I asked around on the Ranger mailing list, but was unable to find a solution to my problem.
I’m currently running HDP-220.127.116.11 / Ranger – 0.6.0 and have
Ranger Usersync setup and running with Active Directory.
(I've been informed that usersync and Ranger-Admin are two different setups / connections to AD, so this isn't particularly helpful).
My problem is that AD users that come in from usersync are unable to login to the Ranger Admin UI.
I get “Wrong Password” messages in
the Ranger Audit > Login Sessions when I try to login with my Active
Directory account. (I modified my account to be an “Admin” Role following
the initial import from usersync)
So far I've been able to troubleshoot down to a possible issue with the Ranger-Admin keystore, so now I’m looking for the location for the correct keystore where I
would import my certificate from AD for Ranger-Admin.
Is this the correct location:
It seems like the jceks file associated with that,
rangeradmin.jceks, has a blank password. Do you know where I would
configure that password?
I've considered exporting the keys, configuring a new keystore with a password and re-importing, but my concern is: how would Ranger-Admin know the password?
Hopefully I've explained my problem coherently. Please let me know if anyone needs more clarification.