Re: Cannot log in the Ranger Admin UI

Thu, 12 May 2016 03:40:02 -0700 

As a note, I have :
- User Sync enabled
- In Ambari UI, in the User info tab, in the User Configs sub-tab, the
"Group User map Sync" is enabled. What is the usage of this property ?
- In Ambari UI, in the User info tab, in the Group Configs sub-tab, Group
Sync is enabled.

BR.

Lune.

On Thu, May 12, 2016 at 12:33 PM, Lune Silver <[email protected]>
wrote:

> Hello everyone !
>
> I am using HDP 2.3.2 with Ambari 2.2.1.
> I installed Ranger Admin and Ranger Usersync with SSL.
> They are both green in Ambari UI and there is no error in the logs of both
> component.
>
> The thing is, when I try to log in the Ranger Admin UI, I always have the
> following error :
> ###
> 2016-05-12 12:14:57,165 [http-bio-6182-exec-8] INFO
> org.apache.ranger.security.listener.SpringEventListener
> (SpringEventListener.java:87) - Login Unsuccessful:admin | Ip Address:< IP
> FROM WHERE I TRY TO CONNECT>| Bad Credentials
> ###
>
> I'm using an LDAP for the user/group management.
>
> I performed a test with :
> - admin, the admin user normally locally defined in Ranger. I got the Bad
> Credentials error.
> - admin, an admin user that I already have in the LDAP, I got the Bad
> Credentials error
> - amb_ranger_admin, the user created in ranger admin in order to allow
> ambari to create repositories (if I understood well), and I got the Bad
> Credentials error
> - a user lambda in the LDAP, I got the Bad Credentials error
>
> In the "Advanced" tab in Ambari, I have the following configuration :
> - Authentication method : LDAP
> - LDAP Settings
> -- ranger.ldap.base.dn : dc=<myrealm>
> -- Bind user : {{ranger_ug_ldap_bind_dn}} :
> uid=<myuser>,cn=users,cn=accounts,dc=
> <myrealm>
> -- Bind User Password : the password of the bind user (I checked and this
> password is right)
> -- ranger.ldap.group.roleattribute : cn (the attribute to retrieve group,
> right ?)
> -- ranger.ldap.referral : ignore (because I have only one ldap)
> -- LDAP URL : {{ranger_ug_ldap_url}} : ldap://<MY LDAP HOST>:389
> -- ranger.ldap.user.dnpattern : uid={0},cn=users,cn=accounts,dc=<myrealm>
> -- User Search Filter = {{ranger_ug_ldap_user_searchfilter}} : empty (I
> kept a space character)
>
> Q1 - Do you have any idea what could be my problem ?
> Q2 - Is usersync used when a user try to log in the Ranger Admin UI ?
>
> BR.
>
> Lune.
>

Reply via email to