@Nilesh This document will walk you through, you should be able to access Nifi using yoour AD account ... View more

@Chaitanya D HDP 2.6.x I just tried out the same command on my kerberized cluster it was successful see attached sqoop.jpg. $ sqoop import --connect jdbc:mysql://localhost/oozie --username oozie --password oozie --table BUNDLE_ACTIONS -m 1 --target-dir /user/oozie/sqoop_import/BUNDLE_ACTIONS/ Has the user root got a home directory in hdfs ? check using the below $ hdfs dfs -ls /user Otherwise, create one dummy directory or change the permsiions on the existing $ hdfs dfs -chmod 777 /user/hduser Then run your sqoop I added --class-name [force creating the customer_part] and customers3 to create a new file as you'd already created cusomer2 sqoop import--connect jdbc:mysql://localhost/localdb --username root --password mnbv@1234 --table customers -m 1 --class-name customers_part --target-dir /user/hduser/sqoop_import/customers3/ Please let me know ... View more

@Florin Miron This error might arise if you do not start namenode as hdfs user. Actually, you are trying to run it as root user but the file /hadoop/hdfs/namenode/in_use.lock is owned by hdfs user. Do not use sudo to start hadoop processess. Try to start it without sudo. Try this: su -l hdfs -c "/usr/hdp/current/hadoop-hdfs-namenode/../hadoop/sbin/hadoop-daemon.sh start namenode" Can you try that and revert ... View more

@suraj l Can you upload this log /data/log/nifi/nifi-user.log, meanwhile let me spin up a single node Nifi cluster and to try to reproduce your settings. Do you have some specific document or steps you followed? Please revert ... View more

@suraj l I see the below error in the logs INFO [NiFi Web Server-22] o.a.n.w.a.c.IllegalStateExceptionMapper java.lang.IllegalStateException: Kerberos ticket login not supported by this NiFi.. Returning Conflict response. Your setup looks kerberized did you configuring a Login Identity Provider that integrates with a Kerberos Key? <provider> <identifier>kerberos-provider</identifier> <class>org.apache.nifi.kerberos.KerberosProvider</class> <property name="Default Realm">NIFI.APACHE.ORG</property> <property name="Kerberos Config File">/etc/krb5.conf</property> <property name="Authentication Expiration">12 hours</property> </provider> With the above configuration, username/password authentication can be enabled by referencing this provider in nifi.properties. nifi.security.user.login.identity.provider=kerberos-provider In the Ranger UI your parameter Nifi Resource Identifier, I see you have put * which is open permissions the controlled valid options are /flow -----Allows users to view the user interface /controller /tenants /site-to-site /system /proxy /counters The guide linked correctly states that your NiFi must be configured to run securely (HTTPS) and have an authentication mechanism (user certificates. ldap, or kerberos) in place. Without a secure setup, all users who access the NiFi UI get in with anonymous access which gives all of them full access so all aspects of the NiFi UI. Remove the http configuration to prevent uncontrolled anonymous access in nifi.properties ... View more

@suraj l have you succeeded in giving your Nifi users UI access through ranger? If so well and good , I don't quite understand the next part of your question. "How to remove the anonymous user by getting default login. I have not given anonymous user in ranger policy." Can you elaborate ... View more

@Florin Miron Yeah that's quite disappointing the files you have attached are not exhaustive, can you upload the below files. /var/log/hadoop/hdfs/hadoop-hdfs-datanode-node.bigdata.com.log /var/log/ambari-server/ambari-server.log This could help in the diagnostics ... View more

@Fawze AbuJaber Don't give up as yet, just imagine it was a production cluster 🙂 Do you have a documentation you followed, I could compare it to my MIT kerberos HDP / AD integration setups and maybe find the discrepancy. Please revert. ... View more