I am using CDH 5.14.2 and the cluster is kerberized(integrated with LDAP). After enabling sentry I am unable to create roles using beeline or hue web UI.
For hadoop groups "shell based group mapping is used". I am getting below error in Sentry server:
Please ensure that the hue, hive, impala, hue, solr, kakfa, and hbase group have not been removed from sentry.service.admin.group, and that the hue, hive, impala, hue, hdfs, solr, kakfa, and hbase users have not been removed in sentry.service.allow.connect. This is often the cause of the "Connection to sentry service denied due to lack of client credentials" exception. Please see the following documentation:
Robert Justice, Technical Resolution Manager