Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Solved Go to solution

How to change Owner of Zeppelin Notebook?

Labels:
avatar
author-rank bkandalkar
Contributor

Created ‎07-31-2018 09:40 AM

Hello All,

We have synced AD users in Zeppelin using shiro.ini file. User is able to login using entire domain name eg: 'bhushan-kandalkar@test.com'

All notebook have owners set to 'bhushan-kandalkar@test.com'

Now, we have synced AD users in Zeppelin using SaMAcoountName. Hence User is able to login using SaMAcoountName only eg: 'bhushan-kandalkar'

But problem is user 'bhushan-kandalkar' is not able to view notebooks created by 'bhushan-kandalkar@test.com' though its an same user.

How should I change owners of all notebooks from 'bhushan-kandalkar@test.com' to 'bhushan-kandalkar'?

Please suggest.

Thanks,

Bhushan

4,944 Views
0 Kudos
1 ACCEPTED SOLUTION

avatar
author-rank falbani author-rank
Guru

Created ‎07-31-2018 03:04 PM

@Bhushan Kandalkar

To recover and and change notebook permissions manually you should do the following:

1. Login to zeppelin server host and switch to zeppelin user. If kerberized, kinit as zeppelin principal using zeppelin keytab

2. Make a backup of the following hdfs file

hdfs dfs -cp /user/zeppelin/conf/notebook-authorization.json /user/zeppelin/conf/notebook-authorization.json.orig

3. Get the file from hdfs to local file system

hdfs dfs -get /user/zeppelin/conf/notebook-authorization.json /tmp/notebook-authorization.json

4. Edit the file and replate all occurences of the username

sed -i -e 's/bhushan-kandalkar@test.com/bhushan-kandalkar/g' /tmp/notebook-authorization.json

5. Upload the file to hdfs

hdfs dfs -put -f /tmp/notebook-authorization.json /user/zeppelin/conf/

6. Restart zeppelin server using ambari

Let me know if that works for you.

HTH

*** If you found this answer addressed your question, please take a moment to login and click the "accept" link on the answer.

View solution in original post

4,518 Views
0 Kudos
7 REPLIES 7

avatar
author-rank falbani author-rank
Guru

Created ‎07-31-2018 03:04 PM

@Bhushan Kandalkar

To recover and and change notebook permissions manually you should do the following:

1. Login to zeppelin server host and switch to zeppelin user. If kerberized, kinit as zeppelin principal using zeppelin keytab

2. Make a backup of the following hdfs file

hdfs dfs -cp /user/zeppelin/conf/notebook-authorization.json /user/zeppelin/conf/notebook-authorization.json.orig

3. Get the file from hdfs to local file system

hdfs dfs -get /user/zeppelin/conf/notebook-authorization.json /tmp/notebook-authorization.json

4. Edit the file and replate all occurences of the username

sed -i -e 's/bhushan-kandalkar@test.com/bhushan-kandalkar/g' /tmp/notebook-authorization.json

5. Upload the file to hdfs

hdfs dfs -put -f /tmp/notebook-authorization.json /user/zeppelin/conf/

6. Restart zeppelin server using ambari

Let me know if that works for you.

HTH

*** If you found this answer addressed your question, please take a moment to login and click the "accept" link on the answer.

4,519 Views
0 Kudos

avatar
author-rank bkandalkar
Contributor

Created ‎07-31-2018 05:15 PM

Thanks @Felix Albani

I already did that. But note permission for every notebook is still showing 'bhushan-kandalkar@test.com' as owner, reader and writer.

Also, when I tried to change owner name to 'bhushan-kandalkar' its giving permission denied error.

Please suggest.

4,518 Views
0 Kudos

avatar
author-rank falbani author-rank
Guru

Created ‎07-31-2018 07:00 PM

@Bhushan Kandalkar

Could you be more precise as to what step of the ones I provided above is giving you the permission denied error?

Thanks!

4,518 Views
0 Kudos

avatar
author-rank bkandalkar
Contributor

Created ‎08-01-2018 12:49 PM

@Felix Albani @Vipin Rathor

I performed all these steps. I can see that user 'bhushan-kandalkar' is able to view notebooks created by 'bhushan-kandalkar@test.com' user. That's good news.

But in Zeppelin Notebook UI, I am still getting 'bhushan-kandalkar@test.com' user. Attached screenshot notebook-permission.png. I am not getting ''bhushan-kandalkar' user.

Also, when I share notebook to other user, that notebook is removed from the user who has shared that notebook. That should not happen.

Please suggest.

4,518 Views
0 Kudos

avatar
author-rank VR46 author-rank
Guru

Created ‎08-01-2018 08:41 PM

@Bhushan Kandalkar,

Can you login to Zeppelin as 'bhushan-kandalkar' instead of 'bhushan-kandalkar@test.com'? You may need to set "activeDirectoryRealm.principalSuffix = @test.com" if you are using "org.apache.zeppelin.realm.ActiveDirectoryGroupRealm".

With this set, you should be able to login as 'bhushan-kandalkar' and same would appear in notebook permission.

Hope this helps.

4,518 Views
0 Kudos

avatar
author-rank VR46 author-rank
Guru

Created ‎07-31-2018 08:25 PM

@Bhushan Kandalkar,

Please let us know the value of "zeppelin.notebook.storage" property in Zeppelin. If you can attach your zeppelin-site.xml from Zeppelin node ("after scrubbing your env. specific details"), that will be even better.

What Felix is suggesting here, may actually work if done correctly.

4,518 Views
0 Kudos

avatar
author-rank bkandalkar
Contributor

Created ‎08-02-2018 07:09 AM

@Vipin Rathor

I am logging in using bhushan-kandalkar user but in Zeppelin Notebook UI, I am still getting 'bhushan-kandalkar@test.com' user for every notebook permission.

4,518 Views
0 Kudos
Announcements
What's New @ Cloudera
Cloudera Data Engineering 1.23: Access Spark from Your Favor...
What's New @ Cloudera
HBase REST server scaling support is Generally Available
What's New @ Cloudera
New CLI option in the update-database command
What's New @ Cloudera
New Action menu item in the Cloudera Operational Database UI
What's New @ Cloudera
Get the list of supported instance types in the Cloudera Ope...
View More Announcements