Support Questions
Find answers, ask questions, and share your expertise

Confusion between users in Ranger


Confusion between users in Ranger


I've been working on Ranger all day and I got confused.

First, we have internal (created with the UI) and external (ranger-sync) users. What's the role of internal users in settings where we have LDAP or AD ?

Ranger stores users in two tables (x_portal_users and x_user). From my understanding, when I sync users they got added to both tables (ie: users can login to portal, and can be used for creating policies). Right ? why separate the two tables then ?

Thank you for your help


Re: Confusion between users in Ranger

Internal users are created by ranger for its own purposes.

External users are sync'ed from enterprise directories. Access policies will be created for these users by admins.

Storing in two different tables is an implementation detail.

Re: Confusion between users in Ranger


Internal users are mostly for the applications (hadoop ecosystem components e.g hive,storm,hdfs,kafka,hbase etc).

and external users are those which you will sync with AD are Ldap, these are the users for which you will set different policies.