Support Questions

Find answers, ask questions, and share your expertise
Announcements
Celebrating as our community reaches 100,000 members! Thank you!

Unable to login in Ranger UI with Active Directory user

avatar
Rising Star

Hi, I am trying to login into Ranger UI with active directory users but I am not able to. However, I am able to login with default username:password - admin:admin. The error that I get when I try to login with an AD user is : "The username or password you entered is incorrect".

Also, I am able to successfully sync AD users in Ranger, i.e, I am able to see AD users in Users/Groups tab. That means, I am guessing whatever configurations I have done are correct. I think I am missing some configuration for UI login.

I am using Ambari version 2.2.2.0 and HDP version 2.4.3

Please suggest some solution.

Thanks.

1 ACCEPTED SOLUTION

avatar
Master Mentor
hide-solution

This problem has been solved!

Want to get a detailed solution you have to login/registered on the community

Register/Login
6 REPLIES 6

avatar
Master Mentor

@Pooja Kamle

Then I think you missed to toggle the Ranger Authentication to AD as shown in the attached screenshot

Ambari UI--->Ranger--->Configs--->Advanced--->AD

Revert

ad-ranger2.png

avatar
Rising Star

Hi @Geoffrey Shelton Okot

I have the proper settings. The authentication method is toggled to AD only.

Actually, I am getting following error when I try to login with an AD user.

error: "The username or password you entered is incorrect"

avatar
Master Mentor
hide-solution

This problem has been solved!

Want to get a detailed solution you have to login/registered on the community

Register/Login

avatar
Rising Star

Hi @Geoffrey Shelton Okot

I set my UsearSearchFilter as sAMAccountName={0}. With this I am able to login with AD user. But, I can't see anything in the UI other than Access Manager tab. I am not sure how these permissions are set. Can you please provide some more information on this?

avatar
Master Mentor

@Pooja Kamle

That's is the desired presentation for a normal user. Unless you want your AD user(s) to have admin rights which will imply that your AD user can basically do anything in Ranger, delete,update etc which I don't think is your target.

You can you log out from your AD account and log on using admin/admin then under

Ranger_UI -->Settings---User under User List search for your AD user and change the role to Admin

Logout of admin account and log in using your AD user you will see that you have access to all the tabs.

Hope that answers you.

avatar
Rising Star

@Geoffrey Shelton Okot, Yes, that answers my doubt. Thank you so much for your response.