I'm using setup as follows:
1. My Ranger is authenticated using knox via LDAP
2. Ranger is synced with LDAP - I can see users and groups in Ranger
3. Additionally I added a group (even tried with user) from LDAP and mapped with each permission in Ranger Permissions screen (by first disabling knox authentication, using admin user to login to Ranger GUI and then again enabling it).
However when I log in using an LDAP user who is mapped with all Ranger permissions; ranger still does not allow full rights to user (e.g. + icon for creating a repository is missing). Also this user does not see policies created by ranger user 'admin'
Since the access to ranger user named 'admin' is not available when I configure Ranger to do sso authentication with knox; I have no way to do administrative tasks in ranger, since none of the LDAP users (authenticated to ranger admin via knox-ldap) will have permission equivalant to ranger's internal user named 'admin'.
How can I configure Ranger to allow one group/user from LDAP to act as Ranger Admin's admin?