Hi Team, I confirm I am Admin for our Dremio, I can see my name shown under “Administrator”
“When I access our PDS, I got below errors:
Something went wrong. Please check the log file for details, see https://docs.dremio.com/advanced-administration/log-files.html.Show more”
See screenshot1.
I also got errorsa when I click “Edit Orginal SQL” , got the errors like “Access denied reading dataset XXXX.XXXX.XXXX”
see screenshot2
can you let me know why and how to fix it?
It looks like your user doesn’t have access to the source’s data - in this case the source is rejecting your access, not Dremio. A full stack trace from server.log would tell us where its failing exactly.
@dolphinlei Kindly upload the server.log and job profile when this problem happens
thank, I tried:
@dolphinlei error seems to come from MaprFS
Caused By (java.io.IOException) Error getting user info for current user, test_user
com.mapr.fs.MapRFileSystem.lookupClient():675
com.mapr.fs.MapRFileSystem.lookupClient():703
com.mapr.fs.MapRFileSystem.access():716
com.dremio.exec.hadoop.HadoopFileSystem.access():436
com.dremio.exec.store.dfs.FileSystemPlugin$FsPermissionTask.runInner():812
com.dremio.exec.store.dfs.FileSystemPlugin$FsPermissionTask.runInner():789
com.dremio.exec.store.TimedRunnable.run():51
com.dremio.exec.store.TimedRunnable$LatchedRunnable.run():93
java.util.concurrent.Executors$RunnableAdapter.call():511
java.util.concurrent.FutureTask.run():266
java.util.concurrent.ThreadPoolExecutor.runWorker():1149
java.util.concurrent.ThreadPoolExecutor$Worker.run():624
java.lang.Thread.run():748Is the user also available on executors and have access to the MapR FS?
should not, when log on to the maprfs, we usually use an service account, not use the uid that logon to the Dremio. Do you mean only the uid that logon to the Dremio have access of the maprfs parquet file, and then I can access the PDS? Maybe I can try that service account which I used to log on the marpfs nodes machines to log on to Dremio to see if I can see the PDS. correct?
@dolphinlei This depends if on your maprFS side impersonation is turned on or turned off, if impersonation is turned on, then the metadata fetch happens as the service user and the actual read of the Parquet file will be done by the actual logged in user, while if impersonation is false then both metadata and actual read of the data is done by the service user
Can I understand the “impersonation” you mean here is a configuration in Maprfs, has no relationship with Dremio, which may impact any SQL engine on top of Maprfs. Or can you let me where to check its turn-on or turn-off setting about it? thanks.
@dolphinlei On the Dremio side, see if under source -advanced options setting you see a setting hive.server2.enable.doAs is set? If not then it would use what is set on Hive or HDFS from the backend which you can look at hive-site.xml and see what this value is (if for Hive)