Updated on 2024-10-25 GMT+08:00

MRS Cluster User Accounts

This section describes information about default users in MRS clusters.

Account List (MRS 3.x and Later Versions)

  • User types

    The MRS cluster provides the following three types of users. The system administrator needs to periodically change the passwords. It is not recommended to use the default passwords.

    User Type

    Description

    System users

    • User created on FusionInsight Manager for O&M and service scenarios. There are two types of users:
      • Human-machine user: used in scenarios such as FusionInsight Manager O&M and operations on a component client. When creating a user of this type, you need to set password and confirm password by referring to Creating an MRS Cluster User.
      • Machine-machine user: used for system application development.
    • User who runs OMS processes

    Internal system users

    Internal user to perform Kerberos authentication, process communications, save user group information, and associate user permissions. It is recommended that internal system users not be used in O&M scenarios. Operations can be performed as user admin or another user created by the system administrator based on service requirements.

    Database users

    • User who manages OMS database and accesses data
    • User who runs service components (Hue, Hive, HetuEngine, Loader, Oozie, Ranger, JobGateway, and DBService) in the database.
  • System user
    • User root of the OS is required, the password of user root on all nodes must be the same.
    • User Idap of the OS is required. Do not delete this account. Otherwise, the cluster may not work properly. The OS administrator maintains the password management policies.

    User Type

    Username

    Initial Password

    Description

    Password Change Method

    System administrator

    admin

    User-defined password

    FusionInsight Manager administrator.

    NOTE:

    By default, user admin does not have the management permission on other components. For example, when accessing the native UI of a component, the user fails to access the complete component information due to insufficient management permission on the component.

    For details, see Changing or Resetting the Password for User admin of an MRS Cluster.

    Node OS user

    ommdba

    Random password

    User that creates the system database. This user is an OS user generated on the management node and does not require a unified password. This account cannot be used for remote login.

    For details, see Changing the Passwords for OS Users of an MRS Cluster Node.

    omm

    Random password

    Internal running user of the system. This user is an OS user generated on all nodes and does not require a unified password.

  • Internal system user

    User Type

    Default User

    Initial Password

    Description

    Password Change Method

    Kerberos administrator

    kadmin/admin

    Admin@123

    Used to add, delete, modify, and query user accounts on Kerberos.

    For details, see Changing the Password for the Kerberos Administrator of an MRS Cluster.

    OMS Kerberos administrator

    kadmin/admin

    Admin@123

    Used to add, delete, modify, and query user accounts on OMS Kerberos.

    For details, see Changing the Password of the OMS Kerberos Administrator.

    LDAP administrator

    cn=root,dc=hadoop,dc=com

    • Versions earlier than MRS 3.1.2: LdapChangeMe@123
    • MRS 3.1.2 or later: randomly generated by the system

    Used to add, delete, modify, and query the user account information on LDAP.

    OMS LDAP administrator

    cn=root,dc=hadoop,dc=com

    • Versions earlier than MRS 3.1.2: LdapChangeMe@123
    • MRS 3.1.2 or later: randomly generated by the system

    Used to add, delete, modify, and query the user account information on OMS LDAP.

    LDAP user

    cn=pg_search_dn,ou=Users,dc=hadoop,dc=com

    Randomly generated by the system

    Used to query information about users and user groups on LDAP.

    OMS LDAP user

    cn=pg_search_dn,ou=Users,dc=hadoop,dc=com

    Randomly generated by the system

    Used to query information about users and user groups on OMS LDAP.

    LDAP administrator account

    cn=krbkdc,ou=Users,dc=hadoop,dc=com

    • Versions earlier than MRS 3.1.2: LdapChangeMe@123
    • MRS 3.1.2 or later: randomly generated by the system

    Used to query Kerberos component authentication account information.

    cn=krbadmin,ou=Users,dc=hadoop,dc=com

    • Versions earlier than MRS 3.1.2: LdapChangeMe@123
    • MRS 3.1.2 or later: randomly generated by the system

    Used to add, delete, modify, and query Kerberos component authentication account information.

