Ranger incremental sync with ldap is not working

heta_desai · ‎05-19-2018

Hi,

I am using Hortonworks Data Cloud on AWS. I have created cluster with one master node and two worker nodes.

On master node I have configured openLDAP Server and on workers openLDAP clients.

I am tying to sync users and groups from LDAP to Ranger.

When First time I have configured Ranger in Ambari for ldap as user source it performed full sync. Now I have created another users and groups in LDAP, I want to sync these users and groups in Ranger.

when I restarted the Ranger in Ambari it didn't show the new users and groups, means incremental sync is not successful.

How can I resolve this issue ?

what filter i need to give for user search filter and group search filter ?

Thank you.

sparsh_singhal · ‎05-20-2018

Hi @heta desai. On the node where ranger usersync is installed, please check connectivity to ldap using following commands:

//For LDAP
ldapsearch -W -H ldap://<FQDN of LDAP/AD> -D binduser@example.net -b "dc=example,dc=net"
//For LDAPS
ldapsearch -W -H ldaps://<FQDN of LDAP/AD> -D binduser@example.net -b "dc=example,dc=net"

If you're successfully able to connect, then just restart the Ranger Usersync and users will be synced.

heta_desai · ‎05-21-2018

Hi @Sparsh Singhal

Could you please review the question which I have posted earlier but didn't get response. In this question I have explained in detail what issue exactly I am facing, also what configuration I have done.

It would be appreciated if you could kindly help.

Thank You.

heta_desai · ‎05-21-2018

@Sparsh Singhal I am successfully able to connect and restarted the ranger usersync service. But the users which I created later on are not showing in Ranger. Only the users that are synced when usersync performed for the first time(full sync) are showing.