Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

How to view the AD user groups that are available on the cluster with 3 master and 4 datanodes

How to view the AD user groups that are available on the cluster with 3 master and 4 datanodes

Explorer

we are on CDH 5.7.1, kerberos configured, users able to pull kerberos tickets and perform hdfs functions. but there are some issues, not yet enabled sentry security user role based authentication. there are some gaps.

 

Is there a rule to have specific set of Ad groups created on hadoop cluster ldap config?

 

I login to cluster as sudo user, need to know what are the steps to view what Ad groups are configured on the box.

 

Thanks a lot for the helpful info.

 

 

1 REPLY 1
Highlighted

Re: How to view the AD user groups that are available on the cluster with 3 master and 4 datanodes

Champion
As for a rule for AD groups. If you set up LDAP for Hadoop this you should have set a base DN and user and group filters. This determines what is available from AD for Hadoop.

The 'hdfs groups' command. It will return the groups identified for the current users. You can specify the username at the end to check a specific user.

Warning: I and Cloudera do not recommend using Hadoop LDAP. It is better to integrate LDAP at the OS level using sssd, VAS/QAS, Centrify, etc.