    Component running user

    hdfs

    Hdfs@123

    This user is the HDFS system administrator and has the following permissions:

    1. File system operation permissions:
      • Views, modifies, and creates files.
      • Views and creates directories.
      • Views and modifies the groups where files belong.
      • Views and sets disk quotas for users.
    2. HDFS management operation permissions:
      • Views the web UI status.
      • Views and sets the active and standby HDFS status.
      • Enters and exits the HDFS in security mode.
      • Checks the HDFS file system.
    3. Logs in to the FTP service page.

    For details, see Changing the Passwords for MRS Cluster Component Running Users.

    hbase

    Hbase@123

    This user is the HBase and HBase1 to HBase4 system administrator and has the following permissions:

    • Cluster management permission: Performs Enable and Disable operations on tables to trigger MajorCompact and ACL operations.
    • Grants and revokes permissions, and shuts down the cluster.
    • Table management permission: Creates, modifies, and deletes tables.
    • Data management permission: Reads data in tables, column families, and columns.
    • Logs in to the HMaster web UI.
    • Logs in to the FTP service page.

    cdl

    CDCUser123!

    System administrator of the CDL

    Currently, CDL does not involve user permissions.

    iotdb

    Iotdb@123

    This user is the IoTDB system administrator and has the following user permissions:

    1. IoTDB administrator permissions:
      • Creates or deletes a storage group.
      • Uses TTL.
    2. IoTDB data operation permissions:
      • Creates, modifies, and deletes a time sequence.
      • Writes, reads, and deletes data in a time sequence.
    3. Views user or role permission information.
    4. Grants or revokes permissions to or from a user or role.
      NOTE:

      In a normal cluster, the IoTDB service retains the features of open-source versions. The default username is root, and the default password is root. This user is an administrator and has all permissions, which cannot be assigned, revoked, or deleted.

    mapred

    Mapred@123

    This user is the MapReduce system administrator and has the following permissions:

    • Submits, stops, and views the MapReduce tasks.
    • Modifies the Yarn configuration parameters.
    • Logs in to the FTP service page.
    • Logs in to the Yarn web UI.

    zookeeper

    ZooKeeper@123

    This user is the ZooKeeper system administrator and has the following permissions:

    • Adds, deletes, modifies, and queries all nodes in ZooKeeper.
    • Modifies and queries quotas of all nodes in ZooKeeper.

    rangeradmin

    Rangeradmin@123

    This user has the Ranger system management permissions and user permissions:

    • Ranger web UI management permission
    • Management permission of each component that uses Ranger authentication

    rangerauditor

    Rangerauditor@123

    Default audit user of the Ranger system.

    hive

    Hive@123

    This user is the Hive system administrator and has the following permissions:

    1. Hive administrator permissions:
      • Creates, deletes, and modifies a database.
      • Creates, queries, modifies, and deletes a table.
      • Queries, inserts, and uploads data.
    2. HDFS file operation permissions:
      • Views, modifies, and creates files.
      • Views and creates directories.
      • Views and modifies the groups where files belong.
    3. Submits and stops the MapReduce tasks.
    4. Ranger policy management permission

    kafka

    Kafka@123

    This user is the Kafka system administrator and has the following permissions:

    • Creates, deletes, produces, and consumes the topic; modifies the topic configuration.
    • Controls the cluster metadata, modifies the configuration, migrates the replica, elects the leader, and manages ACL.
    • Submits, queries, and deletes the consumer group offset.
    • Queries the delegation token.
    • Queries and submits the transaction.

    storm

    Admin@123

    Storm system administrator

    User permission: Submits Storm tasks.

    rangerusersync

    Randomly generated by the system

    Synchronizes users and internal users of user groups.

    rangertagsync

    Randomly generated by the system

    Internal user for synchronizing tags.

