[
https://issues.apache.org/jira/browse/RANGER-1476?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sailaja Polavarapu reassigned RANGER-1476:
--
Assignee: Nitin Galave
> External users not editable through Ranger UI
> -
[
https://issues.apache.org/jira/browse/RANGER-1476?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Anuja Leekha updated RANGER-1476:
-
Request participants: (was: )
Fix Version/s: 0.7.1
> External users not editable thr
Anuja Leekha created RANGER-1476:
Summary: External users not editable through Ranger UI
Key: RANGER-1476
URL: https://issues.apache.org/jira/browse/RANGER-1476
Project: Ranger
Issue Type: Bu
Alex
Both Abhay and Ramesh are correct. In the Hadoop eco-system we want to ensure
that the users and groups are consistent across all components. And generally,
AD/LDAP or Unix system user/groups are the source of truth.
>>This also means user <--> group mapping in Ranger is NOT the sourc
Adding to Abhay comment,
In most of the Ranger Plugin from the components side we use
org.apache.hadoop.security.UserGroupInformation API
https://hadoop.apache.org/docs/r1.0.4/api/org/apache/hadoop/security/UserGr
oupInformation.html which will wrap around JAAS and provides the mechanism
to determ
Hi Alex,
This is exactly right. Users, groups and their associations in Ranger
(specifically Ranger Admin) are props for being able to define policies.
They are not the Œsource of truth¹. It is expected that the correct user
<‹-> group associations will be available in the component (service) from
Hi Ranger experts,
We are developing a custom Ranger Plugin for Apache HAWQ(incubating) and
noticed that group policies are not behaving as we expected.
In Ranger, we define a user U (actually synched from OS). We then manually
define group G and enroll user U into it. We then define a policy and
---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/56807/#review170046
---
Ship it!
Ship It!
- Velmurugan Periasamy
On March 23, 2017,
