[jira] [Commented] (RANGER-652) LDAP configuration tool

Wed, 14 Oct 2015 11:30:33 -0700 

    [ 
https://issues.apache.org/jira/browse/RANGER-652?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14957469#comment-14957469
 ] 

Don Bosco Durai commented on RANGER-652:
----------------------------------------

[~spolavarapu], I saw that you have added the documentation. Can can you also 
give the instruction about how to build? Does regular build is enough? If so, 
let's make a note of it in the document and point it to our installation/build 
page.

Regarding LDAPS, if the OpenLDAP or AD is using self-signed certificates, then 
do we need to do anything more to run this tool? The reason I am asking is, 
recently there have been some issues connecting to LDAPs.

Thanks


> LDAP configuration tool
> -----------------------
>
>                 Key: RANGER-652
>                 URL: https://issues.apache.org/jira/browse/RANGER-652
>             Project: Ranger
>          Issue Type: New Feature
>    Affects Versions: 0.5.0
>            Reporter: Velmurugan Periasamy
>            Assignee: Sailaja Polavarapu
>             Fix For: 0.6.0
>
>         Attachments: 
> 0001-RANGER-652-Adding-support-for-ldap-connection-check-.patch, Ldap 
> Connection Check Tool.pdf
>
>
> A common use-case for Ranger is to sync the enterprise LDAP/AD users and make 
> the process of defining authorization policies simpler. Currently, making 
> this integration to LDAP/AD server require some effort from the administrator 
> as Ranger provides many properties that need to be configured to sync the 
> LDAP/AD users.
> It would be very helpful to have a tool that helps administrators to 
> configure LDAP properties for Ranger UserSync and LDAP/AD authentication for 
> Ranger Admin. 
> For example, this tool can collect minimal input about the LDAP/AD server and 
> provide suggestions for various other LDAP/AD properties in order to 
> successfully pull only targeted Users and Groups from the LDAP/AD server. 
> Admins can change the input and verify if they are correct by validating the 
> users/groups retrieved. 
> Once all the properties are discovered and tested with the tool, these values 
> can be applied in Ranger config. This will save time and reduce errors when 
> configuring ranger usersync and admin.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to