Support Questions

Find answers, ask questions, and share your expertise
Announcements
Celebrating as our community reaches 100,000 members! Thank you!

Can multiple AD domains be configured with ranger?

avatar
New Contributor

considering domain.example1.com & domain.example2.com transitive two way trust exists between these domains.

- hadoop cluster is joined to domain.example2.com.

- users are from domain.example1.com and user groups are in domain.example2.com.

- can usersync and groupsync be done from different domains?

- Is cross domain ranger policy setup achievable?

1 ACCEPTED SOLUTION

avatar
Expert Contributor

@rasiq abdul,

Currently Ranger doesn't have ability to sync users/groups from multiple domains. Only multiple OUs from same domain are supported in ranger currently. In some customer environments, each domain can be migrated to a common LDAP/AD server under a OU (Organizational Unit) and ranger can be pointed to that common AD/LDAP server.

Thanks,

Sailaja.

View solution in original post

1 REPLY 1

avatar
Expert Contributor

@rasiq abdul,

Currently Ranger doesn't have ability to sync users/groups from multiple domains. Only multiple OUs from same domain are supported in ranger currently. In some customer environments, each domain can be migrated to a common LDAP/AD server under a OU (Organizational Unit) and ranger can be pointed to that common AD/LDAP server.

Thanks,

Sailaja.