ranger-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Don Bosco Durai (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (RANGER-652) LDAP configuration tool
Date Sun, 11 Oct 2015 20:02:05 GMT

    [ https://issues.apache.org/jira/browse/RANGER-652?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14952414#comment-14952414

Don Bosco Durai commented on RANGER-652:

[~spolavarapu], good work here. Can you help in moving the PDF into Apache Wiki page? I have
created a place holder page, but I am not able to copy paste from the PDF. I am losing all
the formatting. You might be able to do it with the raw format you might have.

If you can give me your wiki id, I can give you the permission to update it.

Few suggestions:
1. Need instructions to build and run the tool
2. Sample input files. You can copy the snippet in the wiki page


> LDAP configuration tool
> -----------------------
>                 Key: RANGER-652
>                 URL: https://issues.apache.org/jira/browse/RANGER-652
>             Project: Ranger
>          Issue Type: New Feature
>    Affects Versions: 0.5.0
>            Reporter: Velmurugan Periasamy
>            Assignee: Sailaja Polavarapu
>             Fix For: 0.6.0
>         Attachments: 0001-RANGER-652-Adding-support-for-ldap-connection-check-.patch,
Ldap Connection Check Tool.pdf
> A common use-case for Ranger is to sync the enterprise LDAP/AD users and make the process
of defining authorization policies simpler. Currently, making this integration to LDAP/AD
server require some effort from the administrator as Ranger provides many properties that
need to be configured to sync the LDAP/AD users.
> It would be very helpful to have a tool that helps administrators to configure LDAP properties
for Ranger UserSync and LDAP/AD authentication for Ranger Admin. 
> For example, this tool can collect minimal input about the LDAP/AD server and provide
suggestions for various other LDAP/AD properties in order to successfully pull only targeted
Users and Groups from the LDAP/AD server. Admins can change the input and verify if they are
correct by validating the users/groups retrieved. 
> Once all the properties are discovered and tested with the tool, these values can be
applied in Ranger config. This will save time and reduce errors when configuring ranger usersync
and admin.

This message was sent by Atlassian JIRA

View raw message