Cloudera Community
tarekabouzeid91
user rank
Expert Contributor

Re: Issue with queues in HDP 3.1.4

by Contributor in Support Questions
‎07-12-2021 01:59 AM
‎07-12-2021 01:59 AM
@tarekabouzeid91 wrote: I assume you are using Capacity scheduler not fair scheduler. that's why queues wont take available resources from other queues, you can read more regarding that here Comparison of Fair Scheduler with Capacity Scheduler | CDP Public Cloud (cloudera.com) .  Yes I am using Capacity scheduler. yarn.resourcemanager.scheduler.class = org.apache.hadoop.yarn.server.resourcemanager.scheduler.capacity.CapacityScheduler ... View more

Re: CDP Ranger permissions creation script

by Expert Contributor in Support Questions
‎06-30-2021 11:43 PM
‎06-30-2021 11:43 PM
You can replace the sentry part of your script with Apache ranger API to create/update/delete ranger policies, example here Ranger RestAPIs for Creating, Updating, Deleting, and Searching Policies in Big SQL - Hadoop Dev (ibm.com) ... View more

Re: sqoop jdbc error sandbox hortonwork

by Expert Contributor in Support Questions
‎06-30-2021 07:34 AM
‎06-30-2021 07:34 AM
Make sure that you are using the oracle jdbc driver version which is compatible with the oracle db version you are connecting to  ... View more

Apache Ranger LDAP / LDAPS configuration

by Expert Contributor in Community Articles
‎06-07-2021 11:09 PM
‎06-07-2021 11:09 PM
Following are the configurations for connecting Apache Ranger with LDAP/LDAPS. There's an important tool that will help identify some settings in your AD AD Explorer - Windows Sysinternals | Microsoft Docs. This configuration will sync LDAP users and link them with their LDAP groups every 12 hours, so later from Apache Ranger, you can give permission based on LDAP groups as well. For connecting using LDAPS, ensure you have the proper certificates added in the same server that contains the Ranger's UserSync service. Configuration Name Configuration Value Comment ranger.usersync.source.impl.class org.apache.ranger.ldapusersync.process.LdapUserGroupBuilder   ranger.usersync.sleeptimeinmillisbetweensynccycle 12 hour   ranger.usersync.ldap.url ldaps://myldapserver.example.com ldaps or ldap based on your LDAP security ranger.usersync.ldap.binddn myuser@example.com   ranger.usersync.ldap.ldapbindpassword mypassword   ranger.usersync.ldap.searchBase OU=hadoop,DC=example,DC=com You can browse your AD and check which OU you want to make Ranger sync ranger.usersync.ldap.user.searchbase OU=hadoop2,DC=example,DC=com;OU=hadoop,DC=example,DC=com You can browse your AD and check which OU you want to make Ranger sync, you can also add 2 OU and separate them with ; ranger.usersync.ldap.user.objectclass user double-check the same  ranger.usersync.ldap.user.searchfilter (memberOf=CN=HADOOP_ACCESS,DC=example,DC=com) if you want to filter specific users to be synced in Ranger and not your entire AD ranger.usersync.ldap.user.nameattribute sAMAccountName double-check the same ranger.usersync.ldap.user.groupnameattribute memberOf double check the same ranger.usersync.user.searchenabled true   ranger.usersync.group.searchbase OU=hadoop,DC=example,DC=com You can browse your AD and check which OU you want to make Ranger sync ranger.usersync.group.objectclass group double-check the same ranger.usersync.group.searchfilter (cn=hadoop_*) if you want to sync specific groups not all AD groups ranger.usersync.group.nameattribute cn double-check the same ranger.usersync.group.memberattributename member double-check the same ranger.usersync.group.search.first.enabled true   ranger.usersync.truststore.file /path/to/truststore-file   ranger.usersync.truststore.password TRUST_STORE_PASSWORD     Here is a helpful link on how to construct complex LDAP search queries. Search Filter Syntax - Win32 apps | Microsoft Docs   Disclaimer from Cloudera: This article is contributed by an external user. Steps/ Content may not be technically verified by Cloudera and may not be applicable for all use cases and specifically to a particular distribution. Follow with caution and own risk. If needed, raise a support case to get the confirmation. ... View more

Re: Ranger User sync not able to sync users while ...

