Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Solved Go to solution

Ranger policies not working for some groups

Labels:
avatar
author-rank frank93
Super Collaborator

Created ‎06-20-2017 12:04 PM

Hi,

I have a strange problem. I have configured Ranger Usersync with AD and it works good. All groups, users and group membership are synced correctly. Problem scenario: user1 belongs to groups group1 and group2. When I create policy (no matter what kind of - hdfs, hive, hbase) for group1, user1 has access. But when I create policy for group2, user1 does not have access. Both groups are returned when I run "hdfs groups user1". In Ranger GUI user1 belongs to both groups. The cluster was Kerberized one week ago, and I do not remember if both groups were working before Kerberos. HDP2.5 and Ranger 0.6.0. This is not a sandbox cluster. There are no errors in ranger/usersync logs.

Do you have any ideas?

2,146 Views
0 Kudos
1 ACCEPTED SOLUTION

avatar
author-rank frank93
Super Collaborator

Created ‎06-20-2017 03:08 PM

The problem was with case conversion. I got firstly Upper case conversion for groups, then created some policies, then changed to none conversion, but in .json files were still appearing Upper case converted group names

View solution in original post

1,686 Views
2 REPLIES 2

avatar
author-rank frank93
Super Collaborator

Created ‎06-20-2017 03:08 PM

The problem was with case conversion. I got firstly Upper case conversion for groups, then created some policies, then changed to none conversion, but in .json files were still appearing Upper case converted group names

1,687 Views

avatar
author-rank bhanu_pamu
Contributor

Created ‎05-28-2018 01:56 PM

Can you specify the location of json files which needs to be checked.

1,686 Views
0 Kudos
Announcements
What's New @ Cloudera
Cloudera Data Engineering 1.23: Access Spark from Your Favor...
What's New @ Cloudera
HBase REST server scaling support is Generally Available
What's New @ Cloudera
New CLI option in the update-database command
What's New @ Cloudera
New Action menu item in the Cloudera Operational Database UI
What's New @ Cloudera
Get the list of supported instance types in the Cloudera Ope...
View More Announcements