vpruthi/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity
doc-exports/docs/mrs/component-operation-guide/mrs_01_2394.html
Yang, Tong 6182f91ba8 MRS component operation guide_normal 2.0.38.SP20 version 
Reviewed-by: Hasko, Vladimir <vladimir.hasko@t-systems.com>
Co-authored-by: Yang, Tong <yangtong2@huawei.com>
Co-committed-by: Yang, Tong <yangtong2@huawei.com>
2022-12-09 14:55:21 +00:00

5.6 KiB
Raw Permalink Blame History

Changing the Ranger Data Source to LDAP for a Normal Cluster

By default, the Ranger data source of the security cluster can be accessed by FusionInsight Manager LDAP users. By default, the Ranger data source of a common cluster can be accessed by Unix users.

Prerequisites

  • The cluster is in normal mode.
  • The Ranger component has been installed.

Procedure

  1. Log in to the MRS console.
  2. Choose Clusters > Active Clusters, select a running cluster, and click its name to go to its details page.
  3. Click the Nodes tab. On the Nodes tab page that is displayed, expand the node group whose Node Type is Master.
  4. Go to the ECS page of the active master node and click Remote Login.
  1. Log in to a master node as user root, go to the /opt/Bigdata/components/FusionInsight_HD_8.1.0.1/Ranger directory, and change the values of ranger.usersync.sync.source and ranger.usersync.cookie.enabled in the configurations.xml file to ldap and false, respectively.

    <name>ranger.usersync.sync.source</name>
<value model="Sec">ldap</value>
<value model="NoSec">ldap</value>
    <name>ranger.usersync.cookie.enabled</name>
<value>false</value>

    Change the value of this parameter on all master nodes.

  2. Run the following commands on the active Master node to restart the controller process:

    su - omm

    sh /opt/Bigdata/om-server_8.1.0.1/om/sbin/restart-controller.sh

    During controller restart, Manager becomes inaccessible temporarily. After the restart is complete, Manager can be accessed properly.

  3. Log in to FusionInsight Manager. For details, see Accessing FusionInsight Manager (MRS 3.x or Later). Choose Cluster > Services > Ranger. In the upper right corner of the Dashboard page, click More and choose Synchronize Configuration.
  4. On the Ranger instance page, select the UserSync instance and choose More > Restart Instance.
  5. On the Dashboard page of the Ranger service, click RangerAdmin and choose Settings > Users/Groups/Roles to check whether LDAP users exist.
Parent topic: Using Ranger (MRS 3.x)