by Expert Contributor in Support Questions
‎05-26-2021 04:57 AM
‎05-26-2021 04:57 AM
Hi,   Below are configuration for connecting Apache Ranger with LDAP/LDAPS. There's an important tool that will help to identify some settings in your AD AD Explorer - Windows Sysinternals | Microsoft Docs  This configuration will sync LDAP users and link them with their LDAP groups every 12 hour, so you later from Apache Ranger you can give permission based on LDAP groups as well.   For connecting using LDAPS, make sure you have the proper certificates added in the same server that contains the Ranger's UserSync service.   Configuration Name Configuration Value Comment ranger.usersync.source.impl.class org.apache.ranger.ldapusersync.process.LdapUserGroupBuilder   ranger.usersync.sleeptimeinmillisbetweensynccycle 12 hour   ranger.usersync.ldap.url ldaps://myldapserver.example.com ldaps or ldap based on your LDAP security ranger.usersync.ldap.binddn myuser@example.com   ranger.usersync.ldap.ldapbindpassword mypassword   ranger.usersync.ldap.searchBase OU=hadoop,DC=example,DC=com you can browse your AD and check which OU you want to make Ranger sync ranger.usersync.ldap.user.searchbase OU=hadoop2,DC=example,DC=com;OU=hadoop,DC=example,DC=com you can browse your AD and check which OU you want to make Ranger sync, you can also add 2 OU and separate them with ; ranger.usersync.ldap.user.objectclass user double check the same  ranger.usersync.ldap.user.searchfilter (memberOf=CN=HADOOP_ACCESS,DC=example,DC=com) if you want to filter specific users to be synced in ranger and not your entire AD ranger.usersync.ldap.user.nameattribute sAMAccountName double check the same ranger.usersync.ldap.user.groupnameattribute memberOf double check the same ranger.usersync.user.searchenabled true   ranger.usersync.group.searchbase OU=hadoop,DC=example,DC=com you can browse your AD and check which OU you want to make Ranger sync ranger.usersync.group.objectclass group double check the same ranger.usersync.group.searchfilter (cn=hadoop_*) if you want to sync specific groups not all AD groups ranger.usersync.group.nameattribute cn double check the same ranger.usersync.group.memberattributename member double check the same ranger.usersync.group.search.first.enabled true   ranger.usersync.truststore.file /path/to/truststore-file   ranger.usersync.truststore.password TRUST_STORE_PASSWORD       There's some helpful links about how to construct complex LDAP search queries Search Filter Syntax - Win32 apps | Microsoft Docs   Best Regards,  ... View more

Re: Error Connecting Sqoop to MySQL

by Expert Contributor in Support Questions
‎02-26-2021 07:31 AM
‎02-26-2021 07:31 AM
Hi,   can you check the mysql driver version compatibility with your mysql server version ? MySQL :: MySQL Connector/J 8.0 Developer Guide :: 2 Connector/J Versions, and the MySQL and Java Versions They Require , That particular error from your logs : com.mysql.jdbc.exceptions.jdbc4.MySQLNonTransientConnectionException: Could not create connection to database server. java.lang.RuntimeException: com.mysql.jdbc.exceptions.jdbc4.MySQLNonTransientConnectionException: Could not create connection to database server. Then you might need to use different version of mysql driver thats compatible with your mysql server.   Best Regards,  ... View more

Re: Trouble installing Ranger

by Expert Contributor in Support Questions
‎02-26-2021 07:13 AM
‎02-26-2021 07:13 AM
Hi,   can you share the Ranger logs? they should contain the exact error messages .   Best Regards,  ... View more

Re: Nifi processors freeze

by Expert Contributor in Support Questions
‎02-26-2021 07:08 AM
2 Kudos
‎02-26-2021 07:08 AM
2 Kudos
Hi,   you can check your Nifi resources, specifically the Java Heap size found in "bootstrap.conf" file and increase that, please check this for Nifi performance best practices HDF/CFM NIFI Best practices for setting up a high ... - Cloudera Community .    Best Regards, ... View more

Re: Running into errors accessing hive

by Expert Contributor in Support Questions
‎02-26-2021 07:02 AM
1 Kudo
‎02-26-2021 07:02 AM
1 Kudo
Hi,   As you previously had a version of hive in same machine and the error here is referring to hive metastore then its probably due to old config from the old hive installation "/etc/hive/conf".    Best Regards,  ... View more

Re: Spark Streaming save output to mysql DB

by New Contributor in Support Questions
‎02-09-2021 11:19 PM
‎02-09-2021 11:19 PM
same query how to use writestream.jdbc in pyspark? ... View more
Contact Me
Online
Offline
Last Visited
‎10-12-2021 03:27 AM
Community Statistics
Member Since ‎02-09-2015 12:35 AM
Last Visited ‎10-12-2021 03:27 AM
Posts 95
Kudos received 8