- Create users internally in the Apache Ranger Admin Service.
- Use the Apache Ranger Usersync service to import users/groups into Ranger from LDAP.
- User the Apache Ranger Usersync service to import users/groups from the local UNIX machine.
- Configure the Apache Ranger Admin Service to authenticate users directly to LDAP.
1) Configuring the Apache Ranger Admin Service to use PAM for authentication
Follow the steps in a previous tutorial to build Apache Ranger and to setup and install the Apache Ranger Admin service. Edit 'conf/ranger-admin-site.xml' and change the following configuration value:
- ranger.authentication.method: PAM
The next step is to add a PAM configuration file for Apache Ranger. Create a file called '/etc/pam.d/ranger-admin' with the content:
- auth required pam_unix.so
- account required pam_unix.so