    rangerobs/hadoop.<System domain name>

    Randomly generated by the system

    System administrator used by Guardian to access Ranger

    jobserver

    Randomly generated by the system

    JobGateway system administrator, who has the following permissions:

    1. HDFS file operation permissions:
      • Views, modifies, and creates files.
      • Views and creates directories.
      • Views and modifies the groups where files belong.
    2. Manager administrator permission

    HTTP/_HOST

    Randomly generated by the system

    Internal user of the JobGateway service, which is used for Kerberos authentication of the HTTP service

    oms/manager

    Randomly generated by the system

    Controller and NodeAgent authentication user. The user has the permission on the supergroup group.

    backup/manager

    Randomly generated by the system

    User for running backup and restoration tasks. The user has the permission on the supergroup, wheel, and ficommon groups. After cross-system mutual trust is configured, the user has the permission to access data in the HDFS, HBase, Hive, and ZooKeeper systems.

    hdfs/hadoop.<System domain name>

    Randomly generated by the system

    This user is used to start the HDFS and has the following permissions:

    1. File system operation permissions:
      • Views, modifies, and creates files.
      • Views and creates directories.
      • Views and modifies the groups where files belong.
      • Views and sets disk quotas for users.
    2. HDFS management operation permissions:
      • Views the web UI status.
      • Views and sets the active and standby HDFS status.
      • Enters and exits the HDFS in security mode.
      • Checks the HDFS file system.
    3. Logs in to the FTP service page.

    hetuserver/hadoop.<System domain name>

    Randomly generated by the system

    This user is used to start HetuEngine and has the following permissions:

    • Accesses KrbServer and HDFS files in the cluster from HetuEngine.
    • Used for communication between HetuEngine internal nodes.

    mapred/hadoop.<System domain name>

    Randomly generated by the system

    This user is used to start the MapReduce and has the following permissions:

    • Submits, stops, and views the MapReduce tasks.
    • Modifies the Yarn configuration parameters.
    • Logs in to the FTP service page.
    • Logs in to the Yarn web UI.

    mr_zk/hadoop.<System domain name>

    Randomly generated by the system

    Used for MapReduce to access ZooKeeper.

    hbase/hadoop.<System domain name>

    Randomly generated by the system

    User for the authentication between internal components during the HBase system startup.

    hbase/zkclient.<System domain name>

    Randomly generated by the system

    User for HBase to perform ZooKeeper authentication in a security mode cluster.

    thrift/hadoop.<System domain name>

    Randomly generated by the system

    ThriftServer system startup user.

    thrift/<hostname>

    Randomly generated by the system

    User for the ThriftServer system to access HBase. This user has the read, write, execution, creation, and administration permission on all NameSpaces and tables of HBase. <hostname> indicates the name of the host where the ThriftServer node is installed in the cluster.

    hive/hadoop.<System domain name>

    Randomly generated by the system

    User for the authentication between internal components during the Hive system startup. The user permissions are as follows:

    1. Hive administrator permissions:
      • Creates, deletes, and modifies a database.
      • Creates, queries, modifies, and deletes a table.
      • Queries, inserts, and uploads data.
    2. HDFS file operation permissions:
      • Views, modifies, and creates files.
      • Views and creates directories.
      • Views and modifies the groups where files belong.
    3. Submits and stops the MapReduce tasks.

    loader/hadoop.<System domain name>

    Randomly generated by the system

    User for Loader system startup and Kerberos authentication

    HTTP/<hostname>

    Randomly generated by the system

    Used to connect to the HTTP interface of each component. <hostname> indicates the host name of a node in the cluster.

    hue

    Randomly generated by the system

    User for Hue system startup, Kerberos authentication, and HDFS and Hive access

    flume

    Randomly generated by the system

    User for Flume system startup and HDFS and Kafka access. The user has read and write permission of the HDFS directory /flume.

    flume_server

    Randomly generated by the system

    User for Flume system startup and HDFS and Kafka access. The user has read and write permission of the HDFS directory /flume.

