;</P><P>Thanks in advance for the support.<BR />&nbsp;</P> Tue, 21 Apr 2026 09:00:01 GMT https://community.cloudera.com/t5/Support-Questions/Active-Directory-Group-to-Role-Mapping-CDP-7-1-6/m-p/322310#M228744 CaptainJa 2026-04-21T09:00:01Z https://community.cloudera.com/t5/Support-Questions/Active-Directory-Group-to-Role-Mapping-CDP-7-1-6/m-p/322314#M228746 <P>With some help from a colleague, we figured out that all I needed to do was go into Administration &gt; Users &amp; Roles &gt; LDAP/PAM Groups.</P><P>There, I clicked on the "Add LDAP/PAM Group Mapping" and added the group I expected to be synced from Active Directory, along with a role assignment.&nbsp;</P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="CaptainJa_0-1628589033903.png" style="width: 400px;"><img src="https://community.cloudera.com/t5/image/serverpage/image-id/32043iA5511A8DC12437AA/image-size/medium?v=v2&amp;px=400" role="button" title="CaptainJa_0-1628589033903.png" alt="CaptainJa_0-1628589033903.png" /></span></P><P>This was enough to make sure that the user after being authenticated, was able to login in with the right role privileges.</P> Tue, 10 Aug 2021 09:51:07 GMT https://community.cloudera.com/t5/Support-Questions/Active-Directory-Group-to-Role-Mapping-CDP-7-1-6/m-p/322314#M228746 CaptainJa 2021-08-10T09:51:07Z