Handling inconsistent username and group name conventions for consistent authorization
This document explains how user and group names are processed to ensure that Ranger policies are applied correctly, leading to seamless access to data and resources.
Cloudera Data Platform (CDP) offers a standardized method for managing usernames and group names to ensure consistent and accurate authorization across all CDP services. This approach is particularly useful when dealing with diverse naming conventions, including special characters such as whitespace and slashes.
You often use a variety of naming conventions for users and groups in your identity providers, for example, Active Directory or LDAP. These conventions can include special characters that, if not handled consistently, can lead to potential inconsistencies in authorization and increased administrative overhead.
To handle inconsistent user and group naming conventions, perform the following steps:
-
Configure the Ranger Admin safety valve.
-
Configure the safety valve at service level.
- Go to .
-
Set the
ranger.plugin.<serviceType>.supports.name.transformation
safety valve to the service-level configuration.