kumaab opened a new pull request, #254: URL: https://github.com/apache/ranger/pull/254
## What changes were proposed in this pull request? [RANGER-3254](https://issues.apache.org/jira/browse/RANGER-3254) implemented a change in user/group mapping so that sync source is taken into account when a group name matches multiple sources. LDAP users belonging to a group like "CN=mygroup" will not be synced in Ranger if there is an existing "mygroup" that was imported by UnixUserGroupBuilder. This breaks a very common use case where posix users and groups are synced to the OS from an LDAP backend. In those cases, both the linux OS and LDAP/AD are using the same identity repository. If Ranger imported a set of users and groups from one sync source, and then later switches to another, group mappings break and users don't get all of their groups. Provide an option to treat users/groups from multiple sync sources as same for updating group memberships. ## How was this patch tested? Tested changes by changing sync source & restarting usersync. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
