The HDP Security Administration tools have two types of users:
Web UI administrators: Users who require access to the Web UI to manage Hadoop cluster Policies and Audit and Report on Hadoop cluster activity. The user and group synchronizer is required when authenticating Web UI Administrators against an external Unix Server.
Hadoop cluster users: Users who require access to the Hadoop cluster data and therefore are named in ACL Policies created on the HDP Security Administrator Web UI. Use the User and Group Agent to synchronize accounts to use in policies from an external source such as a Unix Server or LDAP Service.
![[Tip]](../common/images/admon/tip.png) | Tip |
|---|---|
HDP Security Administration tools can be used to monitor Hadoop cluster activity without restricting access to data in HDFS, Hive, or HBase repositories. By default, when a Hadoop cluster repository is added to the HDP Security Administration, the repository the default setting allows all access. |
