Support Questions
Find answers, ask questions, and share your expertise

Can multiple AD domains be configured with ranger?

Solved Go to solution

Can multiple AD domains be configured with ranger?

New Contributor

considering domain.example1.com & domain.example2.com transitive two way trust exists between these domains.

- hadoop cluster is joined to domain.example2.com.

- users are from domain.example1.com and user groups are in domain.example2.com.

- can usersync and groupsync be done from different domains?

- Is cross domain ranger policy setup achievable?

1 ACCEPTED SOLUTION

Accepted Solutions

Re: Can multiple AD domains be configured with ranger?

Expert Contributor

@rasiq abdul,

Currently Ranger doesn't have ability to sync users/groups from multiple domains. Only multiple OUs from same domain are supported in ranger currently. In some customer environments, each domain can be migrated to a common LDAP/AD server under a OU (Organizational Unit) and ranger can be pointed to that common AD/LDAP server.

Thanks,

Sailaja.

View solution in original post

1 REPLY 1

Re: Can multiple AD domains be configured with ranger?

Expert Contributor

@rasiq abdul,

Currently Ranger doesn't have ability to sync users/groups from multiple domains. Only multiple OUs from same domain are supported in ranger currently. In some customer environments, each domain can be migrated to a common LDAP/AD server under a OU (Organizational Unit) and ranger can be pointed to that common AD/LDAP server.

Thanks,

Sailaja.

View solution in original post