This article includes manual steps to be performed, if a cluster is setup with Hdfs, Ranger and Ranger KMS services and Ranger service is syncing users from LDAP/AD and Hadoop group mapping is configured using SSSD. Steps provided will help Ranger KMS service to resolve groups with spaces or no name as same as in Hadoop.
To resolve groups with spaces or no name, Ranger KMS process should have access to hadoop native library path for using JniBasedUnixGroupsMapping class.
Steps for Ambari 2.6.x version:
Create a sh file in Ranger KMS conf directory which will specify -Djava.library.path.
vim /usr/hdp/current/ranger-kms/conf/
Add below content and save file.
Directly specify -Djava.library.path in Configs section of Ranger KMS from Ambari. Go to Ranger KMS > Configs > Advanced section > Advanced kms-env section > kms-env template, add below line