Administering Ranger Users, Groups, Roles, and Permissions
Ranger Admin users can manage users, group, roles and permissions using Ranger Admin Web UI.
Overview: Ranger User/Groups/Roles
Ranger Admin Web UI allows users with Administrator role (permissions) to create new users, groups and roles that define fine-grained access control in CDP. This topic presents an overview of the user, group, role, permission management options you can find under Settings. This functionality is supported by CDP runtime base code in both public and private runtime form factors.
To list the users, groups, and roles for which Ranger manages access to CDP services, select.
- Internal users - created by a Ranger admin user who can log in to the Ranger Admin Web UI.
- External users - created at other systems such as Active Directory, LDAP, or UNIX.
- Admin users - who are the only users with permission to create users and services, run reports, and perform other administrative tasks using Ranger Admin Web UI.
- Visible users - those users created in Ranger Admin Web UI, or in other systems who are "active", in other words, not marked for deletion.
- Hidden users - those users that have been marked for deletion for any reason (for example invalid characters, duplicates, or obsolescence).
Users also shows the Groups to which each user belongs.
- Internal groups - created by a Ranger admin.
- External groups - created by other systems.
- On the Groups page, you can click Users to view the members of a specific group.
- Role names, and related mappings to:
- User names
- Group names
- Other role names