forked from docs/doc-exports
Yang, Tong
6182f91ba8
Reviewed-by: Hasko, Vladimir <vladimir.hasko@t-systems.com> Co-authored-by: Yang, Tong <yangtong2@huawei.com> Co-committed-by: Yang, Tong <yangtong2@huawei.com>
27 lines
5.6 KiB
HTML
27 lines
5.6 KiB
HTML
<a name="mrs_01_2394"></a><a name="mrs_01_2394"></a>
|
|
|
|
<h1 class="topictitle1">Changing the Ranger Data Source to LDAP for a Normal Cluster</h1>
|
|
<div id="body0000001079538254"><p id="mrs_01_2394__p14933932417">By default, the Ranger data source of the security cluster can be accessed by FusionInsight Manager LDAP users. By default, the Ranger data source of a common cluster can be accessed by Unix users.</p>
|
|
<div class="section" id="mrs_01_2394__section1962618202513"><h4 class="sectiontitle">Prerequisites</h4><ul id="mrs_01_2394__ul114830314266"><li id="mrs_01_2394__li174838392615">The cluster is in normal mode.</li><li id="mrs_01_2394__li3483103142610">The Ranger component has been installed.</li></ul>
|
|
</div>
|
|
<div class="section" id="mrs_01_2394__section187568105275"><h4 class="sectiontitle">Procedure</h4><ol id="mrs_01_2394__ol1063312256295"><li id="mrs_01_2394__li492475445719"><span>Log in to the MRS console.</span></li><li id="mrs_01_2394__li1892419547578"><span>Choose <strong id="mrs_01_2394__b1239923318414">Clusters</strong> > <strong id="mrs_01_2394__b12405333543">Active Clusters</strong>, select a running cluster, and click its name to go to its details page.</span></li><li id="mrs_01_2394__li5924135465716"><span>Click the <strong id="mrs_01_2394__b8376105513336">Nodes</strong> tab. On the <strong id="mrs_01_2394__b17872123253419">Nodes</strong> tab page that is displayed, expand the node group whose <strong id="mrs_01_2394__b14989718133513">Node Type</strong> is <strong id="mrs_01_2394__b7386101263512">Master</strong>.</span></li><li id="mrs_01_2394__li6924754195717"><span>Go to the ECS page of the active master node and click <strong id="mrs_01_2394__b1974133120514">Remote Login</strong>.</span></li></ol><ol start="5" id="mrs_01_2394__ol17236153314318"><li id="mrs_01_2394__li20236103313111"><span>Log in to a master node as user <strong id="mrs_01_2394__b13749114684917">root</strong>, go to the <strong id="mrs_01_2394__b18183042192717">/opt/</strong><strong id="mrs_01_2394__b10183442182712"></strong><strong id="mrs_01_2394__b2183114212272">Bigdata/components/FusionInsight_HD_<span id="mrs_01_2394__text1833465813714">8.1.0.1</span>/Ranger</strong> directory, and change the values of <strong id="mrs_01_2394__b1275114467495">ranger.usersync.sync.source</strong> and <strong id="mrs_01_2394__b1953553552815">ranger.usersync.cookie.enabled</strong> in the <strong id="mrs_01_2394__b18751194610497">configurations.xml</strong> file to <strong id="mrs_01_2394__b1075120468496">ldap</strong> and <strong id="mrs_01_2394__b64941851162812">false</strong>, respectively.</span><p><pre class="screen" id="mrs_01_2394__screen89451815183113"><name>ranger.usersync.sync.source</name>
|
|
<value model="Sec">ldap</value>
|
|
<value model="NoSec"><strong id="mrs_01_2394__b37229330297">ldap</strong></value></pre>
|
|
<pre class="screen" id="mrs_01_2394__screen2014711327"><name>ranger.usersync.cookie.enabled</name>
|
|
<value><strong id="mrs_01_2394__b33102155326">false</strong></value></pre>
|
|
<div class="note" id="mrs_01_2394__note13773198153115"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="mrs_01_2394__p377312814311"><strong id="mrs_01_2394__b451811515295">Change the value of this parameter on all master nodes.</strong></p>
|
|
</div></div>
|
|
</p></li><li id="mrs_01_2394__li01683365337"><span>Run the following commands on the active Master node to restart the controller process:</span><p><p id="mrs_01_2394__p1794937133317"><strong id="mrs_01_2394__b193818502712">su - omm</strong></p>
|
|
<p id="mrs_01_2394__p64949952418"><strong id="mrs_01_2394__b1145850471">sh /opt/Bigdata/om-server_<span id="mrs_01_2394__text4558531980">8.1.0.1</span>/om/sbin/restart-controller.sh</strong></p>
|
|
<div class="note" id="mrs_01_2394__note127694358916"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="mrs_01_2394__p1977053515912">During controller restart, Manager becomes inaccessible temporarily. After the restart is complete, Manager can be accessed properly.</p>
|
|
</div></div>
|
|
</p></li><li id="mrs_01_2394__li1080017419347"><span>Log in to FusionInsight Manager. For details, see <a href="mrs_01_2124.html">Accessing FusionInsight Manager (MRS 3.x or Later)</a>. Choose <strong id="mrs_01_2394__b6723141131219">Cluster</strong> > <strong id="mrs_01_2394__b16279155116127">Services</strong> > <strong id="mrs_01_2394__b18211125414128">Ranger</strong>. In the upper right corner of the <strong id="mrs_01_2394__b3897135171310">Dashboard</strong> page, click <strong id="mrs_01_2394__b87086711318">More</strong> and choose <strong id="mrs_01_2394__b19616142121315">Synchronize Configuration</strong>.</span></li><li id="mrs_01_2394__li2075315151819"><span>On the Ranger instance page, select the <strong id="mrs_01_2394__b2144173011317">UserSync</strong> instance and choose <strong id="mrs_01_2394__b16808103516134">More</strong> > <strong id="mrs_01_2394__b1662718386130">Restart Instance</strong>.</span></li><li id="mrs_01_2394__li16954121420341"><span>On the <strong id="mrs_01_2394__b165401311176">Dashboard</strong> page of the Ranger service, click <strong id="mrs_01_2394__b1227818816182">RangerAdmin</strong> and choose <strong id="mrs_01_2394__b133242158189">Settings</strong> > <strong id="mrs_01_2394__b131187171184">Users/Groups/Roles</strong> to check whether LDAP users exist.</span></li></ol>
|
|
</div>
|
|
</div>
|
|
<div>
|
|
<div class="familylinks">
|
|
<div class="parentlink"><strong>Parent topic:</strong> <a href="mrs_01_1849.html">Using Ranger (MRS 3.x)</a></div>
|
|
</div>
|
|
</div>
|
|
|