Support Questions
Find answers, ask questions, and share your expertise

Kerberos principal is not mapping with local user.

Kerberos principal is not mapping with local user.


When I started the ranger user sync plugin, I noticed that Kerberos principal didn't map as configured in I have created the ranger user sync Keytab as below.


1) Created a user in the active directory. Let's say this user is Ranger123

2) Created a keytab using principal as "rangerusersync/<hostname>@EXAMPLE.COM. While creating this keytab, I mapped the user (created in step 1) as well.


3) In core-site.xml, I configured "" property as below.


Once the above steps are done, per my understanding, Ranger123 will be mapped to rangerusersync. I am saying this because of the rule we set up for rangerusersync in core-site.xml (step 3).

But, when I logged into policy manager, I am seeing the Ranger123 user is created which does not look correct to me.

Can you please help me, if I have done anything wrong or I missed any step?


Note: These steps are manual and didn't use Ambari.