Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Solved Go to solution

Ranger not Enable from HIVE

avatar
author-rank sujonict07
Explorer

Created on ‎05-04-2020 08:38 AM - last edited on ‎05-04-2020 12:58 PM by Community Manager Community Manager

When I enable the Ranger Service from HIVE in Cloudera Manager, it's getting an error like:

"Hive Impersonation is enabled for Hive Server2 role 'HiveServer2 (node1)'. Hive Impersonation should be disabled to enable Hive authorization using Ranger"

I want to access control from Ranger, But I cant 
Anybody, please help me.

1,283 Views
0 Kudos
1 ACCEPTED SOLUTION

avatar
author-rank ajinkyapatil author-rank
Contributor

Created ‎06-25-2020 05:14 PM

@sujonict07 

 

Can you try to disable the Hive impersonation?  If impersonation is enabled then all your hive queries will run as hive user and hive is super user for hive service which wouldn't be a good setup as you may want to restrict access to some users.

 

When you disable the hive impersonation then all queries will be submitted by the actual user and ranger will be able to provide the authorisation.

 

If it is enabled it doesn't make sense to use ranger.

 

Are you using CDP?

 

 

View solution in original post

1,238 Views
0 Kudos
1 REPLY 1

avatar
author-rank ajinkyapatil author-rank
Contributor

Created ‎06-25-2020 05:14 PM

@sujonict07 

 

Can you try to disable the Hive impersonation?  If impersonation is enabled then all your hive queries will run as hive user and hive is super user for hive service which wouldn't be a good setup as you may want to restrict access to some users.

 

When you disable the hive impersonation then all queries will be submitted by the actual user and ranger will be able to provide the authorisation.

 

If it is enabled it doesn't make sense to use ranger.

 

Are you using CDP?

 

 

1,239 Views
0 Kudos
Announcements
What's New @ Cloudera
Cloudera Data Engineering 1.23: Access Spark from Your Favor...
What's New @ Cloudera
HBase REST server scaling support is Generally Available
What's New @ Cloudera
New CLI option in the update-database command
What's New @ Cloudera
New Action menu item in the Cloudera Operational Database UI
What's New @ Cloudera
Get the list of supported instance types in the Cloudera Ope...
View More Announcements