diff --git a/hadoop/site.pp.tmpl b/hadoop/site.pp.tmpl
index d93dc209140bca87ac977c7374d15ad218488a0c..cedeff9a6dcec39b3df1ed4e9674e7d3dea6d91c 100644
--- a/hadoop/site.pp.tmpl
+++ b/hadoop/site.pp.tmpl
@@ -130,7 +130,6 @@ class{'site_hadoop':
   distribution        => $$distribution,
   version             => $$version,
   users               => [
-    '${image_user}',
     'example',
     'hawking',
   ],
@@ -142,6 +141,14 @@ class{'site_hadoop':
   spark_enable        => true,
 }
 
+# site_hadoop::users hasn't shell on the nodes, we need exception for '${image_user}'
+hadoop::user{'${image_user}':
+  shell     => true,
+  hdfs      => $$hadoop::hdfs_hostname == $$::fqdn,
+  groups    => 'users',
+  realms    => $$site_hadoop::user_realms,
+  touchfile => 'hdfs-user-${image_user}-created',
+}
 
 node /${master_hostname}\..*/ {
   include ::site_hadoop::role::master_hdfs