I am trying to set Hadoop group mappings to make ranger policies work for groups.I have passed below properties to core-site but still groups are not fetched(Both on Sandbox and on prod cluster as well):

hadoop.security.group.mapping.ldap.url=ldap://xxxx:389
hadoop.security.group.mapping.ldap.search.filter.user=(&(objectClass=posixAccount)(uid={0}))
hadoop.security.group.mapping.ldap.search.filter.group=(objectClass=group) [also tried with (objectClass=groupOfNames)]
hadoop.security.group.mapping.ldap.search.attr.member=member
hadoop.security.group.mapping.ldap.search.attr.group.name=cn
hadoop.security.group.mapping.ldap.bind.user=cn=Manager,dc=xyz-bigdata,dc=com
hadoop.security.group.mapping.ldap.bind.password=password
hadoop.security.group.mapping.ldap.base=dc=xyz-bigdata,dc=com
hadoop.security.group.mapping=org.apache.hadoop.security.LdapGroupsMapping

Below is the ldif file for my open ldap:

dn: dc=xyz-bigdata,dc=com
objectClass: organization
objectClass: dcObject
o: Hadoop
dc: xyz-bigdata


dn: ou=users,dc=xyz-bigdata,dc=com
objectClass: organizationalUnit
ou: users


dn: ou=groups,dc=xyz-bigdata,dc=com
objectClass: top
objectClass: organizationalUnit
ou: groups
description: xyz groups


# itpeople, groups, xyz-bigdata.com
dn: cn=itpeople,ou=groups,dc=xyz-bigdata,dc=com
objectClass: groupOfNames
cn: itpeople
description: IT security group
member: uid=testt,ou=users,dc=xyz-bigdata,dc=com
member: uid=asiddiqui,ou=users,dc=xyz-bigdata,dc=com
member: uid=root,ou=users,dc=xyz-bigdata,dc=com


# testt, users, xyz-bigdata.com
dn: uid=testt,ou=users,dc=xyz-bigdata,dc=com
objectClass: posixAccount
objectClass: top
objectClass: inetOrgPerson
gidNumber: 0
givenName: testt
initials: mr
sn: testt
displayName: testt
uid: testt
homeDirectory: /home/testt
loginShell: ksh
cn: testt
uidNumber: 4987


# hive, users, xyz-bigdata.com
dn: uid=hive,ou=users,dc=xyz-bigdata,dc=com
objectClass: posixAccount
objectClass: top
objectClass: inetOrgPerson
gidNumber: 0
givenName: System
initials: Mr.
sn: Hadoop
displayName: hive
uid: hive
homeDirectory: /home/hive
loginShell: ksh
cn: hive
uidNumber: 37807