@apmmahesh  I see one issue with your shared authorizers.xml configuration. The file loads the various providers from the top down, so it is VERY important that if a provider has a dependency on another provider that the provider it is dependent on is loaded first. So in your authorizers.xml has the following loading order: file-access-policy-provider --> file-user-grouo-provider --> managed-authorizer The problem here is that the file-access-policy provider is dependent on the file-user-group-provider which has not been loaded yet. so it will not set default policies correctly when generating the authorizations.xml file. Move the file-access-policy-provider between fie-user-group-provider (top of authorizers.xml) and managed-authorizer (bottom of authorizers.xml).   Second issue is that you have properties "Initial Admin Identity 1" and "Initial Admin Identity 2"  properties in your file-access-policy-provider.  These are not real properties. You can only specify one "Initial Admin Identity" in the file-access-policy-provider.  These unexpected property names would just be ignored. Third issue is that you need to not only specify your "Initial Admin Identity" in the file-access-policy-provider, but also need to make sure that the same user identity string is being defined in the "file-user-group-provider as another "initial User Identity <num>".  NiFi can't seed policies for a user Identity it does know about. Also keep in mind that changes to authorizers.xml file-access-policy-provider and file-access-policy-provider configuration will not result in modification of existing users.xml and authorizations.xml files.  You'll need to remove these so that new are created on startup of NiFi.   Now if you can already login with your "CN=Admin, OU=NiFi" certificate and at time of that setup the users.xml and authorizations.xml was created correctly, you can use this admin user to access "users" from global menu in NiFi and add your additional user "xyz123" and then set policies you want user xyz123 to have.   If you found that the provided solution(s) assisted you with your query, please take a moment to login and click Accept as Solution below each response that helped. Thank you, Matt ... View more

@apmmahesh  Make sure that the nifi.properties file on all nodes is configured the same. Make sure that the "nifi.cluster.protocol.is.secure" property is set to true on all the nodes. Matt ... View more