[
https://issues.apache.org/jira/browse/RANGER-1102?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15383000#comment-15383000
]
Yan commented on RANGER-1102:
-----------------------------
Can we differentiate the two types of users? That is, internal users are used
only for Ranger Admin; while the external users only for Hadoop.
> Conflict between internal and external users with same username
> ---------------------------------------------------------------
>
> Key: RANGER-1102
> URL: https://issues.apache.org/jira/browse/RANGER-1102
> Project: Ranger
> Issue Type: Bug
> Components: usersync
> Affects Versions: 0.5.2, 0.6.0
> Reporter: Yujie Li
>
> When Ranger syncs user data from external source, if external users share the
> same username with existing internal users, those internal users will be
> updated with external users' group information.
> For example, we have an internal user "admin" in "admin" group. If we sync
> from UNIX and there is also a user named "admin" in group "test", eventually
> the internal "admin" will still be internal but its group will be updated to
> "test". There won't be another external "admin" user.
> This should not be allowed as they should be separated as two different users.
> But on the other hand, if we create an internal user from the web UI while we
> already have an external user with that username, there will be an warning
> saying "user already exists" and the action will abort. This will not cause
> any issues.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
