[
https://issues.apache.org/jira/browse/HADOOP-10556?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13986462#comment-13986462
]
Steve Loughran commented on HADOOP-10556:
-----------------------------------------
this'll be done in an i18n manner, presumably?
> Add toLowerCase support to auth_to_local rules for service name
> ---------------------------------------------------------------
>
> Key: HADOOP-10556
> URL: https://issues.apache.org/jira/browse/HADOOP-10556
> Project: Hadoop Common
> Issue Type: Improvement
> Components: security
> Affects Versions: 2.4.0
> Reporter: Alejandro Abdelnur
> Assignee: Alejandro Abdelnur
>
> When using Vintela to integrate Linux with AD, principals are lowercased. If
> the accounts in AD have uppercase characters (ie FooBar) the Kerberos
> principals have also uppercase characters (ie FooBar/<HOST>). Because of
> this, when a service (Yarn/HDFS) extracts the service name from the Kerberos
> principal (FooBar) and uses it for obtain groups the user is not found
> because via Linux the user FooBar is unknown, it has been converted to foobar.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
