This is the documentation for Cloudera Manager 5.0.x. Documentation for other versions is available at Cloudera Documentation.

Cloudera Manager User Accounts

Access to Cloudera Manager features is controlled by user accounts. A user account identifies how a user is authenticated and determines what privileges are granted to the user.

You manage user accounts through the Administration > Users page.

When you are logged in to the Cloudera Manager Admin Console, the username you are logged in as is at the far right of the top navigation bar—for example, if you are logged in as admin you will see .

User Authentication

User authentication can be done through a local database, through an external LDAP directory server (Active Directory or OpenLDAP-compatible), SAML, or through an external authentication program of your own choosing.

Users accounts added in the Users page (which are stored in the local database) show Cloudera Manager in the User Type column. User accounts added from an LDAP directory or other external authentication mechanism will have External in the User Type column. See Configuring External Authentication for information on configuring Cloudera Manager to use an external LDAP directory, SAML, or other authentication program for user authentication.

User Roles

A user role determines what Cloudera Manager features are accessible to the user and what actions the user can perform. A user account can be assigned one of three roles:
  • Administrator - Allows the user to add, change, delete, and configure services or administer user accounts. Also, even if you are using an external authentication mechanism for user authentication, users with Administrator privileges can log in to Cloudera Manager using their local Cloudera Manager username and password. (This prevents the system from locking everyone out if the external authentication settings get misconfigured.)
  • Limited Administrator - Allows the user to view service and monitoring information and decommission hosts, but cannot add services or take any other actions that affect the state of the cluster.
  • Read-Only - Allows the user to view service and monitoring information but cannot add services or take any actions that affect the state of the cluster.

Changing the Local Logged-In User Password

  1. Right-click the logged-in username at the far right of the top navigation bar and select Change Password.
  2. Enter the current password, and a new password twice and then click Submit.

Adding a Local User Account

  1. Select Administration > Users.
  2. Click the Add User button.
  3. Enter a username and password.
  4. Optionally, specify the desired role for the new user.
  5. Click Submit.

Changing a User Account Role and Password

Changing An Account Role

  1. Select Administration > Users.
  2. Check the checkbox next to the username.
  3. In the Assign Role: field, select a role from the drop-down list.
  4. Click the Assign Role: button.

Changing a Password for a Local User Account

  1. Select Administration > Users.
  2. Click the Change Password button next to a username with User Type Cloudera Manager.
  3. Type the new password and repeat it to confirm.
  4. Click the Submit button to make the change.

Deleting Local User Accounts

  1. Check the checkbox next to one or more usernames with User Type Cloudera Manager.
  2. Click the Delete button. (There is no confirmation of the action.)
Page generated September 3, 2015.