Support Questions
Find answers, ask questions, and share your expertise

Ranger with ldap permission error

Rising Star

I am trying to integrate ldap with ranger. I have set properties as other system, but usersync still outputs the following error info:

LdapDeltaUserGroupBuilders.getUsers() failed with exception: javax.naming.NopermissionException:[LDAP: error code 50 - The request control with Object Identifiers (OID) 1.2.**** cannot be used due to insufficient access rights]

I just set the common configs and user configs, and leave group configs blank.

How to solve it?


Expert Contributor

@Junfeng Chen,

From the posted log message, looks like you have enabled "Incremental Sync" during which the group config is mandatory. Not sure what exactly you mean by "leave group configs blank". This is not supported configuration. For more details on "Incremental Sync", please refer to

Also, please refer to below article on how to configure ranger usersync for integrating with AD/LDAP.

Hope this helps.



Rising Star

@spolavarapu Thanks, I am reading the article you gave.

“leave group configs blank” means I disabled the group sync.

; ;