Support Questions
Find answers, ask questions, and share your expertise

Ranger-FreeIPA LDAP Users auto-sync not working.


I have HDP 2.6.5 cluster with Ranger and FreeIPA (4.6.4). Kerberos is also enabled on these cluster via FreeIPA. I have changed Ranger-LDAP configs to sync IPA users with FreeIPA, but every time when I add an User in FreeIPA I have to restart Ranger UserSync. How can I make these auto-sync.

Below is my Ranger-LDAP config.

LDAP/AD URL : ldaps://
Bind User : uid=admin,cn=users,cn=accounts,dc=hadoop,dc=net
Bind User Password : Ipa@123admin

Username Attribute : uid
User Object Class : person
User Search Base : cn=users,cn=accounts,dc=hadoop,dc=net
User Search Filter : 
User Search Scope: sub
User Group Name Attribute : memberof, ismemberof
Group User Map Sync: yes

Enable Group Sync: yes
Group Member Attribute : member
Group Name Attribute: cn
Group Object Class : groupofnames
Group Search Base : cn=groups,cn=accounts,dc=hadoop,dc=net
Group Search Filter : 
Enable Group Search First : yes