Hello, the ranger version is 2.1.0 and there are no error logs. the ranger-ugsync-site.xml file contains: <?xml version="1.0" encoding="UTF-8"?> <!--Autogenerated by Cloudera Manager--> <configuration> <property> <name>ranger.usersync.cookie.enabled</name> <value>true</value> </property> <property> <name>ranger.usersync.enabled</name> <value>true</value> </property> <property> <name>ranger.usersync.filesource.text.delimiter</name> <value>,</value> </property> <property> <name>ranger.usersync.group.memberattributename</name> <value>member</value> </property> <property> <name>ranger.usersync.group.nameattribute</name> <value>cn</value> </property> <property> <name>ranger.usersync.group.objectclass</name> <value>group</value> </property> <property> <name>ranger.usersync.group.searchbase</name> <value>OU=CLOUDERA,OU=APPLICATION GROUPS,OU=GRUPPI,DC=test,DC=test</value> </property> <property> <name>ranger.usersync.group.searchscope</name> <value>sub</value> </property> <property> <name>ranger.usersync.keystore.password</name> <value>/var/run/cloudera-scm-agent/process/1546329977-ranger-RANGER_USERSYNC/altscript.sh sec-0-ranger.usersync.keystore.password</value> </property> <property> <name>ranger.usersync.ldap.binddn</name> <value>CN=clouderabind,OU=CLOUDERA,OU=USER DI SERVIZIO,OU=UTENTI,DC=test,DC=test</value> </property> <property> <name>ranger.usersync.ldap.dtestasync</name> <value>false</value> </property> <property> <name>ranger.usersync.ldap.grouphierarchylevels</name> <value>0</value> </property> <property> <name>ranger.usersync.ldap.groupname.caseconversion</name> <value>lower</value> </property> <property> <name>ranger.usersync.ldap.ldapbindpassword</name> <value>/var/run/cloudera-scm-agent/process/1546329977-ranger-RANGER_USERSYNC/altscript.sh sec-0-ranger.usersync.ldap.ldapbindpassword</value> </property> <property> <name>ranger.usersync.ldap.referral</name> <value>ignore</value> </property> <property> <name>ranger.usersync.ldap.starttls</name> <value>false</value> </property> <property> <name>ranger.usersync.ldap.url</name> <value>ldap://test-dc08.test.test:389</value> </property> <property> <name>ranger.usersync.ldap.user.nameattribute</name> <value>sAMAccountName</value> </property> <property> <name>ranger.usersync.ldap.user.objectclass</name> <value>user</value> </property> <property> <name>ranger.usersync.ldap.user.searchbase</name> <value>OU=UTENTI,DC=test,DC=test</value> </property> <property> <name>ranger.usersync.ldap.user.searchscope</name> <value>sub</value> </property> <property> <name>ranger.usersync.ldap.username.caseconversion</name> <value>lower</value> </property> <property> <name>ranger.usersync.logdir</name> <value>/var/log/ranger/usersync</value> </property> <property> <name>ranger.usersync.metrics.enabled</name> <value>true</value> </property> <property> <name>ranger.usersync.metrics.filename</name> <value>metrics.json</value> </property> <property> <name>ranger.usersync.metrics.filepath</name> <value>/var/log/ranger/metrics-usersync</value> </property> <property> <name>ranger.usersync.metrics.frequencytimeinmillis</name> <value>60000</value> </property> <property> <name>ranger.usersync.pagedresultsenabled</name> <value>true</value> </property> <property> <name>ranger.usersync.pagedresultssize</name> <value>500</value> </property> <property> <name>ranger.usersync.policymanager.maxrecordsperapicall</name> <value>1000</value> </property> <property> <name>ranger.usersync.policymgr.username</name> <value>rangerusersync</value> </property> <property> <name>ranger.usersync.port</name> <value>5151</value> </property> <property> <name>ranger.usersync