Support Questions

frank93 · ‎06-20-2017

Hi,

I have a strange problem. I have configured Ranger Usersync with AD and it works good. All groups, users and group membership are synced correctly. Problem scenario: user1 belongs to groups group1 and group2. When I create policy (no matter what kind of - hdfs, hive, hbase) for group1, user1 has access. But when I create policy for group2, user1 does not have access. Both groups are returned when I run "hdfs groups user1". In Ranger GUI user1 belongs to both groups. The cluster was Kerberized one week ago, and I do not remember if both groups were working before Kerberos. HDP2.5 and Ranger 0.6.0. This is not a sandbox cluster. There are no errors in ranger/usersync logs.

Do you have any ideas?

frank93 · ‎06-20-2017

The problem was with case conversion. I got firstly Upper case conversion for groups, then created some policies, then changed to none conversion, but in .json files were still appearing Upper case converted group names

View solution in original post

frank93 · ‎06-20-2017

The problem was with case conversion. I got firstly Upper case conversion for groups, then created some policies, then changed to none conversion, but in .json files were still appearing Upper case converted group names

bhanu_pamu · ‎05-28-2018

Can you specify the location of json files which needs to be checked.

Cloudera Community

Support Questions

Ranger policies not working for some groups