Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Solved Go to solution

How to setup Ranger NiFi policy auth based on LDAP group ?

Labels:
avatar
author-rank geko
Guru

Created ‎10-19-2017 08:35 AM

Hi,

I setup HDF (in particular NiFi & Ranger) to fetch users&groups from AD and do auth against AD.

Defining policies in Ranger for NiFi, based on AD users, is working as expected after logging in to NiFi with AD credentials.

The only thing that is not working are the policies which grants access based on AD groups.

There is this article from almost a year ago. Does it still apply @Bryan Bende? Means, NiFi policies based on AD group membership is not working ?

Thanks in advance....

2,473 Views
0 Kudos
0
1 ACCEPTED SOLUTION

avatar
author-rank MattWho author-rank
Master Mentor

Created ‎10-19-2017 12:20 PM

@Gerd Koenig

HDF 3.0 does not have support of Ranger groups or LDAP groups. This should be a new feature in the HDF release coming out early next year.

Thanks,

Matt

View solution in original post

2,209 Views
0
4 REPLIES 4

avatar
author-rank bkosaraju
Super Collaborator

Created ‎10-19-2017 11:42 AM

@Gerd Koenig,

Apperently Yes, Still this is the case with HDF 3.0, we have tried this a month back and eventually gave up after figuring out that this is not supported at this moment.

2,209 Views

avatar
author-rank MattWho author-rank
Master Mentor

Created ‎10-19-2017 12:20 PM

@Gerd Koenig

HDF 3.0 does not have support of Ranger groups or LDAP groups. This should be a new feature in the HDF release coming out early next year.

Thanks,

Matt

2,210 Views
0

avatar
author-rank geko
Guru

Created ‎10-20-2017 06:33 AM

Hi @Matt Clarke , thanks for your reply. Will dive back into this with the release you mentioned.

You're saying "no support of Ranger or LDAP Groups", but support of Ranger is already there, although limited to user-based policies. Or did I misunderstand something here ?!?!

2,209 Views
0 Kudos

avatar
author-rank MattWho author-rank
Master Mentor

Created ‎10-20-2017 12:10 PM

@Gerd Koenig

I edited my response to be more clear. While Ranger is supported, the use of Ranger Groups is not.

Thanks,

Matt

2,209 Views
0 Kudos
Announcements
What's New @ Cloudera
[RELEASED] Cloudera Streaming Analytics - Kubernetes Operato...
What's New @ Cloudera
[RELEASED] Cloudera Streams Messaging - Kubernetes Operator ...
Community Announcements
February 2025 Community Highlights
What's New @ Cloudera
3 Benefits of External IDE Connectivity, Now Available in Cl...
What's New @ Cloudera
Performance comparison of Spark3 on YARN with S3 Standard VS...
View More Announcements