    spark2x/hadoop.<System domain name>

    Randomly generated by the system

    This user is the Spark2x system administrator and has the following user permissions:

    1. Starts the Spark2x service.

    2. Submits Spark2x tasks.

    spark_zk/hadoop.<System domain name>

    Randomly generated by the system

    Used for Spark2x to access ZooKeeper.

    zookeeper/hadoop.<System domain name>

    Randomly generated by the system

    ZooKeeper system startup user.

    zkcli/hadoop.<System domain name>

    Randomly generated by the system

    ZooKeeper server login user.

    oozie

    Randomly generated by the system

    User for Oozie system startup and Kerberos authentication.

    kafka/hadoop.<System domain name>

    Randomly generated by the system

    Used for security authentication of Kafka.

    storm/hadoop.<System domain name>

    Randomly generated by the system

    Storm system startup user.

    storm_zk/hadoop.<System domain name>

    Randomly generated by the system

    Used for the Worker process to access ZooKeeper.

    flink/hadoop.<System domain name>

    Randomly generated by the system

    Internal user of the Flink service.

    check_ker_M

    Randomly generated by the system

    User who performs a system internal test about whether the Kerberos service is normal.

    cdl/hadoop.<System domain name>

    Randomly generated by the system

    Internal user of the CDL service.

    clickhouse/hadoop.<System domain name>

    Randomly generated by the system

    Used for security authentication of ClickHouse. This user is an internal user and can be used only in the cluster.

    default

    None

    ClickHouse internal user, which is an administrator user that can be used only in non-security mode.

    rangeradmin/hadoop.<System domain name>

    Randomly generated by the system

    Ranger system startup user, which is used for authentication between internal components.

    tez

    Randomly generated by the system

    User for TezUI system startup, Kerberos authentication, and access to Yarn

    K/M

    Randomly generated by the system

    Kerberos internal functional user. It cannot be deleted, and its password cannot be changed. This internal account can only be used on nodes where Kerberos service is installed.

    None

    kadmin/changepw

    Randomly generated by the system

    kadmin/history

    Randomly generated by the system

    krbtgt<System domain name>

    Randomly generated by the system

    LDAP user

    admin

    None

    FusionInsight Manager administrator.

    The primary group is compcommon, which does not have the group permission but has the permission of the Manager_administrator role.

    The LDAP user cannot log in to the system, and the password cannot be changed.

    backup

    The primary group is compcommon.

    backup/manager

    The primary group is compcommon.

    oms

    The primary group is compcommon.

    oms/manager

    The primary group is compcommon.

    clientregister

    The primary group is compcommon.

    zookeeper

    The primary group is hadoop.

    zookeeper/hadoop.<System domain name>

    The primary group is hadoop.

    zkcli

    The primary group is hadoop.

    zkcli/hadoop.<System domain name>

    The primary group is hadoop.

    flume

    The primary group is hadoop.

    flume_server

    The primary group is hadoop.

    hdfs

    The primary group is hadoop.

    hdfs/hadoop.<System domain name>

    The primary group is hadoop.

    mapred

    The primary group is hadoop.

    mapred/hadoop.<System domain name>

    The primary group is hadoop.

    mr_zk

    The primary group is hadoop.

    mr_zk/hadoop.<System domain name>

    The primary group is hadoop.

    hue

    The primary group is supergroup.

    hive

    The primary group is hive.

    hive/hadoop.<System domain name>

    The primary group is hive.

    hbase

    The primary group is hadoop.

    hbase/hadoop.<System domain name>

    The primary group is hadoop.

    thrift

    The primary group is hadoop.

    thrift/hadoop.<System domain name>

    The primary group is hadoop.

    oozie

    The primary group is hadoop.

    hbase/zkclient.<System domain name>

    The primary group is hadoop.

    loader

    The primary group is hadoop.

    loader/hadoop.<System domain name>

    The primary group is hadoop.

    spark2x

    The primary group is hadoop.

    spark2x/hadoop.<System domain name>

    The primary group is hadoop.

