Support Questions

Rasiq_Abdul · ‎05-25-2017

considering domain.example1.com & domain.example2.com transitive two way trust exists between these domains.

- hadoop cluster is joined to domain.example2.com.

- users are from domain.example1.com and user groups are in domain.example2.com.

- can usersync and groupsync be done from different domains?

- Is cross domain ranger policy setup achievable?

spolavarapu · ‎05-25-2017

Currently Ranger doesn't have ability to sync users/groups from multiple domains. Only multiple OUs from same domain are supported in ranger currently. In some customer environments, each domain can be migrated to a common LDAP/AD server under a OU (Organizational Unit) and ranger can be pointed to that common AD/LDAP server.

Thanks,

Sailaja.

View solution in original post

spolavarapu · ‎05-25-2017

@rasiq abdul,

Currently Ranger doesn't have ability to sync users/groups from multiple domains. Only multiple OUs from same domain are supported in ranger currently. In some customer environments, each domain can be migrated to a common LDAP/AD server under a OU (Organizational Unit) and ranger can be pointed to that common AD/LDAP server.

Thanks,

Sailaja.

Cloudera Community

Support Questions

Can multiple AD domains be configured with ranger?