[jira] [Commented] (RANGER-652) LDAP configuration tool

Thu, 15 Oct 2015 10:53:38 -0700 

    [ 
https://issues.apache.org/jira/browse/RANGER-652?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14959293#comment-14959293
 ] 

Don Bosco Durai commented on RANGER-652:
----------------------------------------

[~spolavarapu], thanks.

Thanks for putting the build instructions. Do I need to install usersync for 
this tool to run? I tried running from it from exploded package path 
(ranger-0.5.0-usersync/ldaptool) and I am getting the following error:

JAVA commnad = java -cp 
/tmp/ranger-0.5.0-usersync/ldaptool/lib/ldapconfigcheck.jar:/tmp/ranger-0.5.0-usersync/ldaptool/lib/*:/tmp/ranger-0.5.0-usersync/ldaptool/conf
 org.apache.ranger.ldapconfigcheck.LdapConfigCheckMain -o 
/tmp/ranger-0.5.0-usersync/ldaptool/output/
Error: Could not find or load main class 
org.apache.ranger.ldapconfigcheck.LdapConfigCheckMain

Let me know if I am doing something wrong?

Regarding configurign self-sigend certs, can you link it to one of our 
document? Lot of users don't know how to extract the certificates and import it.

Thanks




> LDAP configuration tool
> -----------------------
>
>                 Key: RANGER-652
>                 URL: https://issues.apache.org/jira/browse/RANGER-652
>             Project: Ranger
>          Issue Type: New Feature
>    Affects Versions: 0.5.0
>            Reporter: Velmurugan Periasamy
>            Assignee: Sailaja Polavarapu
>             Fix For: 0.6.0
>
>         Attachments: 
> 0001-RANGER-652-Adding-support-for-ldap-connection-check-.patch, Ldap 
> Connection Check Tool.pdf
>
>
> A common use-case for Ranger is to sync the enterprise LDAP/AD users and make 
> the process of defining authorization policies simpler. Currently, making 
> this integration to LDAP/AD server require some effort from the administrator 
> as Ranger provides many properties that need to be configured to sync the 
> LDAP/AD users.
> It would be very helpful to have a tool that helps administrators to 
> configure LDAP properties for Ranger UserSync and LDAP/AD authentication for 
> Ranger Admin. 
> For example, this tool can collect minimal input about the LDAP/AD server and 
> provide suggestions for various other LDAP/AD properties in order to 
> successfully pull only targeted Users and Groups from the LDAP/AD server. 
> Admins can change the input and verify if they are correct by validating the 
> users/groups retrieved. 
> Once all the properties are discovered and tested with the tool, these values 
> can be applied in Ranger config. This will save time and reduce errors when 
> configuring ranger usersync and admin.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to