Yep. I had to setup SSSD on the machines running Ranger & hiveserver2 (used the following articles for help)
Also you need to make sure that all your group configs in Ranger are 100% accurate and correlate with your AD.
In Ranger don't forget to switch on "Enable Group Sync".
Hi @Adi Jabkowsky , I am also facing the issue related to the policy on group. I have sync the users/groups from LDAP server. The ranger policy is working correct with users, but not with groups.
Hi @Anjali Shevadkar
Please make sure
1. SSSD is configured and running.
2. The user for which group is not working DOES NOT exist in the server as a local user (check /etc/passwd)
In order to check if sssd is running run "id <username>" on the machine in which hiverserver2 is running.
You should see all of the AD groups that belong to that user, if not - then sssd is not configured correctly.
Good luck !
And what to do, if not? I tried to check lowercase option in Ranger, but no lock. Btw, my usr exists on server. Why is this a problem? Could @DOMAIN be the problem after the groups using th id command? Or it doesn't matter.