sehwan kim created RANGER-5466:
----------------------------------
Summary: Unnecessary delta sync filter applied in LDAP search when
delta sync is disabled
Key: RANGER-5466
URL: https://issues.apache.org/jira/browse/RANGER-5466
Project: Ranger
Issue Type: Bug
Components: usersync
Affects Versions: 2.7.0
Reporter: sehwan kim
In setup.py, when SYNC_SOURCE is set to LDAP, ranger.usersync.ldap.deltasync is
unconditionally hardcoded to "true". This prevents users from disabling delta
sync even if they explicitly set it to false in install.properties.
In LdapUserGroupBuilder, the LDAP search filter always includes delta sync
conditions(uSNChanged, modifyTimestamp) regardless of whether delta sync is
enabled.
When disabled, epoch-based values are used which effectively match all records,
so it does not cause incorrect results but adds unnecessary filter conditions
to every LDAP query.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
