Bolke de Bruin created RANGER-980:
-------------------------------------
Summary: User sync does not delete users if they do not exist
anymore
Key: RANGER-980
URL: https://issues.apache.org/jira/browse/RANGER-980
Project: Ranger
Issue Type: Bug
Components: usersync
Affects Versions: 0.6.0, 0.5.3
Reporter: Bolke de Bruin
Priority: Critical
usersync for all sources creates users and groups, but does not delete them
from Ranger's database if these users and groups do not exists anymore in the
original source.
So if you have for example a user called "bob" and bob leaves the company his
access rights will continue to exist in Ranger. If a new employee comes in that
is also "bob" he is immediately granted the same access as the previous
employee. This creates security incidents.
In a reasonable complex company it cannot be expected that another user
administration is being taken care of, while deletion could and should happen
automatically.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
