Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

Issue in Ranger while Sync with ldap users.

Re: Issue in Ranger while Sync with ldap users.

New Contributor

No, I don't configured my own AD/LDAP server

Re: Issue in Ranger while Sync with ldap users.

Rising Star

Hi @Narasimma varman,

1. I'm assuming you are using OpenLDAP as your directory since you have pointed ranger to 127.0.0.1, can you send me the ldapsearch output for any user entry, the syntax for ldapsearch would be :

# ldapsearch -x -b "dc=hortonworks,dc=com" -D "<binddn>" -W -h <LDAP-server-IP-addr>

NOTE : replace <binddn> with your actual bind address

This will help in configuring your ranger usersync details

Re: Issue in Ranger while Sync with ldap users.

New Contributor

[root@sandbox usersync]# ldapsearch -x -b "dc=hortonworks,dc=com" -D "dc=hadoop,dc=apache,dc=org" -W -h ldap://127.0.0.1:389 Enter LDAP Password: ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1) [root@sandbox usersync]#

Re: Issue in Ranger while Sync with ldap users.

Expert Contributor
@Narasimma varman

From the ldap setup output above I see that the ldap port is configured to 33389 where are in ranger configuration you specified "ldap://127.0.0.1:389". Can you please try to change the ldap url in ranger config to "ldap://127.0.0.1:33389"?

Re: Issue in Ranger while Sync with ldap users.

New Contributor

Yes, I change port number to 389 but still issue is not cleared

Re: Issue in Ranger while Sync with ldap users.

New Contributor

can anyone tell what is default value of Base DN and Manager DN?

Highlighted

Re: Issue in Ranger while Sync with ldap users.

Rising Star

@Narasimma varman

Is your ldap server running ? Send the output of the below command from the ldap server

# ps aux | grep -i slapd

Your binddn and base search cannot have different tree, It seems that your ldap server is not configured correctly.

Can you share how did you setup your ldap server ? slapd.conf or cn=config form ?

Thanks !

Re: Issue in Ranger while Sync with ldap users.

New Contributor

Re: Issue in Ranger while Sync with ldap users.

Rising Star

@Narasimma varman If you have followed the exact documentation then, your basedn should be dc=example,dc=com and binddn should be any of the users you added or cn=Manager,dc=example,dc=com, the password for cn=Manager,dc=example,dc=com will be the password you generated using "slappasswd" command which you gave in slapd.conf.

Are you able to perform an ldapsearch using the below command :

# ldapsearch -x -b "dc=example,dc=com" -H ldaps://<hostname>

Also, does your netstat show the same :

# netstat -ntpl | grep 5029

If the above does not work send your /etc/openldap/slapd.conf and /etc/sysconfig/ldap

Re: Issue in Ranger while Sync with ldap users.

New Contributor

slapd.config and ldap file I attached

Don't have an account?
Coming from Hortonworks? Activate your account here