Created on 04-20-201802:08 PM - edited 08-17-201907:44 AM
Changing the amb_ranger_admin password is possible. This user password is stored in two different locations. If for any reason there is difference between them you will run into issues. On this article I will go over the locations and steps to change the password.
Locations
1. The amb_ranger_admin user and password exist in Ranger Admin database (encrypted) by default as an internal user. This user's password is the first location.
2. Ambari keeps a copy of the amb_ranger_admin password to create repositories and default policies for each plugin. This password is stored in ambari database (encrypted) as part of configuration of ranger-env.
1. Login to Ranger Admin UI, and navigate to Settions > Users and Groups. Then search for the amb_ranger_admin user and click on the username to edit. Click on the Change Password tab and enter new password.
2. Login to Ambari UI, and navigate to Ranger > Configs > Advanced. Locate Section "Admin Settings" and update password for "Ranger Admin username for Ambari". Then save and restart services if required.
What if passwords are not same?
Usually you will see an Ambari UI alert like the following:
Ranger Admin password check
User:amb_ranger_admin credentials on Ambari UI are not in sync with Ranger
While passwords are mismatched Ambari wont be able to automatically create plugin repositories and policies. Due to this start/restart of any of the ranger plugin enabled services will be delayed, but services eventually will start after exhausting all retries.
Error creating repository. Http status code - 401.
{"statusCode":401,"msgDesc":"Authentication Failed"}
Retry Repository Creation is being called
Will retry 4 time(s), caught exception: Error getting <clusterName>_<serviceName> repository for component <serviceName>. Http status code - 401.
{"statusCode":401,"msgDesc":"Authentication Failed"}. Sleeping for 8 sec(s)