Cloudera Community
dsharma
user rank
user rank
Guru

Re: Hive UDFs restrictions in Ranger

by Guru Guru in Support Questions
‎08-28-2017 07:01 AM
3 Kudos
‎08-28-2017 07:01 AM
3 Kudos
Jiri Novak which release is this ? can you please check if you are hiting this issue RANGER-1631 ... View more

Re: Ranger: Access denied for user 'rangeradmin'@'...

by Guru Guru in Support Questions
‎07-27-2017 11:43 AM
1 Kudo
‎07-27-2017 11:43 AM
1 Kudo
did you replace the correct password and host in the command? ... View more

Re: Ranger: Access denied for user 'rangeradmin'@'...

by Guru Guru in Support Questions
‎07-27-2017 06:26 AM
1 Kudo
‎07-27-2017 06:26 AM
1 Kudo
can you please try following command on your database: GRANT ALL ON *.* TO 'rangeradmin'@'localhost' identified by "<rangeradmin_password>" WITH GRANT OPTION; flush privileges; and then restart the ranger Note: another thing it is better to provide root credentials , then at the time of installation it will connect through root and will take care of doing creation of rangeradmin database and configuring it ... View more

Re: Ranger AD usersync : ERROR UserGroupSync [Unix...

by Guru Guru in Support Questions
‎07-14-2017 06:34 AM
1 Kudo
‎07-14-2017 06:34 AM
1 Kudo
can you please post the configuration that you gave in ranger usersync config ? did you specify ldap/ldaps protocol and correct port while configuring usersync ... View more

Ranger : one policy for all common resources

by Guru Guru in Community Articles
‎06-27-2017 10:11 AM
2 Kudos
‎06-27-2017 10:11 AM
2 Kudos
Background: when it comes to rely completely on ranger, and if you are specific about configuring authorization for a resource to an end user then you have to create one policy for each resource. There should be a way to configure a policy that provide access to specific resources based on the User who is making call. Soultion: {USER} Support: {USER} support solves this problem , It allows us to create a policy where we can configure resource as {USER} Eg. /user/{USER} and select user also as {USER}. that means all users will get access of their corresponding home directory. Eg. Hdfs: resource: /user/{USER} user1 will have access to /user/user1 user2 will have access to /user/user2 Hive: resource: database:database_{USER} user1 will have access to database database_user1 user2 will have access to database database_user2 resource may contrain {USER} partially or fully. delimiter can be customised also , Steps to configure {USER}: 1) go to ranger admin, and create policy page, there on resource give {USER} as input. 2) in user type {USER} and {USER} will populate , just select it and add the policy more details can be found at https://cwiki.apache.org/confluence/display/RANGER/Support+for+%24username+variable. ... View more
Labels:

Re: Set {USER} user in Ranger policy?

by Guru Guru in Support Questions
‎05-12-2017 10:12 AM
2 Kudos
‎05-12-2017 10:12 AM
2 Kudos
which HDP version are you using because this feature is being supported in latest release only and we can add it something like this in screenshot ... View more

Re: Ambari REST API list components with Stale con...

by Guru Guru in Support Questions
‎05-09-2017 04:32 AM
1 Kudo
‎05-09-2017 04:32 AM
1 Kudo
can you try this: http://host_name:8080/api/v1/clusters/test_cluster/host_components?HostRoles/stale_configs=true&fields=HostRoles/service_name,HostRoles/state,HostRoles/host_name,HostRoles/stale_configs,&minimal_response=true ... View more

Re: Authentication Issue in Apache Knox ldap

by Guru Guru in Support Questions
‎04-03-2017 11:53 AM
1 Kudo
‎04-03-2017 11:53 AM
1 Kudo
@rahul gulati this is how I connect to hive via knox through beeline: beeline --silent=true -u "jdbc:hive2://<knox_host>:8443/;ssl=true;sslTrustStore=/usr/hdp/current/knox-server/data/security/keystores/gateway.jks;trustStorePassword=knoxsecret;transportMode=http;httpPath=gateway/default/hive;hive.server2.use.SSL=true" -d org.apache.hive.jdbc.HiveDriver -n sam -p sam-password and there are few references too: https://cwiki.apache.org/confluence/display/KNOX/Examples+Hive https://community.hortonworks.com/questions/16887/beeline-connect-via-knox-ssl-issue.html ... View more

Re: Authentication Issue in Apache Knox ldap

by Guru Guru in Support Questions
‎04-03-2017 11:13 AM
1 Kudo
‎04-03-2017 11:13 AM
1 Kudo
one more thing did you restart the ldap after adding the user ? , because i am able to use the user the way you added it , just make sure you restart the ldap server after adding new user in user.ldif ... View more

Re: Authentication Issue in Apache Knox ldap

by Guru Guru in Support Questions
‎04-03-2017 10:52 AM
1 Kudo
‎04-03-2017 10:52 AM
1 Kudo
rahul gulati , are you able to do ldap search for that user? , this is the issue with user addition , it seems user is not added to the ldap , just run ldap search for this user and confirm if it is added properly and what is the command you are running from knox ? , you need to provide username and password while running it from knox, curl -u steve:steve-password ... View more
Contact Me
Online
Offline
Last Visited
‎05-18-2021 01:54 PM
Community Statistics
Member Since ‎10-19-2015 10:55 AM
Last Visited ‎05-18-2021 01:54 PM
Posts 279
Kudos received 339