[
https://issues.apache.org/jira/browse/RANGER-1211?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15781363#comment-15781363
]
Don Bosco Durai commented on RANGER-1211:
-----------------------------------------
[~spolavarapu], this would be a good feature to add. The design also looks good.
What is the fail-safe? If the property is configured, but the sync user is not
privileged, then would it be able to figure it out and fall back to full sync?
Thanks
> Improve Ranger Usersync to sync AD/LDAP users and/or groups incrementally.
> ---------------------------------------------------------------------------
>
> Key: RANGER-1211
> URL: https://issues.apache.org/jira/browse/RANGER-1211
> Project: Ranger
> Issue Type: Improvement
> Components: usersync
> Affects Versions: 0.6.1, 0.6.2
> Reporter: Sailaja Polavarapu
> Assignee: Sailaja Polavarapu
> Labels: ranger
> Fix For: 0.7.0
>
> Attachments:
> 0001-RANGER-1211-Support-incremental-Delta-Sync-with-AD-L.patch,
> DeltaSyncsupportforRangerUsersync.docx
>
>
> During every sync cycle, Ranger Usersync performs full LDAP/AD sync and
> computes the delta in-memory and updates ranger admin. Since usersync
> computes the delta (including group memberships) of all the users that are
> sync’d in memory for every sync cycle, UserSync can take a lot of resources
> on the server it is running on.
> Enhance usersync to perform full sync only during startup and incremental or
> delta sync for the subsequent sync cycles. This way the delta computation of
> group memberships can be highly reduced and can increase usersync
> performance.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
