This article includes manual steps to be performed, if a cluster is setup with Hdfs, Ranger and Ranger KMS services and Ranger service is syncing users from LDAP/AD and Hadoop group mapping is configured using SSSD. Steps provided will help Ranger KMS service to resolve groups with spaces or no name as same as in Hadoop.
Article:
To resolve groups with spaces or no name, Ranger KMS process should have access to hadoop native library path for using JniBasedUnixGroupsMapping class.
Steps for Ambari 2.6.x version:
Create a sh file ranger-kms-env-javaopts.sh in Ranger KMS conf directory which will specify -Djava.library.path.
vim /usr/hdp/current/ranger-kms/conf/ranger-kms-env-javaopts.sh
Add below content and save ranger-kms-env-javaopts.sh file.
Directly specify -Djava.library.path in Configs section of Ranger KMS from Ambari. Go to Ranger KMS > Configs > Advanced section > Advanced kms-env section > kms-env template, add below line