Support Questions
Find answers, ask questions, and share your expertise

LDAP User does not get full admin priviledges in Ranger


I'm using setup as follows:

1. My Ranger is authenticated using knox via LDAP

2. Ranger is synced with LDAP - I can see users and groups in Ranger

3. Additionally I added a group (even tried with user) from LDAP and mapped with each permission in Ranger Permissions screen (by first disabling knox authentication, using admin user to login to Ranger GUI and then again enabling it).

However when I log in using an LDAP user who is mapped with all Ranger permissions; ranger still does not allow full rights to user (e.g. + icon for creating a repository is missing). Also this user does not see policies created by ranger user 'admin'

Since the access to ranger user named 'admin' is not available when I configure Ranger to do sso authentication with knox; I have no way to do administrative tasks in ranger, since none of the LDAP users (authenticated to ranger admin via knox-ldap) will have permission equivalant to ranger's internal user named 'admin'.

How can I configure Ranger to allow one group/user from LDAP to act as Ranger Admin's admin?


Expert Contributor
@Prashant Chaudhari

Can you look at this JIRA Which version of Range are you using?


@spolavarapu Thanks for your response.

I tried this in Ranger version 0.7.1 (Apache) as well as in HDP2.6.1. I will try it on HDP2.6.3 (having Ranger 0.8 I think).

Take a Tour of the Community
Don't have an account?
Your experience may be limited. Sign in to explore more.