Community Articles

Find and share helpful community-sourced technical articles.
Announcements
Celebrating as our community reaches 100,000 members! Thank you!
Labels (1)
avatar

Below are some examples of how you would achieve this:

Case1: Restrict to users in a single group – In this example, only the users who are members of “scientist” group are only allowed to login to ranger admin. User search filter parameter would look something like this:

(&(sAMAccountName={0})(memberof=cn=scientist,ou=groups,dc=hwqe,dc=hortonworks,dc=com))
Case2: Restrict to users in multiple groups – In this example, only the users who are members of either “scientist” group OR “analyst” group are allowed to login to ranger admin. User search filter parameter would look something like this:
(&(sAMAccountName={0})(|((memberof=cn=scientist,ou=groups,dc=hwqe,dc=hortonworks,dc=com)(memberof=cn=analyst,ou=groups,dc=hwqe,dc=hortonworks,dc=com)))) 
Case3: Restrict to given list of users – In this example, only the users whose cn (or common name) starts with “sam r” are allowed to login to ranger admin. User search filter parameter would look something like this:
(&(sAMAccountName={0})(cn=sam r*))
2,547 Views
Comments

This may not work depending on your version because of this bug https://issues.apache.org/jira/browse/RANGER-1554 Should be fixed in HDP 2.6.1.

Thx, D!

 

It’s works at Ranger v2.0 from new CDP Data Center, BareMetal version!

 

Regards,

Caseiro.

Version history
Last update:
‎12-25-2016 08:00 PM
Updated by:
Contributors