@Sunil Neurgaonkar There are Global access policies and Component level access policies. The component level access policies are set against components (processors, input ports, output ports, Remote Process groups, etc...). There are no access policies for the icons in the tool bar used to create dataflows. Component level access policies can be assigned to process groups and sub process groups, or they can be assigned to specific components (processors, labels, input ports, output ports, Remote Process groups, etc...) If I am understanding you correctly, you want to control which dataflow building tools specific users have access to. correct? If so, that level of control does not exist. The assumption is that the admin user assigns different users the ability to view/modify only those users assigned process groups. Once they have modify on a process group, they will be able to use all the icons in the dataflow building toll bar to construct their dataflow. The only acception to that are components marked as restricted (this includes some processors and controller services) which would require the user to have been granted the global access policy to "access restricted components". The implementation of such granular control would be challenging to implement without significant changes in NiFi. Take the following template example: - Templates can contain process groups, sub-process groups, and controller services. What would the expect behavior be if a user tried to instantiate such a template on to the canvas? Fail all together because it contains components user (TEST1) is not authorized to create? Once a dataflow is created you can set component level access policies very granularly against specific components rather then against the process group they reside in. While this granular access control would limit a user to being able to view/modify the specific component, the user would not be able to add new components to the process group. Thanks, Matt ... View more

What policies did you authorize the new user for? A user will not be able to load the canvas if they don't at least have the "view the user interface" global access policies assigned to them. Thanks, Matt ... View more

@Sunil Neurgaonkar You should avoid hand editing the users.xml file. Let NiFi do that for you to avoid typos. Can you share what that new error is you are seeing? Thanks, Matt ... View more

@Sertac Kaya Glad you were able to get the performance improvement you were looking for by allowing your NiFi instance access to additional system threads. If this answer helped you get to your solution, please mark it as accepted. Thank you, Matt ... View more

The "sleep" command is a linux command. The command simply runs and waits the configured amount of time before exiting. Typically this command in linux is found under /usr/bin/sleep. I noticed above is missing the leading "/" . But if it is still not found, try searching your linux for it. It is installed as part of the linux "coreutils" rpm. Matt ... View more

@Jatin Kheradiya You have configured the nifi.properties file for your NiFi to use "FQDN_1". What does FQDN_1 resolve to on your NiFi instance? (public a.b.c.d or internal ip a1.b1.c1.d1) What processor are you configuring and how have you configured it? Can you provide screenshot? Thanks, Matt ... View more

@Sunil Neurgaonkar As a side note: No need to configure any of the TLS properties in your login-identity-providers.xml file. Since your authentication strategy is set to "SIMPLE", those property are all ignored and only the Manger DN and password are being used to connect to your LDAP. ... View more