- Make sure the HDP 2.2 repository is added to your site's list of yum repositories. - If it has not yet been added, add it now by performing the following steps: - For RHEL/Centos6/Oracle LINUX 6: - wget -nv https://hdpweb.o.onslip.net/HDP/centos6/2.x/GA/2.2.8.0/hdp.repo -O /etc/yum.repos.d/hdp.repo
- For Ubuntu 12.04: - apt-get update wget https://hdpweb.o.onslip.net/HDP/ubuntu12/2.x/GA/2.2.8.0/hdp.list -O /etc/apt/sources.list.d/hdp.list
- For Debian 6: - apt-get update wget https://hdpweb.o.onslip.net/HDP/debian6/2.x/GA/2.2.8.0/hdp.list -O /etc/apt/sources.list.d/hdp.list
 
- Find the Ranger Policy Admin software: - yum search ranger
- Install the Ranger Policy Admin software: - yum install ranger_2_2_8_0_3150-admin
- In the Ranger Policy Administration installation directory, update the install.properties file: - Go to the installation directory: - cd /usr/hdp/2.2.8.0-3150/ranger-admin/
- Edit the following install.properties entries: - Table 13.1. install.properties Entries - Configuration Property - Default/Example Value - Required? - Ranger Policy Database - DB_FLAVOR Specifies the type of database used for audit logging (MYSQL,ORACLE) - MYSQL (default) - Y - SQL_CONNECTOR_JAR Path to SQL connector JAR. DB driver location for Mysql, If Oracle db is used, copy the oracle jdbc driver to file, /usr/share/java/ojdbc6.jar ** In Windows, only Mysql is supported. - /usr/share/java/mysql-connector-java.jar (default) - Y - db_root_user database username who has privileges for creating database schemas and users - root (default) - Y - db_root_password database password for the "db_root_user" - rootPassW0Rd - Y - db_host Hostname of the ranger policy database server - localhost - Y - db_name Ranger Policy database name - ranger (default) - Y - db_user db username used for performing all policy mgmt operation from policy admin tool - rangeradmin (default) - Y - db_password database password for the "db_user" - RangerAdminPassW0Rd - Y - Ranger Audit Database - audit_db_name Ranger audit database name - This can be different database in the same database server mentioned above - ranger_audit (default) - Y - audit_db_user Ranger audit database name - This can be different database in the same database server mentione - rangerlogger (default) - Y - audit_db_password database password for the "audit_db_user" - RangerLoggerPassW0Rd - Y - Policy Admin Tool Config - policymgr_external_url URL used within Policy Admin tool when a link to its own page is generated in the Policy Admin Tool website - http://localhost:6080 (default) http://myexternalhost.xasecure.net:6080N - policymgr_http_enabled Enables/disables HTTP protocol for downloading policies by Ranger plugins - true (default) - Y - unix_user UNIX user who runs the Policy Admin Tool process - ranger (default) (default) - Y - unix_group UNIX group associated with the UNIX user who runs the Policy Admin Tool process - ranger (default) - Y - Policy Admin Tool Authentication - authentication_method - Authentication Method used to log in to the Policy Admin Tool. - NONE -- only users created within the Policy Admin Tool may log in - UNIX -- allows UNIX userid authentication using the UNIX authentication service (see below) - LDAP -- allows Corporate LDAP authentication (see below) - ACTIVE_DIRECTORY -- allows authentication using an Active Directory - none (default) - Y - UNIX Authentication Service - remoteLoginEnabled Flag to enable/disable remote Login via Unix Authentication Mode - true (default) - Y, if UNIX authentication_method is selected - authServiceHostName Server Name (or ip-addresss) where ranger-usersync module is running (along with Unix Authentication Service) - localhost (default) myunixhost.domain.com - Y, if UNIX authentication_method is selected - authServicePort Port Number where ranger-usersync module Is running Unix Authentication Service - 5151 (default) - Y, if UNIX authentication_method is selected - LDAP Authentication - xa_ldap_url URL for the LDAP service - ldap://71.127.43.33:389 - Y, if LDAP authentication_method is selectedd - xa_ldap_userDNpattern LDAP DN Pattern used to uniquely locate the login user - uid={0},ou=users,dc=xasecure,dc=net - Y, if LDAP authentication_method is selectedd - xa_ldap_groupSearchBase LDAP Base node location to get all groups associated with login user - ou=groups,dc=xasecure,dc=net - Y, if LDAP authentication_method is selectedd - xa_ldap_groupSearchFilter LDAP search filter used to retrieve groups for the login user - (member=uid={0},ou=users, dc=xasecure,dc=net) - Y, if LDAP authentication_method is selectedd - xa_ldap_groupRoleAttribute Attribute used to retrieve the group names from the group search filters - cn - Y, if LDAP authentication_method is selectedd - Active Directory Authentication - xa_ldap_ad_domain Active Directory Domain Name used for AD login - xasecure.net - Y, if ACTIVE_DIRECTORY authentication_method is selectedd - xa_ldap_ad_url Active Directory LDAP URL for authentication of user - ldap://ad.xasecure.net:389 - Y, if ACTIVE_DIRECTORY authentication_method is selectedd 
 
- Check the JAVA_HOME environment variable. If it has not yet been set, enter: - export JAVA_HOME=<path of installed jdk version folder>


