Help Center > > User Guide> MRS Manager Operation Guide> Security Management> Default Users of Clusters with Kerberos Authentication Disabled

Default Users of Clusters with Kerberos Authentication Disabled

Updated at: Dec 31, 2019 GMT+08:00

User Classification

The MRS cluster provides the following two types of users.

Users are required to periodically change their passwords. It is not recommended to use the default passwords.

User Type

Description

System user

A user used to run OMS system processes.

Database user

  • Used to manage the OMS database and access data.
  • Used to run the database of service components (Hive, Loader and DBService).

System Users

  • User ldap of the OS is required in the MRS cluster. Do not delete the account. Otherwise, the cluster may not work properly. Password management policies are maintained by the users.
  • Reset the password when you change the passwords of user ommdba and user omm for the first time. Change the passwords regularly after you have retrieved them.

Type

Username

Initial Password

Description

MRS cluster system user

admin

Specified by the user when the cluster is created

Administrator of MRS Manager.

This user also has the following rights:

  • Common HDFS and ZooKeeper user rights.
  • Rights to submit and query MapReduce and Yarn tasks, to manage Yarn queues, and to access the Yarn web UI.
  • Rights to submit, query, activate, deactivate, reassign, delete topologies, and operate all topologies of the Storm service.
  • Rights to create, delete, authenticate, reassign, consume, write, and query topics of the Kafka service.

MRS cluster node OS user

omm

Randomly generated by the system

Internal running user of the MRS cluster system. This user is an OS user generated on all nodes and does not require a unified password.

MRS cluster node OS user

root

Password set by the user

User used to log in to a node in the MRS cluster. This user is an OS user generated on all nodes.

User Group Information

Default User Group

Description

supergroup

Primary group of user admin. The primary group does not have additional permissions in the cluster where Kerberos authentication is disabled.

check_sec_ldap

Used to test whether the active LDAP works properly. This user group is generated randomly in a test and automatically deleted after the test is complete. This is an internal system user group used only between components.

Manager_tenant

Tenant system user group. This is an internal system user group used only between components.

System_administrator

MRS cluster system administrator group. This is an internal system user group used only between components.

Manager_viewer

MRS Manager system viewer group. This is an internal system user group used only between components.

Manager_operator

MRS Manager system operator group. This is an internal system user group used only between components.

Manager_auditor

MRS Manager system auditor group. This is an internal system user group used only between components.

Manager_administrator

MRS Manager system administrator group. This is an internal system user group used only between components.

compcommon

MRS cluster internal group for accessing public cluster resources. All system users and system running users are added to this user group by default.

default_1000

This group is created for tenants. This is an internal system user group used only between components.

kafka

Kafka common user group. A user added to this user group can access a topic only when a user in the kafkaadmin group grants the read and write permission of the topic to the user.

kafkasuperuser

Users added to this user group have the read and write permission of all topics.

kafkaadmin

Kafka administrator group. Users added to this user group have the rights to create, delete, authorize, read, and write all topics.

storm

Users added to this user group can submit topologies and manage their own topologies.

stormadmin

Users added to this user group can have the storm administrator rights and can submit topologies and manage all topologies.

OS User Group

Description

wheel

Primary group of MRS internal running user omm.

ficommon

MRS cluster common group that corresponds to compcommon for accessing public cluster resource files stored in the OS

Database Users

MRS cluster system database users contain OMS database users and DBService database users.

Do not delete the following database users. Otherwise, the cluster or services may not work properly.

Type

Default User

Initial Password

Description

OMS database

ommdba

dbChangeMe@123456

OMS database administrator who performs maintenance operations, such as creating, starting, and stopping applications

omm

ChangeMe@123456

User for accessing OMS database data

DBService database

omm

dbserverAdmin@123

Administrator of the GaussDB database in the DBService component

hive

HiveUser@

User for Hive to connect to the DBService database

hue

HueUser@123

User for Hue to connect to the DBService database

sqoop

SqoopUser@

User for Loader to connect to the DBService database

Did you find this page helpful?

Submit successfully!

Thank you for your feedback. Your feedback helps make our documentation better.

Failed to submit the feedback. Please try again later.

Which of the following issues have you encountered?







Please complete at least one feedback item.

Content most length 200 character

Content is empty.

OK Cancel