Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

Ranger 1.2 Usersync Bad Credentials

Ranger 1.2 Usersync Bad Credentials

New Contributor

Ranger 1.2 on HDP 3.1

The usersync process is able to connect to LDAP, pull down expected users. When the usersync attempts to connect to Ranger to add/update those new LDAP users, throws error.


usersync.log shows:

ERROR LdapUserGroupBuilder [UnixUserSyncThread] - sink.addOrUpdateUser failed with exception null, for user: hdfs, groups: [hdfs,hadoop] (and all users for that matter)

WARN PolicyMgrUserGroupBuilder [UnixUserSyncThread] Credentials response from ranger is 401


The xa_portal.log from Ranger Admin shows:

[http-bio-6080-exec-4] INFO org.apache.ranger.security.handler.RangerAuthenticationProvider (RangerAuthenticationProvider.java:148) - Authentication with SHA-256 failed. Now trying with MD5.

[http-bio-6080-exec-4] INFO org.apache.ranger.security.listener.SpringEventListener (SpringEventListener.java:86) - Login Unsuccessful:rangerusersync | Ip Address x.x.x.x | Bad Credentials

When I login to the Ranger UI with user "rangerusersync" with the known password, I can log in without issue.

Where is it getting (or rather not getting) the credentials for "rangerusersync" after getting the LDAP users successfully when trying to load to Ranger?

Don't have an account?
Coming from Hortonworks? Activate your account here