Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Announcements
Celebrating as our community reaches 100,000 members! Thank you!

Who agreed with this topic

Ranger 1.2 Usersync Bad Credentials

Labels:
avatar
author-rank ryanth9893
New Contributor

Created ‎07-26-2019 12:53 PM

Ranger 1.2 on HDP 3.1

The usersync process is able to connect to LDAP, pull down expected users. When the usersync attempts to connect to Ranger to add/update those new LDAP users, throws error.


usersync.log shows:

ERROR LdapUserGroupBuilder [UnixUserSyncThread] - sink.addOrUpdateUser failed with exception null, for user: hdfs, groups: [hdfs,hadoop] (and all users for that matter)

WARN PolicyMgrUserGroupBuilder [UnixUserSyncThread] Credentials response from ranger is 401


The xa_portal.log from Ranger Admin shows:

[http-bio-6080-exec-4] INFO org.apache.ranger.security.handler.RangerAuthenticationProvider (RangerAuthenticationProvider.java:148) - Authentication with SHA-256 failed. Now trying with MD5.

[http-bio-6080-exec-4] INFO org.apache.ranger.security.listener.SpringEventListener (SpringEventListener.java:86) - Login Unsuccessful:rangerusersync | Ip Address x.x.x.x | Bad Credentials

When I login to the Ranger UI with user "rangerusersync" with the known password, I can log in without issue.

Where is it getting (or rather not getting) the credentials for "rangerusersync" after getting the LDAP users successfully when trying to load to Ranger?

2,057
0 Kudos
2
Who agreed with this topic