While running Ranger dba_script.py - with DB Host value as database server name failing to connect. [root@prd002 ranger-admin]# export JAVA_HOME=/usr/java/default [root@prd002 ranger-admin]# export JRE_HOME=$JAVA_HOME/jre [root@prd002 ranger-admin]# export PATH=$JAVA_HOME/bin:$PATH [root@prd002 ranger-admin]# python dba_script.py -q -d RangerDBerr.sql 2015-11-18 16:50:13,595 [I] File RangerDBerr.sql is available. 2015-11-18 16:50:13,595 [I] Running DBA setup script. QuiteMode:True 2015-11-18 16:50:13,595 [I] Using Java:/usr/java/default/bin/java 2015-11-18 16:50:13,595 [I] DB FLAVOR:ORACLE 2015-11-18 16:50:13,595 [I] DB Host:dbserver.com 2015-11-18 16:50:13,596 [I] Dry run mode:True 2015-11-18 16:50:13,596 [I] Logging DBA Script in file:RangerDBerr.sql 2015-11-18 16:50:13,596 [I] Checking connection SQLException : SQL state: 08006 java.sql.SQLRecoverableException: IO Error: The Network Adapter could not establish the connection ErrorCode: 17002 2015-11-18 16:50:13,880 [E] Can't establish connection,Change configuration or Contact Administrator!! ... View more

As Hive user beeline unable to connect Hiveserver2, receiving ranger permissions error. Unable to disable Hive ranger plugin security to none. Ambari failing to save new status with following error: 16 Nov 2015 15:20:52,270 INFO [qtp-client-223] StackAdvisorRunner:71 - advisor script stderr: 16 Nov 2015 15:22:42,245 INFO [qtp-client-232] PersistKeyValueService:82 - Looking for keyName user-pref-admin-dashboard ... View more

Is Solr/Solr cloud is must to access Ranger audit access logs? Any referrence document to configure audit access logs from Oracle DB 12C backend. Environment with Ambari 2.1.2 and HDP-2.3.2.0-2950 ... View more

ENV: Ambari 2.1.2, Ranger:0.5.0.2.3 HDFS/HIVE plugin configured, tried Audit logs to HDFS and changed to DB(Oracle 12c) /var/log/ranger/admin/xa_portal.log reports following error. 2015-11-06 15:30:05,987 [http-bio-6080-exec-3] INFO org.apache.ranger.common.RESTErrorUtil (RESTErrorUtil.java:311) - Operation error. response=VXResponse={org.apache.ranger.view.VXResponse@2a7e763statusCode={1} msgDesc={Error running query} messageList={[VXMessage={org.apache.ranger.view.VXMessage@6d64c8e4name={ERROR_SYSTEM} rbKey={xa.error.system} message={System Error. Please try later.} objectId={null} fieldName={null} }]} } javax.ws.rs.WebApplicationException ... View more

Initial attempt to Add Ranger service to running HDP 2.3.2 cluster managed with Ambari 2.1.2 on Redhat 7.1, Oracle JDK 8 and Oracle 12C backend database for Ranger. ambari ranger DB test connection successful but failed to connect database @step 6 with following error. File "/usr/lib/python2.6/site-packages/resource_management/core/shell.py", line 291, in _call raise Fail(err_msg) resource_management.core.exceptions.Fail: Execution of 'python /usr/hdp/current/ranger-admin/dba_script.py -q' returned 1. 2015-11-04 11:46:19,927 [I] Running DBA setup script. QuiteMode:True 2015-11-04 11:46:19,927 [I] Using Java:/usr/java/default/bin/java 2015-11-04 11:46:19,927 [I] DB FLAVOR:ORACLE 2015-11-04 11:46:19,927 [I] DB Host:roadrunner.example.com 2015-11-04 11:46:19,927 [I] ---------- Creat ing Ranger Admin db user ---------- 2015-11-04 11:46:19,927 [I] Checking connection SQLException : SQL state: 08006 java.sql.SQLRecoverableException: IO Error: The Network Adapter could not establish the connection ErrorCode: 17002 2015-11-04 11:46:20,196 [E] Can't establish connection,Change configuration or Contact Administrator!!Following procedure and followed to re-add ranger service.1) curl -i -uadmin:admin -H "X-Requested-By: ambari" -d '{"HostRoles": { "state": "UNKNOWN"}}' -X DELETE "http://hdpqa001.example.com:8080/api/v1/clusters/hdpclu/services/RANGER"; HTTP/1.1 200 OK User: admin Set-Cookie: AMBARISESSIONID=1aul0secz52361k6uhu9akhjbd;Path=/;HttpOnly Expires: Thu, 01 Jan 1970 00:00:00 GMT Content-Type: text/plain Content-Length: 0 Server: Jetty(8.1.17.v20150415)2) Ambari add Ranger service wizard.------ Multiple attempts failed at stage 6 with a error popup "server error"What is best approach to cleanup and add Ranger service. Or Any debug options to collect Add service process logs to understand error. ... View more

