Support Questions

Find answers, ask questions, and share your expertise
Announcements
Check out our newest addition to the community, the Cloudera Data Analytics (CDA) group hub.

Ranger doesn't sync all users from Active Directory

New Contributor

Configured new test instance of Ranger

Settings

bananaman_0-1671614306685.png

bananaman_1-1671614385448.png

 

Binded user has domain admin rights.

Now synced only 999 users of 1650 existed in AD

What problem can be?

bananaman_2-1671614446488.png

 

 

1 ACCEPTED SOLUTION

New Contributor

I solved problem, reason was not in filter

View solution in original post

4 REPLIES 4

Rising Star

Hi @bananaman , Can you please refer the below docs and enable the user search first and see if it helps. 

https://docs.cloudera.com/cdp-private-cloud-base/7.1.3/security-ranger-authentication-unix-ldap-ad/t...

 

Also please try to run ldapsearch to see if it is able to list all the users. 

New Contributor

Hi!

As you can see, user search is already enabled, ldapsearch returns 999 results of 1650 in Active Directory....

Rising Star

@bananaman  This happens when the search filter is not correct. In your case its. Try to change search filter. 

 

sAMAccountName=*

If this does not help try to add the usersync logs to check further.

New Contributor

I solved problem, reason was not in filter

Take a Tour of the Community
Don't have an account?
Your experience may be limited. Sign in to explore more.