[jira] [Created] (RANGER-846) Ranger deviates from Hadoop usernames

Bolke de Bruin (JIRA) Sat, 13 Feb 2016 13:54:01 -0800

Bolke de Bruin created RANGER-846:
-------------------------------------

             Summary: Ranger deviates from Hadoop usernames
                 Key: RANGER-846
                 URL: https://issues.apache.org/jira/browse/RANGER-846
             Project: Ranger
          Issue Type: Bug
          Components: admin
    Affects Versions: 0.5.0, 0.5.1, 0.5.2, 0.6.0
         Environment: kerberos non-kerberos
            Reporter: Bolke de Bruin
            Priority: Critical
             Fix For: 0.6.0



Ranger-admin deviates from Hadoop (hadoop-auth) in determining what is a 
username and implements its own check. If not using hadoop-auth why is this not 
left to the underlying OS?

This is perfectly fine on the OS and will be per HADOOP-12751 (Before 
HADOOP-12751 '@' and '/' were not allowed).

[root@hdp-node pam.d]# id [email protected]
UID=1796201107([email protected]) GID=1796201107([email protected]) 
groepen=1796201107([email protected]),1796200513(domain 
[email protected]),1796201108([email protected]),1950000004(ad_users)

Not being able to do this creates integration issues when using trusts in 
active directory domain contexts (ie. the above [email protected] is a user from a 
trusted domain)





--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Created] (RANGER-846) Ranger deviates from Hadoop usernames

Reply via email to