    spark_zk

    The primary group is hadoop.

    kafka

    The primary group is kafkaadmin.

    kafka/hadoop.<System domain name>

    The primary group is kafkaadmin.

    storm

    The primary group is stormadmin.

    storm/hadoop.<System domain name>

    The primary group is stormadmin.

    storm_zk

    The primary group is storm.

    storm_zk/hadoop.<System domain name>

    The primary group is storm.

    kms/hadoop

    The primary group is kmsadmin.

    knox

    The primary group is compcommon.

    executor

    The primary group is compcommon.

    rangeradmin

    The primary group is supergroup.

    rangeradmin/hadoop.<System domain name>

    The primary group is supergroup.

    rangerusersync

    The primary group is supergroup.

    rangertagsync

    The primary group is supergroup.

    rangerauditor

    The primary group is compcommon.

    jobserver

    The primary group is compcommon.

    Log in to FusionInsight Manager, choose System > Permission > Domain and Mutual Trust, and check the value of Local Domain. In the preceding table, all letters in the system domain name contained in the username of the system internal user are lowercase letters.

    For example, if Local Domain is set to 9427068F-6EFA-4833-B43E-60CB641E5B6C.COM, the username of default HDFS startup user is hdfs/hadoop.9427068f-6efa-4833-b43e-60cb641e5b6c.com.

  • Database user
    The system database users include OMS database users and DBService database users.

    Database Type

    Default User

    Initial Password

    Description

    Password Change Method

    OMS database

    ommdba

    • Versions earlier than MRS 3.2.0: dbChangeMe@123456
    • MRS 3.2.0 or later: random password

    OMS database administrator who performs maintenance operations, such as creating, starting, and stopping.

    For details, see Changing the Password for the OMS Database Administrator.

    omm

    • Versions earlier than MRS 3.2.0: ChangeMe@123456
    • MRS 3.2.0 or later: random password

    User for accessing OMS database data

    For details, see Changing the Password for an OMS Database Access User.

    DBService database

    omm

    • Versions earlier than MRS 3.2.0: dbserverAdmin@123
    • MRS 3.2.0 or later: random password

    Administrator of the GaussDB database in the DBService component

    For details, see Resetting the Password for User omm in DBService.

    compdbuser

    Random password

    (Available in MRS 3.1.2 or later) Administrator of the GaussDB database in the DBService component. It is used in service O&M scenarios. You need to reset the password upon your first login.

    For details, see Changing the Password for User compdbuser of the DBService Database.

    hetu

    Random password

    User for HetuEngine to connect to the DBService database hetumeta.

    This user exists only in MRS 3.1.2 or later.

    hive

    • Versions earlier than MRS 3.1.2: HiveUser@
    • MRS 3.1.2 or later: random password

    User for Hive to connect to the DBService database hivemeta.

    hue

    • Versions earlier than MRS 3.1.2: HueUser@123
    • MRS 3.1.2 or later: random password

    User for Hue to connect to the DBService database hue.

    sqoop

    • Versions earlier than MRS 3.1.2: SqoopUser@
    • MRS 3.1.2 or later: random password

    User for Loader to connect to the DBService database sqoop.

    oozie

    • Versions earlier than MRS 3.1.2: OozieUser@
    • MRS 3.1.2 or later: random password

    User for Oozie to connect to the DBService database oozie.

    rangeradmin

    • Versions earlier than MRS 3.1.2: Admin12!
    • MRS 3.1.2 or later: random password

    User for Ranger to connect to the DBService database.

    kafkaui

    Random password

    User for Kafka UI to connect to the DBService database.

    This user exists only in MRS 3.1.2 or later.

    flink

    Random password

    User for Flink to connect to the DBService database flinkmeta.

    This user exists only in MRS 3.1.2 or later.

    cdl

    Random password

    User for CDL to connect to the DBService database cdl.

    This user exists only in MRS 3.2.0 or later.

    jobgateway

    Random password

    User for JobGateway to connect to the DBService database jobmeta.