How to change SamAccountName : $K5V500-1ET1B4KFE6C4 to username storm-poc. Ambari 2.1.2 enable kerberos wizard created AD account SamAccountName : $K5V500-1ET1B4KFE6C4. Get-ADUser -Identity '$K5V500-1ET1B4KFE6C4' -Properties * AccountExpirationDate : accountExpires : 0 AccountLockoutTime : AccountNotDelegated : False AllowReversiblePasswordEncryption : False BadLogonCount : 0 badPasswordTime : 0 badPwdCount : 0 CannotChangePassword : False CanonicalName : ldap.customer.com/HDP/Domain Accounts/Service Accounts/storm-poc Certificates : {} City : CN : storm-poc codePage : 0 Company : Country : countryCode : 0 Created : 10/16/2015 12:54:07 PM createTimeStamp : 10/16/2015 12:54:07 PM Deleted : Department : Description : DisplayName : DistinguishedName : CN=storm-poc,OU=Service Accounts,OU=Domain Accounts,OU=HDP,DC=poc,DC=customer,DC=com Division : DoesNotRequirePreAuth : False dSCorePropagationData : {12/31/1600 7:00:00 PM} EmailAddress : EmployeeID : EmployeeNumber : Enabled : True Fax : GivenName : HomeDirectory : HomedirRequired : False HomeDrive : HomePage : HomePhone : Initials : instanceType : 4 isDeleted : LastBadPasswordAttempt : LastKnownParent : lastLogoff : 0 lastLogon : 130898381140333887 LastLogonDate : 10/16/2015 12:54:07 PM lastLogonTimestamp : 130894880477406005 LockedOut : False logonCount : 60159 LogonWorkstations : Manager : MemberOf : {} MNSLogonAccount : False MobilePhone : Modified : 10/16/2015 12:54:07 PM modifyTimeStamp : 10/16/2015 12:54:07 PM msDS-User-Account-Control-Computed : 0 Name : storm-poc nTSecurityDescriptor : System.DirectoryServices.ActiveDirectorySecurity ObjectCategory : CN=Person,CN=Schema,CN=Configuration,DC=poc,DC=customer,DC=com ObjectClass : user ObjectGUID : 6d7826eb-4729-4074-8e4a-3705c9adcd40 objectSid : S-1-5-21-568884682-143551100-1954249272-195764 Office : OfficePhone : Organization : OtherName : PasswordExpired : False PasswordLastSet : 10/16/2015 12:54:07 PM PasswordNeverExpires : True PasswordNotRequired : False POBox : PostalCode : PrimaryGroup : CN=Domain Users,CN=Users,DC=poc,DC=customer,DC=com primaryGroupID : 513 ProfilePath : ProtectedFromAccidentalDeletion : False pwdLastSet : 130894880476781969 SamAccountName : $K5V500-1ET1B4KFE6C4 sAMAccountType : 805306368 ScriptPath : sDRightsEffective : 15 ServicePrincipalNames : {} SID : S-1-5-21-568884682-143551100-1954249272-195764 SIDHistory : {} SmartcardLogonRequired : False State : StreetAddress : Surname : Title : TrustedForDelegation : False TrustedToAuthForDelegation : False UseDESKeyOnly : False userAccountControl : 66048 userCertificate : {} UserPrincipalName : storm-poc@ldap.customer.com uSNChanged : 9889735 uSNCreated : 9889732 whenChanged : 10/16/2015 12:54:07 PM whenCreated : 10/16/2015 12:54:07 PM ... View more