Skip to main content
Version: current [24.2.x]

Users, Groups, and Roles

Note:
Enterprise Edition only

Version Requirement

The privileges and user management functionality outlined on this page are for instances of Dremio v15.X and earlier.

For privilege and access controls using Dremio 16.0+: See the new Access Control help topics.

For user management using Dremio v18.0+: See the Users help topic.

For new role management using Dremio v18.0+: See the Roles help topic.

User and Group Management

Dremio's user and group management has two modes: Internal (default) and LDAP.

Internal Mode

Dremio manages users. Users are configured through the Dremio UI under Admin > Users. Groups are not available in this mode.

LDAP Mode

Users and groups are managed by external LDAP server.

Roles

By default, everyone is given the User role. Users and groups can be assigned as Administrators in the UI under Admin > Administrators.

User Role

Users can:

  • Create, edit, and delete spaces
  • Create, edit, and delete views
  • Query or edit formatting of tables
  • Query or edit views
  • Upload files to home space
  • See their own jobs

There are a few options that allow administrators to configure user privileges globally:

Advanced OptionDescription
ui.upload.allowAllow users to upload files to their home spaces. Enabled by default.
ui.space.allow-manageAllow users to create and manage spaces. Disabled by default.

Administrator Role

Administrators can:

  • Create, edit, and delete all sources and spaces
  • Query and edit formatting of all tables (except for ones in other users' home spaces)
  • Query and edit all views (except for ones in other users' home spaces)
  • See all jobs
  • Manage:
  • Accelerations
  • Node Activity
  • Users (only available in Internal mode)
  • Provisioning
  • Administrators
  • Cluster Settings