Support Questions
Find answers, ask questions, and share your expertise
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

How to stop Ranger from creating users

How to stop Ranger from creating users


In a kerberozed cluster. How to block local user authentication for Ranger and only Accept Active Directory users. Can Ranger locally create users as well?


Re: How to stop Ranger from creating users


Hi @Vishal Gupta,

To disable local user authentication in Ranger, you'll need to change authentication method under 'Ranger Settings' section from 'UNIX' to 'Active Directory'. You'll also need to provide other AD parameters. Please check this documentation link for complete configuration.

By default, Ranger Usersync will sync local users into Ranger database. You can change this behavior by changing 'Sync Source' under 'Ranger User Info' from 'UNIX' to 'LDAP/AD'. Please check this link for complete steps. Once Usersync is configured with AD, it will not sync & create local Unix users in Ranger database. Mind you that some local users are required for default Ranger policies to work properly.

Hope this helps !

Don't have an account?
Coming from Hortonworks? Activate your account here