Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

Ranger usersync LDAP failing after number of group imported

Highlighted

Ranger usersync LDAP failing after number of group imported

New Contributor

Hello,

I have a ranger usersync setting that works.... once in a while.

We have a lot of groups in ADLDS (around 200) and the usersync process is getting groups and users from this ADLDS.

Then, this is stored in an Oracle DB outside the cluster.

In the logs "usersync.log" :

25 Jun 2019 09:08:57  INFO LdapDeltaUserGroupBuilder [UnixUserSyncThread] - No. of members in the group ADLDS-Hadoop-Ranger-Hive-GRP162-Read = 2
25 Jun 2019 09:08:58  INFO LdapDeltaUserGroupBuilder [UnixUserSyncThread] - longUserName: CN=Support-Bios,OU=Services,DC=production,DC=MyCompany, userName: Support-Bios
25 Jun 2019 09:09:01  INFO LdapDeltaUserGroupBuilder [UnixUserSyncThread] - No. of members in the group ADLDS-Hadoop-Ranger-Hive-GRP162-Bios-Read = 1
25 Jun 2019 09:09:02  INFO LdapDeltaUserGroupBuilder [UnixUserSyncThread] - longUserName: CN=Support,OU=Services,DC=production,DC=MyCompany, userName: Support
25 Jun 2019 09:09:05  INFO LdapDeltaUserGroupBuilder [UnixUserSyncThread] - longUserName: CN=Finance,OU=Services,DC=production,DC=MyCompany, userName: Finance
25 Jun 2019 09:09:07  INFO LdapDeltaUserGroupBuilder [UnixUserSyncThread] - No. of members in the group ADLDS-Hadoop-Ranger-Hive-GRP163-Change = 2
25 Jun 2019 09:09:07 ERROR LdapDeltaUserGroupBuilder [UnixUserSyncThread] - LdapDeltaUserGroupBuilder.getGroups() failed with exception: javax.naming.CommunicationException: Connection reset [Root exception is java.net.SocketException: Connection reset]
25 Jun 2019 09:09:07  INFO LdapDeltaUserGroupBuilder [UnixUserSyncThread] - LdapDeltaUserGroupBuilder.getGroups() group count: 164
25 Jun 2019 09:10:56 ERROR LdapDeltaUserGroupBuilder [UnixUserSyncThread] - sink.addOrUpdateGroup failed with exception: java.net.ConnectException: Connection refused (Connection refused), for group: ADLDS-Hadoop-Ranger-Hdfs-DIR123-Read, users: [FinanceBatch]


It always fails arround 150 groups. Sometime at 144, sometimes at 170, sometimes at 151. I have no clue to find out where this failure can come from.

Any idea ?