[ https://issues.apache.org/jira/browse/HADOOP-10556?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13986462#comment-13986462 ]
Steve Loughran commented on HADOOP-10556: ----------------------------------------- this'll be done in an i18n manner, presumably? > Add toLowerCase support to auth_to_local rules for service name > --------------------------------------------------------------- > > Key: HADOOP-10556 > URL: https://issues.apache.org/jira/browse/HADOOP-10556 > Project: Hadoop Common > Issue Type: Improvement > Components: security > Affects Versions: 2.4.0 > Reporter: Alejandro Abdelnur > Assignee: Alejandro Abdelnur > > When using Vintela to integrate Linux with AD, principals are lowercased. If > the accounts in AD have uppercase characters (ie FooBar) the Kerberos > principals have also uppercase characters (ie FooBar/<HOST>). Because of > this, when a service (Yarn/HDFS) extracts the service name from the Kerberos > principal (FooBar) and uses it for obtain groups the user is not found > because via Linux the user FooBar is unknown, it has been converted to foobar. -- This message was sent by Atlassian JIRA (v6.2#6252)