It gets it from whatever is configured on the Namenode.
On Thu, Oct 13, 2016 at 7:43 PM, chen dong <chendong...@gmail.com> wrote:
> Currently I am working on a project to enhance the security for the Hadoop
> cluster. Eventually I will use Kerberos and Sentry for authentication and
> authorisation. And the username and group mapping will come from AD/LDAP
> (?), I think so.
> But now I am just learning and trying. I have a question and I haven’t
> figure it out is
> *where the username/group mapping information come from? *
> As far as I know there is no username and group name for Hadoop and
> username and group name come from the client wherever from local client
> machine or Kerberos realm. But it is a little bit vague for me and can I
> get the implementation details here?
> Is this information from the machine where HDFS client is located or from
> the linux shell username and group on name node? Or it depends on the
> context - even related to data node? What if the data nodes and name nodes
> have different users or user-group mapping in the local boxes.