Created 11-21-2017 08:35 AM
Hi,
I have successfully link my ranger with AD. Can someone please let me know how can I add Aactive Directory users in my ranger? If I click add new user in the ranger it asks me user detail with password. But if it is AD user then it should not ask password. I could not find out easy way to create or load active director users in ranger. Once I do, then I want to add that users in the group which I created in the Active directory. Afterwards., I want to apply a policy on that group. Please let me know the step by step process in order to achieve above mentioned goals?
Created 11-25-2017 02:36 PM
You should configure Ranger User Sync : https://docs.hortonworks.com/HDPDocuments/HDP2/HDP-2.6.2/bk_security/content/ranger_user_sync_ldap_a...
Created 11-25-2017 05:46 PM
Hi,
I have done it. I am under ou=users in active directory but Ranger has connected under ou=Hadoop. IT has created a user and add in me in that group and assigned ou=Hadoop to that group. But still I cannot see myself even after syncing.
If they create a user directly under ou=Hadoop then as soon as Ranger syncs, I can see in Ranger admin.
Please let me know, how can i resolve this?
Best Regards
Created 03-16-2018 08:28 AM
Check Ranger User sync config. You'd be able to configure the user (as well as group) search base and accordingly Ranger User sync will be able to pull from ou=users.
Created 03-21-2018 06:40 PM
Ranger Usersync supports configuring multiple OUs. Please refer to this JIRA for more info https://issues.apache.org/jira/browse/RANGER-803
For more details on various options supported by Ranger Usersync with AD/LDAP as sync source, please refer to
Thanks,
Sailaja