Configuring Usersync to sync directly with LDAP/AD

Ranger Usersync can be manually configured to sync directly with LDAP/AD .

By default, Ranger Usersync uses sssd to sync users and groups from a Unix source. This can affect performance and limit scale. This runtime release supports LDAP/AD as a default sync source. Additionally, Ranger Usersync can be manually configured to:

update users and groups from multiple (LDAP/AD, Unix and file) sync sources
customize the default sync interval

Go to Cloudera Manager > Ranger > Configuration > Filters > Ranger Usersync.
In Search, type safety valve.
This filters all Ranger configs to expose only the Usersync safety valves.
In Ranger Usersync Advanced Configuration Snippet (Safety Valve) for conf/ranger-ugsync-site.xml, press +.
1. In Name, type ranger.usersync.syncsource.validation.enabled
2. In Value, type false
3. Click Save Changes(CTRL+S)
Allows sync from multiple source types.
In Ranger Usersync Advanced Configuration Snippet (Safety Valve) for conf/ranger-ugsync-extra-attrs.xml, press +.
1. In Name, type <cloud user.cloud.id.mapping>
2. In Value, type clouduser1,clouduser2,….
3. Click Save Changes(CTRL+S)
Cloud ids for these users and groups are synced to ranger admin.
note
This will be populated by default. The above can also be manually overridden.