Community Articles
Find and share helpful community-sourced technical articles
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.
Labels (1)

Below are some examples of how you would achieve this:

Case1: Restrict to users in a single group – In this example, only the users who are members of “scientist” group are only allowed to login to ranger admin. User search filter parameter would look something like this:

(&(sAMAccountName={0})(memberof=cn=scientist,ou=groups,dc=hwqe,dc=hortonworks,dc=com))
Case2: Restrict to users in multiple groups – In this example, only the users who are members of either “scientist” group OR “analyst” group are allowed to login to ranger admin. User search filter parameter would look something like this:
(&(sAMAccountName={0})(|((memberof=cn=scientist,ou=groups,dc=hwqe,dc=hortonworks,dc=com)(memberof=cn=analyst,ou=groups,dc=hwqe,dc=hortonworks,dc=com)))) 
Case3: Restrict to given list of users – In this example, only the users whose cn (or common name) starts with “sam r” are allowed to login to ranger admin. User search filter parameter would look something like this:
(&(sAMAccountName={0})(cn=sam r*))
658 Views
Comments

This may not work depending on your version because of this bug https://issues.apache.org/jira/browse/RANGER-1554 Should be fixed in HDP 2.6.1.

Don't have an account?
Coming from Hortonworks? Activate your account here
Version history
Revision #:
1 of 1
Last update:
‎12-25-2016 08:00 PM
Updated by:
 
Contributors
Top Kudoed Authors