    This user can be used in MRS 3.3.0 and later versions only.

Account List (MRS 2.x and Earlier Versions)

  • User type

    The MRS cluster provides the following three types of users. Periodically change the passwords and do not use the default passwords.

    User Type

    Description

    System users

    • User created on Manager for MRS cluster O&M and service scenarios. There are two types of system users:
      • Human-machine user: used for Manager O&M scenarios and component client operation scenarios.
      • Machine-machine user: used for MRS cluster application development scenarios.
    • User who runs OMS processes

    Internal system users

    Internal user to perform Kerberos authentication, process communications, save user group information, and associate user permissions. It is recommended that internal system users not be used in O&M scenarios. Operations can be performed as user admin or another user created by the system administrator based on service requirements.

    Database users

    • User who manages OMS database and accesses data
    • User who runs the database of service components (Hive, Loader, and DBService)
  • System user
    • User ldap of the OS is required in the MRS cluster. Do not delete this account. Otherwise, the cluster may not work properly. Password management policies are maintained by the operation users.
    • Reset the passwords when you change the passwords of user ommdba and user omm for the first time. Change the passwords periodically after retrieving them.

    User Type

    Username

    Initial Password

    Description

    System administrator of the MRS cluster

    admin

    Specified by the user during the cluster creation.

    MRS Manager

    The user has the following permissions:

    • Common HDFS and ZooKeeper user permissions.
    • Permissions to submit and query MapReduce and YARN tasks, manage YARN queues, and access the YARN web UI.
    • Permissions to submit, query, activate, deactivate, reassign, delete topologies, and operate all topologies of the Storm service.
    • Permissions to create, delete, authorize, reassign, consume, write, and query topics of the Kafka service.

    MRS cluster node OS user

    omm

    Randomly generated by the system

    Internal running user of the MRS cluster system. This user is an OS user generated on all nodes and does not require a unified password.

    MRS cluster node OS user

    root

    The password is set by the user.

    User for logging in to the node in the MRS cluster. This user is an OS user generated on all nodes.

  • Internal system user
    • Do not delete the following internal system users. Otherwise, the cluster or components may not work properly.
    • Such user is available only in clusters with Kerberos authentication enabled.

    User Type

    Default User

    Initial Password

    Description

    Component running user

    hdfs

    Hdfs@123

    This user is the HDFS system administrator and has the following permissions:

    1. File system operation permissions:
      • Views, modifies, and creates files.
      • Views and creates directories.
      • Views and modifies the groups where files belong.
      • Views and sets disk quotas for users.
    2. HDFS management operation permissions:
      • Views the web UI status.
      • Views and sets the active and standby HDFS status.
      • Enters and exits the HDFS in security mode.
      • Checks the HDFS file system.

    hbase

    Hbase@123

    This user is the HBase system administrator and has the following permissions:

    • Cluster management permission: Enable and Disable operations on tables to trigger MajorCompact and ACL operations.
    • Grants and revokes permissions, and shuts down the cluster.
    • Table management permission: Creates, modifies, and deletes tables.
    • Data management permission: Reads data in tables, column families, and columns.
    • Accesses the HBase web UI.

    mapred

    Mapred@123

    This user is the MapReduce system administrator and has the following permissions:

    • Submits, stops, and views the MapReduce tasks.
    • Modifies the Yarn configuration parameters.
    • Accesses the Yarn and MapReduce web UI.

    spark

    Spark@123

    This user is the Spark system administrator and has the following permissions:

    • Accesses the Spark web UI.
    • Submits Spark tasks.
  • User group information

    Default User Group

    Description

    supergroup

    Primary group of user admin, which has no additional permissions in the cluster with Kerberos authentication disabled.

    check_sec_ldap

    Used to test whether the active LDAP works properly. This user group is generated randomly in a test and automatically deleted after the test is complete. This is an internal system user group used only between components.

    Manager_tenant

    Tenant system user group, which is an internal system user group used only between components. It is used only in clusters with Kerberos authentication enabled.

