Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

Ranger "User Name" Incorrect when synced through group first

Highlighted

Ranger "User Name" Incorrect when synced through group first

Expert Contributor

When syncing Ranger users through the group (group.search.first.enabled": "true") where does Ranger pickup the "User Name". I am trying to pickup the short name (jbarnett in this case), but it keeps adding with "James M1. Barnett". Good news is it syncs just fine. The bad news is that it brings in the wrong attribute for the user name!

 

#### AD Entry ####

dn: CN=James M1. Barnett,OU=Managed,OU=Users,OU=XYZ East,DC=cs,DC=msds,DC=foo,DC=com

cn: James M1. Barnett

name: James M1. Barnett

sAMAccountName: jbarnett

 

#### Ranger UGSync props

"ranger.usersync.group.searchfilter": "(|(CN=nifi-admin-prod)(CN=nifi-prod))",

"ranger.usersync.ldap.user.searchfilter": "(&(sAMAccountName={0})(|(memberOf=CN=nifi-admin-prod,OU=Groups,DC=cs,DC=msds,DC=foo,DC=com))",

"ranger.usersync.group.search.first.enabled": "true"

"ranger.usersync.group.memberattributename": "member",

"ranger.usersync.group.nameattribute": "cn",

"ranger.usersync.ldap.user.groupnameattribute": "memberof",

"ranger.usersync.group.memberattributename": "member",

"ranger.usersync.group.nameattribute": "cn",

"ranger.usersync.ldap.user.groupnameattribute": "memberof",

"ranger.usersync.ldap.user.nameattribute": "sAMAccountName",

Don't have an account?
Coming from Hortonworks? Activate your account here