Cloudera Community

Community Articles

Find and share helpful community-sourced technical articles.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Announcements
Celebrating as our community reaches 100,000 members! Thank you!

Ranger UI internal user's password change using REST api.

Labels (1)
Labels:
avatar
author-rank rpathak author-rank
Guru

Created on ‎05-25-2017 07:52 PM

Currently ranger does not support defining password of default admin users(rangerusersync and rangertagsync) during installation. This is a security concern if you miss to update the password post installation as default password for these users is same as username, thereby compromising admin access to ranger. There is plan to address this in future HDP release by allowing to define the passwords for admin users during installation, however for the time being below workaround can be used to enforce password policy. Once ranger installation is successful one can use below rest api get and put command to change the password of any user. This is helpful in case of automated cluster installation using ambari blueprint. To change the password of the user first get the user details using below call:

curl -s -u admin:admin -H "Accept: application/json" -H "Content-Type: application/json" -X GET http://h2.openstacklocal:6080/service/xusers/users/2

You will get something like this.

{"id":2,"createDate":"2017-05-24T17:36:49Z","updateDate":"2017-05-25T08:09:25Z","owner":"Admin","updatedBy":"Admin","name":"rangerusersync","firstName":"rangerusersync","lastName":"","password":"*******","description":"rangerusersync","groupIdList":[],"groupNameList":[],"status":1,"isVisible":1,"userSource":0,"userRoleList":["ROLE_SYS_ADMIN"]}

Now send the PUT request with the above information after setting required password as give below:

curl -iv -u admin:admin -X PUT -H "Accept: application/json" -H "Content-Type: application/json" http://h2.openstacklocal:6080/service/xusers/secure/users/2 -d  '{"id":2,"createDate":"2017-05-24T17:36:49Z","updateDate":"2017-05-25T08:09:25Z","owner":"Admin","updatedBy":"Admin","name":"rangerusersync","firstName":"rangerusersync","lastName":"","password":"Password@123","description":"rangerusersync","groupIdList":[],"groupNameList":[],"status":1,"isVisible":1,"userSource":0,"userRoleList":["ROLE_SYS_ADMIN"]}'

PS : To change password of keyadmin user, use keyadmin credentials in REST api call. Thanks @Ronak bansal for testing this.

1,819 Views
Announcements
Product Announcements
[ANNOUNCE] Cloudera on Public Cloud Runtime 7.2.18 is GA!
What's New @ Cloudera
Cloudera Operational Database (COD) supports enhancements to...
Community Announcements
March 2024 Community Highlights
Community Announcements
Celebrating 100,000 Members: A Journey of Growth and Connect...
Product Announcements
[ANNOUNCE] New Cloudera JDBC Connector for Apache Hive 2.6.2...
View More Announcements
Version history
Last update:
‎05-25-2017 07:52 PM
Updated by:
Guru Guru
Contributors