Configure Ranger authentication for PAM

How to configure Ranger to use PAM for user authentication.

  1. In Cloudera Manager, select Ranger, then click the Configuration tab.
  2. Under Admin Authentication Method, select PAM, then click Save Changes.
  3. Create the following two PAM files:
    • /etc/pam.d/ranger-admin with the following content:
      #%PAM-1.0
      auth sufficient pam_unix.so
      auth sufficient pam_sss.so
      account sufficient pam_unix.so
      account sufficient pam_sss.so
    • /etc/pam.d/ranger-remote with the following content:
      #%PAM-1.0
      auth sufficient pam_unix.so
      auth sufficient pam_sss.so
      account sufficient pam_unix.so
      account sufficient pam_sss.so
  4. Confirm that the /etc/shadow file has 444 permissions.
  5. Select Actions > Restart to restart Ranger.