.role.assignment.list.delimiter</name> <value>&</value> </property> <property> <name>ranger.usersync.sleeptimeinmillisbetweensynccycle</name> <value>60000</value> </property> <property> <name>ranger.usersync.source.impl.class</name> <value>org.apache.ranger.ldapusersync.process.LdapUserGroupBuilder</value> </property> <property> <name>ranger.usersync.truststore.file</name> <value>/var/lib/cloudera-scm-agent/agent-cert/cm-auto-global_truststore.jks</value> </property> <property> <name>ranger.usersync.truststore.password</name> <value>/var/run/cloudera-scm-agent/process/1546329977-ranger-RANGER_USERSYNC/altscript.sh sec-0-ranger.usersync.truststore.password</value> </property> <property> <name>ranger.usersync.unix.backend</name> <value>passwd</value> </property> <property> <name>ranger.usersync.unix.minUserId</name> <value>500</value> </property> <property> <name>ranger.usersync.user.searchenabled</name> <value>true</value> </property> <property> <name>ranger.usersync.username.groupname.assignment.list.delimiter</name> <value>,</value> </property> <property> <name>ranger.usersync.users.groups.assignment.list.delimiter</name> <value>:</value> </property> <property> <name>ranger.usersync.kerberos.keytab</name> <value>/var/run/cloudera-scm-agent/process/1546329977-ranger-RANGER_USERSYNC/ranger.keytab</value> </property> <property> <name>ranger.usersync.policymanager.baseURL</name> <value>https://test-clmaster03.test.test:6182</value> </property> <property> <name>ranger.usersync.credstore.filename</name> <value>/var/run/cloudera-scm-agent/process/1546329977-ranger-RANGER_USERSYNC/conf/rangerusersync.jceks</value> </property> <property> <name>ranger.usersync.policymgr.keystore</name> <value>/var/run/cloudera-scm-agent/process/1546329977-ranger-RANGER_USERSYNC/conf/rangerusersync.jceks</value> </property> <property> <name>ranger.usersync.keystore.file</name> <value>/var/run/cloudera-scm-agent/process/1546329977-ranger-RANGER_USERSYNC/conf/unixauthservice.jks</value> </property> <property> <name>ranger.usersync.policymanager.mockrun</name> <value>false</value> </property> <property> <name>ranger.usersync.passwordvalidator.path</name> <value>/opt/cloudera/parcels/CDH-7.1.7-1.cdh7.1.7.p1000.24102687/lib/ranger-usersync/native/pamCredValidator.uexe</value> </property> <property> <name>ranger.usersync.sink.impl.class</name> <value>org.apache.ranger.unixusersync.process.PolicyMgrUserGroupBuilder</value> </property> <property> <name>ranger.usersync.ssl</name> <value>true</value> </property> <property> <name>ranger.usersync.unix.group.file</name> <value>/etc/group</value> </property> <property> <name>ranger.usersync.unix.password.file</name> <value>/etc/passwd</value> </property> <property> <name>ranger.usersync.ldap.bindalias</name> <value>ranger.usersync.ldap.bindalias</value> </property> <property> <name>ranger.usersync.policymgr.alias</name> <value>ranger.usersync.policymgr.password</value> </property> <property> <name>ranger.keystore.file.type</name> <value>jks</value> </property> <property> <name>ranger.truststore.file.type</name> <value>jks</value> </property> <property> <name>xasecure.policymgr.clientssl.keystore.type</name> <value>jks</value> </property> <property> <name>xasecure.policymgr.clientssl.truststore.type</name> <value>jks</value> </property> <property> <name>ranger.usersync.kerberos.principal</name> <value>rangerusersync/_HOST@test.test</value> </property> </configuration> ranger.usersync.ldap.user.searchbase OU=utenti,DC=test,DC=test ranger.usersync.group.searchbase OU=Cloudera, OU=Application Groups,OU=Gruppi, DC=test,DC=test Thanks in advance.
... View more
