Robert Levas created AMBARI-18664: ------------------------------------- Summary: While syncing with LDAP, username collisions should be handled based on configuration value Key: AMBARI-18664 URL: https://issues.apache.org/jira/browse/AMBARI-18664 Project: Ambari Issue Type: Bug Components: ambari-server Affects Versions: 2.0.0 Reporter: Robert Levas Assignee: Eugene Chekanskiy Fix For: 2.4.2
While syncing with LDAP, username collisions should be handled based on an LDAP sync configuration value. The configuration options should be to indicate the following behaviors * convert ** convert the existing (non-LDAP user) user to an LDAP user ** This is the existing behavior * skip ** skip or ignore the collision, leaving the existing user unchanged ** a new user record should not be created Note: Future behavior may be to cause the sync operation to fail, but that shouldn't be handed yet. This configuration value should be set when setting up LDAP sync properties via {{ambari-server setup-ldap}} and be enforced when processing the sync operation in methods like {{org.apache.ambari.server.controller.AmbariManagementControllerImpl#synchronizeLdapUsersAndGroups}} or {{org.apache.ambari.server.security.authorization.Users#processLdapSync}}. -- This message was sent by Atlassian JIRA (v6.3.4#6332)