Configuring Impersonation without Cluster Security
Describes how to use impersonation on a non-secure cluster.
About this task
To configure impersonation without enabling cluster security, perform the following procedure on the client:
Procedure
- Enable impersonation for each ecosystem component you will use that supports impersonation. See Component Requirements for Impersonation in How Impersonation Works.
- Enable impersonation for the MapR core components. See Enabling Impersonation for the mapr Superuser and Enabling Impersonation for any User.
-
On each client system from which you wish to be able to use
impersonation:
-
Set a
MAPR_IMPERSONATION_ENABLED
environment variable with the value, true. This value must be set in the environment of any process you start that does impersonation. -
Create a file in
/opt/mapr/conf/proxy/
that has name of the mapr superuser or any other user. For the mapr superuser, the default file name would bemapr
. For all other users, you can use their username for the proxy file.
If the mapr superuser has a different name in your cluster, use that name for the proxy file. To verify the mapr superuser name, check themapr.daemon.user=
line in the/opt/mapr/conf/daemon.conf
file on a MapR cluster server. -
Set a