    System_administrator

    MRS cluster system administrator group, which is an internal system user group used only between components. It is used only in clusters with Kerberos authentication enabled.

    Manager_viewer

    MRS Manager system viewer group, which is an internal system user group used only between components. It is used only in clusters with Kerberos authentication enabled.

    Manager_operator

    MRS Manager system operator group, which is an internal system user group used only between components. It is used only in clusters with Kerberos authentication enabled.

    Manager_auditor

    MRS Manager system auditor group, which is an internal system user group used only between components. It is used only in clusters with Kerberos authentication enabled.

    Manager_administrator

    MRS Manager system administrator group, which is an internal system user group used only between components. It is used only in clusters with Kerberos authentication enabled.

    compcommon

    MRS cluster internal group, used to access public resources in the cluster. All system users and system running users are added to this user group by default.

    default_1000

    User group created for tenants. This is an internal system user group used only between components.

    launcher-job

    MRS internal group, which is used to submit jobs using V2 APIs.

    hadoop

    Users added to this user group have the permission to submit tasks to all YARN queues. Such user is available only in clusters with Kerberos authentication enabled.

    hbase

    Common user group. Users added to this user group will not have any additional permission. Such user is available only in clusters with Kerberos authentication enabled.

    hive

    Users added to this user group can use Hive. Such user is available only in clusters with Kerberos authentication enabled.

    spark

    Common user group. Users added to this user group will not have any additional permission. Such user is available only in clusters with Kerberos authentication enabled.

    kafka

    Kafka common user group. Users added to this group need to be granted with read and write permission by users in the kafkaadmin group before accessing the desired topics. Such user is available only in clusters with Kerberos authentication enabled.

    kafkasuperuser

    Users added to this group have permissions to read data from and write data to all topics. Such user is available only in clusters with Kerberos authentication enabled.

    kafkaadmin

    Kafka administrator group. Users added to this group have the permissions to create, delete, authorize, as well as read from and write data to all topics. Such user is available only in clusters with Kerberos authentication enabled.

    storm

    Storm common user group. Users added to this group have the permissions to submit topologies and manage their own topologies. Such user is available only in clusters with Kerberos authentication enabled.

    stormadmin

    Storm administrator user group. Users added to this group have the permissions to submit topologies and manage their own topologies. Such user is available only in clusters with Kerberos authentication enabled.

    opentsdb

    Common user group. Users added to this user group will not have any additional permission. Such user is available only in clusters with Kerberos authentication enabled.

    presto

    Common user group. Users added to this user group will not have any additional permission. Such user is available only in clusters with Kerberos authentication enabled.

    flume

    Common user group. Users added to this user group will not have any additional permission. Such user is available only in clusters with Kerberos authentication enabled.

    launcher-job

    MRS internal group, which is used to submit jobs using V2 APIs. Such user is available only in clusters with Kerberos authentication enabled.

    OS User Group

    Description

    wheel

    Primary group of MRS internal running user omm.

    ficommon

    MRS cluster common group that corresponds to compcommon for accessing public resource files stored in the OS of the cluster.

  • Database user

    MRS cluster system database users include OMS database users and DBService database users.

    Do not delete database users. Otherwise, the cluster or components may not work properly.

    User Type

    Default User

    Initial Password

    Description

    OMS database

    ommdba

    dbChangeMe@123456

    OMS database administrator who performs maintenance operations, such as creating, starting, and stopping.

    omm

    ChangeMe@123456

    User for accessing OMS database data

    DBService database

    omm

    dbserverAdmin@123

    Administrator of the GaussDB database in the DBService component

    hive

    HiveUser@

    User for Hive to connect to the DBService database.

    hue

    HueUser@123

    User for Hue to connect to the DBService database.

    ranger

    RangerUser@

    User for Ranger to connect to the DBService database. Such user is available only in clusters with Kerberos authentication enabled.

    sqoop

    SqoopUser@

    User for Loader to connect to the DBService database.