Managing Users and Groups

The following two users are important when installing and setting up MapR software:

root is used to install MapR software on each node.
The “MapR user” is the user that MapR services run as (typically named mapr or hadoop) on each node. The MapR user has full privileges to administer the cluster. Administrative privilege with varying levels of control can be assigned to other users as well.

Before installing MapR, decide on the name, user id (UID) and group id (GID) for the MapR user. The MapR user must exist on each node, and the user name, UID and primary GID must match on all nodes.

When adding a user to a cluster node, specify the --uid option with the useradd command to guarantee that the user has the same UID on all machines.
When adding a group to a cluster node, specify the --gid option with the groupadd command to guarantee that the group has the same GID on all machines.

MapR uses each node's native operating system configuration to authenticate users and groups for access to the cluster. If you are deploying a large cluster, you should consider configuring all nodes to use LDAP or another user management system. You can use the MapR Control System to give specific permissions to particular users and groups. For more information, see Setting User Permissions. Each user can be restricted to a specific amount of disk usage. For more information, see Setting Quotas for Users and Groups.

By default, MapR gives the user root full administrative permissions. If the nodes do not have an explicit root login, give full permissions to another user after deployment. See Setting the Administrative User.

On the node where you plan to run the mapr-webserver (the MapR Control System), install Pluggable Authentication Modules (PAM). See PAM Configuration for more information.

You can perform the following procedures to manage users and groups in a MapR cluster: