MapR 5.1 is at End of Life (EOL) and no longer supported. Please see the latest documentation. This documentation is not being updated.

Home
5.1 Administration
This section contains administration information such as managing your cluster, data, users, jobs and security information such as configuring your security environment and auditing.
Security Guide
Configuring MapR Security
Describes how to enable security features and configure the components on a secure cluster.
Configuring Impersonation
Describes how to use impersonation to centralize control over user actions.
Configuring Impersonation When Security Is Not Enabled
Describes how to enable impersonation without enabling cluster security.

MapR 5.1 Documentation

5.1 Administration
This section contains administration information such as managing your cluster, data, users, jobs and security information such as configuring your security environment and auditing.
- Administrator Guide
- Security Guide
  - Security Overview
    Describes the security features of the MapR Converged Data Platform.
  - Security Architecture
    Describes the default security architecture and additional authentication and encryption capabilities.
  - Logging into a Secure Cluster
    Describes how to use tickets to access a secure MapR cluster.
  - Tickets and Certificates
    Describes how tickets and certificates authenticate users and servers to a cluster.
  - Getting Started with MapR Security
    Describes the two core scenarios that allow quick implementation of security features.
  - Configuring MapR Security
    Describes how to enable security features and configure the components on a secure cluster.
    - Enabling and Disabling Security Features on Your Cluster
      Describes how to enable and disable wire-level security on the nodes of your cluster.
    - Configuring Impersonation
      Describes how to use impersonation to centralize control over user actions.
      - How Impersonation Works
        Describes requirements for and limitations on impersonation.
      - Enabling Impersonation for the mapr Superuser
        Describes how to allow a mapr superuser to impersonate users.
      - Configuring Impersonation When Security Is Not Enabled
        Describes how to enable impersonation without enabling cluster security.
    - Running Commands on Remote Secure Clusters
      Describes how to manage multiple secure clusters from one secure cluster.
    - Adding Cross-Cluster Tickets to Secure Clusters
      Describes how to add cross-cluster tickets to secure clusters that push and pull data.
    - PAM Configuration
      Describes how to use PAM to verify passwords.
    - Secured TaskTracker
      Describes how to control user access to TaskTracker.
    - Access Control Lists
      Describes how to create different types of ACLs.
    - Access Control Expressions
      Describes how to use ACEs to control user permissions for MapR-DB tables.
    - Permissions
      Describes requirements for API user permissions and file permissions.
    - Securing Open Source Components
      Describes how to use JAAS to configure security for open source components.
    - Configuring Kerberos User Authentication
      Describes how to configure Kerberos for the CLDB.
    - Mirror Volumes and Secure Clusters
      Describes how to configure security for the source and destination clusters of a mirror.
    - Configuring a MapR Cluster to Access a HDFS Cluster
      Describes how to create a connection between a MapR cluster and an HDFS cluster.
  - Auditing of Cluster Administration and Operations on Directories, Files, Tables, and Streams
    Describes how to process and use audit records to improve data analysis.

Configuring Impersonation When Security Is Not Enabled

Describes how to enable impersonation without enabling cluster security.

About this task

Follow these steps on the client to configure impersonation without enabling cluster security.

Procedure

Enable impersonation for each ecosystem component you will use that supports impersonation. See Component Requirements for Impersonation in How Impersonation Works.
Enable impersonation for the MapR core components. See Enabling Impersonation for the mapr Superuser.
On each client system from which you wish to be able to use impersonation:
1. Set a MAPR_IMPERSONATION_ENABLED environment variable with the value, true. This value must be set in the environment of any process you start that does impersonation.
2. Create a file in /opt/mapr/conf/proxy/ that has name of the mapr superuser. The default file name would be mapr.
If the mapr superuser has a different name in your cluster, use that name for the proxy file. To verify the mapr superuser name, check the mapr.daemon.user= line in the /opt/mapr/conf/daemon.conf file on a MapR cluster server.