Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

Ranger incremental sync with ldap is not working

Ranger incremental sync with ldap is not working

Expert Contributor

Hi,

I am using Hortonworks Data Cloud on AWS. I have created cluster with one master node and two worker nodes.

On master node I have configured openLDAP Server and on workers openLDAP clients.

I am tying to sync users and groups from LDAP to Ranger.

When First time I have configured Ranger in Ambari for ldap as user source it performed full sync. Now I have created another users and groups in LDAP, I want to sync these users and groups in Ranger.

when I restarted the Ranger in Ambari it didn't show the new users and groups, means incremental sync is not successful.

How can I resolve this issue ?

what filter i need to give for user search filter and group search filter ?

Thank you.

3 REPLIES 3
Highlighted

Re: Ranger incremental sync with ldap is not working

Contributor

Hi @heta desai. On the node where ranger usersync is installed, please check connectivity to ldap using following commands:

//For LDAP
ldapsearch -W -H ldap://<FQDN of LDAP/AD> -D binduser@example.net -b "dc=example,dc=net"
//For LDAPS
ldapsearch -W -H ldaps://<FQDN of LDAP/AD> -D binduser@example.net -b "dc=example,dc=net"

If you're successfully able to connect, then just restart the Ranger Usersync and users will be synced.

Re: Ranger incremental sync with ldap is not working

Expert Contributor

Hi @Sparsh Singhal

Could you please review the question which I have posted earlier but didn't get response. In this question I have explained in detail what issue exactly I am facing, also what configuration I have done.

It would be appreciated if you could kindly help.

Thank You.

Re: Ranger incremental sync with ldap is not working

Expert Contributor

@Sparsh Singhal I am successfully able to connect and restarted the ranger usersync service. But the users which I created later on are not showing in Ranger. Only the users that are synced when usersync performed for the first time(full sync) are showing.