Configuring Authentication for Cloudera Navigator

Cloudera Manager Server has an internal authentication mechanism, a database repository of user accounts that can be used to create user accounts. As an alternative to using the internal database, Cloudera Manager and Cloudera Navigator can be configured to use external authentication mechanisms.

Cloudera Manager Server and Cloudera Navigator each have their own user role schemes for granting privileges to system features and functions. Cloudera Manager user roles can be applied to user accounts as they are created in the internal repository. Cloudera Navigator user roles are applied to groups defined in the external system for use by Cloudera Navigator. The only user role that can be effectively applied to an account created in the Cloudera Manager internal repository is that of Navigator Administrator, which grants the user account privileges as a Full Administrator on the Cloudera Navigator services (Navigator Metadata Server, Navigator Audit Server).

In other words, assigning Cloudera Navigator user roles to user accounts requires using an external authentication mechanism.