Description
When the user-names are stored in Active Directory in UPPERCASE, but all usernames in linux/CDH are in lowercase it is usually used the user name conversion by the auth_to_local_rule.
I.e.:
To perform this conversion, we use the rule:
auth_to_local=RULE:[1:$1@$0](.@.COMPANY.COM)s/@.*///L
with the switch "/L" to convert usernames to lower case.
This works for "normal user" authentication, i.e. the webinterfaces, access to impala via ODBC.
However, when it is used the "delegation user", the auth_to_local_rule is not used and to get it works the <user allowed to delegate> should be configured in UPPERCASE.
We are checking auth_to_local for the User authentication:
https://github.com/cloudera/Impala/blob/cdh5-2.5.0_5.7.5/fe/src/main/java/com/cloudera/impala/authorization/User.java
but not for the delegated user:
https://github.com/cloudera/Impala/blob/cdh5-2.5.0_5.7.5/be/src/service/impala-server.cc#L1197-L1230