Configuring the Ranger Policy Administration Authentication Mode
The Ranger service also enables you to configure the authentication method that the Ranger Policy Administration component uses to authenticate users. There are three different authentication methods supported with Ranger, which include:
Active Directory (AD)
LDAP
UNIX
Depending on which authentication method you choose, you will need to modify the
following sample values in the install.properties
file:
Active Directory
authentication_method=ACTIVE_DIRECTORY
xa_ldap_ad_domain= example.com
xa_ldap_ad_url=ldap://127.0.0.1:389
xa_ldap_ad_base_dn=DC=example,DC=com
xa_ldap_ad_bind_dn=CN=Administrator,CN=Users,DC=example,DC=com
xa_ldap_ad_bind_password=PassW0rd
xa_ldap_ad_referral=ignore, follow or throw. Default is follow.
LDAP
authentication_method=LDAP
xa_ldap_url=LDAP server URL (e.g. ldap://127.0.0.1:389)
xa_ldap_userDNpattern=uid={0},ou=users,dc=example,dc=com
xa_ldap_groupSearchBase=dc=example,dc=com
xa_ldap_groupSearchFilter=(member=cn={0},ou=users,dc=example,dc=com
xa_ldap_groupRoleAttribute=cn
xa_ldap_base_dn=dc=example,dc=com
xa_ldap_bind_dn=cn=ldapadmin,ou=users,dc=example,dc=com
xa_ldap_bind_password=PassW0rd
xa_ldap_referral=ignore, follow, or throw. Default is follow.
xa_ldap_userSearchFilter=(uid={0}) property at Ranger-admin side
UNIX
authentication_method=UNIX
remoteLoginEnabled=true
authServiceHostName= an address of the host where the UNIX authentication service is running.
authServicePort=5151