Impersonation to Data sources (Granted access on Datasource)


Is it possible to setup an user with his AD account and use the same account for accessing the Datasource ? for example MySQL ?
I see this page ; but, could not find more information.

I would love to have the user impersonation on Dremio such that the user queries are passed on to the underlying database as himself rather as a dremio user. So that the user will be able to access the DB only with his access privileges.
Reason for the ask:- Else it becomes a problem to manage the user queries and be responsible for being in the middle.



If I understand this right, if you have a LDAP user called “testuser”, you would like Dremio to authenticate “testuser” and then when accessing MySQL tables you would like that “testuser” be able to proxy into the MySQL server to read the data?


@balaji.ramaswamy Yes, that’s right. So,

  1. Do we need to setup Proxy users (same as in MySQL) for all other datasources(eg:- SQL Server)
  2. If AD account is used to login to Dremio, then when the user connects to different datasource DS1 and DS2, will the DataSource uses AD to authenticate the user (assuming the user has access privilege)?
  3. Assuming all users in AD have read-only access (using their AD acct) on DS1 and DS2, then all that’s required is AD integration on Dremio? Or do we need to setup any [admin] property to let Dremio use the AD acct to access DS1/DS2?

Naveen Arumugam

Hi @Naveesh_Doolhur

To access sources like Oracle/MySQL we go with the authentication provided in the Dremio source properties for that source