Created 09-06-2018 08:33 PM
Hi All,
I did integrate Ranger with AD ( no SSSD ) in our case but policies are not applied to members of group.
I am trying to configure hadoop group mapping in core-site.xml for AD.
Trying to follow the below link:
Can someone provide sample values for various properties mentioned in the above link.
This will help me.
Many thanks for your time and support.
Created 09-06-2018 09:03 PM
We are using AD and tried to configure core-site.xml with the properties mentioned in the link but no luck :(
Created 09-10-2018 08:58 PM
Not sure if you are still looking for help here. If you configured ranger with AD/LDAP sync, then most of the properties in core-site.xml should be very similar. Following are the properties I generally add with sample values to the custom core-site.xml section in HDFS configuration in Ambari:
hadoop.security.group.mapping=org.apache.hadoop.security.LdapGroupsMapping
hadoop.security.group.mapping.ldap.base=dc=hortonworks,dc=com
hadoop.security.group.mapping.ldap.bind.password=<password>
hadoop.security.group.mapping.ldap.bind.user=cn=administrator,CN=Users,dc=hortonworks,dc=com
hadoop.security.group.mapping.ldap.search.attr.group.name=cn
hadoop.security.group.mapping.ldap.search.attr.member=member
hadoop.security.group.mapping.ldap.search.filter.group
=(objectclass=group)
hadoop.security.group.mapping.ldap.search.filter.user=(&(|(objectclass=person)(objectclass=applicationProcess))(cn={0}))
hadoop.security.group.mapping.ldap.url=ldap://10.10.10.10:389