Support Questions

Find answers, ask questions, and share your expertise
Announcements
Celebrating as our community reaches 100,000 members! Thank you!

Ranger doesn't sync all users from Active Directory

avatar
New Contributor

Configured new test instance of Ranger

Settings

bananaman_0-1671614306685.png

bananaman_1-1671614385448.png

 

Binded user has domain admin rights.

Now synced only 999 users of 1650 existed in AD

What problem can be?

bananaman_2-1671614446488.png

 

 

1 ACCEPTED SOLUTION

avatar
New Contributor

I solved problem, reason was not in filter

View solution in original post

4 REPLIES 4

avatar
Expert Contributor

Hi @bananaman , Can you please refer the below docs and enable the user search first and see if it helps. 

https://docs.cloudera.com/cdp-private-cloud-base/7.1.3/security-ranger-authentication-unix-ldap-ad/t...

 

Also please try to run ldapsearch to see if it is able to list all the users. 

avatar
New Contributor

Hi!

As you can see, user search is already enabled, ldapsearch returns 999 results of 1650 in Active Directory....

avatar
Master Collaborator

@bananaman  This happens when the search filter is not correct. In your case its. Try to change search filter. 

 

sAMAccountName=*

If this does not help try to add the usersync logs to check further.

avatar
New Contributor

I solved problem, reason was not in filter