Hello, Wondering if someone can help figure out this usersync issue. The initial sync appears to be working fine, but after that, the sync is not happening again afterwards (expecting every 1 hour). The AD system we’re using for this test is against an AWS Simple AD service, FYI. Thanks in advance for any advice!
This is the modified vars in install.properties: POLICY_MGR_URL = http://10.234.4.254:6080<http://10.234.4.254:6080/> SYNC_SOURCE = ldap SYNC_INTERVAL = 1 SYNC_LDAP_URL = ldap://10.234.3.243:389 SYNC_LDAP_BIND_DN = administra...@adapt.ad.com<mailto:administra...@adapt.ad.com> SYNC_LDAP_BIND_PASSWORD = ****** SYNC_LDAP_SEARCH_BASE = ou=Users,dc=adapt,dc=ad,dc=com Here is the usersync log: 06 Jun 2019 16:57:35 INFO UnixAuthenticationService [main] - Starting User Sync Service! 06 Jun 2019 16:57:35 INFO AbstractMapper [UnixUserSyncThread] - Initializing for ranger.usersync.mapping.username.regex 06 Jun 2019 16:57:35 INFO AbstractMapper [UnixUserSyncThread] - Initializing for ranger.usersync.mapping.groupname.regex 06 Jun 2019 16:57:35 INFO LdapDeltaUserGroupBuilder [UnixUserSyncThread] - LdapDeltaUserGroupBuilder created 06 Jun 2019 16:57:35 INFO UserGroupSyncConfig [UnixUserSyncThread] - Sleep Time Between Cycle can not be lower than [3600000] millisec. resetting to min value. 06 Jun 2019 16:57:35 INFO UserGroupSync [UnixUserSyncThread] - initializing sink: org.apache.ranger.ldapusersync.process.LdapPolicyMgrUserGroupBuilder 06 Jun 2019 16:57:35 WARN NativeCodeLoader [UnixUserSyncThread] - Unable to load native-hadoop library for your platform... using builtin-java classes where applicable 06 Jun 2019 16:57:36 INFO AbstractMapper [UnixUserSyncThread] - Initializing for ranger.usersync.mapping.username.regex 06 Jun 2019 16:57:36 INFO AbstractMapper [UnixUserSyncThread] - Initializing for ranger.usersync.mapping.groupname.regex 06 Jun 2019 16:57:36 INFO LdapDeltaUserGroupBuilder [UnixUserSyncThread] - LdapDeltaUserGroupBuilder created 06 Jun 2019 16:57:36 INFO UserGroupSync [UnixUserSyncThread] - initializing source: org.apache.ranger.ldapusersync.process.LdapDeltaUserGroupBuilder 06 Jun 2019 16:57:36 INFO LdapDeltaUserGroupBuilder [UnixUserSyncThread] - LdapDeltaUserGroupBuilder initialization started 06 Jun 2019 16:57:36 INFO LdapDeltaUserGroupBuilder [UnixUserSyncThread] - LdapDeltaUserGroupBuilder initialization completed with -- ldapUrl: ldap://10.234.3.243:389, ldapBindDn: administra...@adapt.ad.com, ldapBindPassword: ***** , ldapAuthenticationMechanism: simple, searchBase: cn=users,dc=adapt,dc=ad,dc=com, userSearchBase: [cn=users,dc=adapt,dc=ad,dc=com], userSearchScope: 2, userObjectClass: person, userSearchFilter: , extendedUserSearchFilter: null, userNameAttribute: cn, userSearchAttributes: [uSNChanged, cn, memberof, ismemberof, modifytimestamp], userGroupNameAttributeSet: [memberof, ismemberof], pagedResultsEnabled: true, pagedResultsSize: 500, groupSearchEnabled: false, groupSearchBase: [cn=users,dc=adapt,dc=ad,dc=com], groupSearchScope: 2, groupObjectClass: groupofnames, groupSearchFilter: , extendedGroupSearchFilter: (&null(|(member={0})(member={1}))), extendedAllGroupsSearchFilter: null, groupMemberAttributeName: member, groupNameAttribute: cn, groupSearchAttributes: [uSNChanged, member, cn, modifytimestamp], groupUserMapSyncEnabled: false, groupSearchFirstEnabled: false, userSearchEnabled: true, ldapReferral: ignore 06 Jun 2019 16:57:36 INFO UserGroupSync [UnixUserSyncThread] - Begin: initial load of user/group from source==>sink 06 Jun 2019 16:57:36 INFO LdapDeltaUserGroupBuilder [UnixUserSyncThread] - LdapDeltaUserGroupBuilder updateSink started 06 Jun 2019 16:57:36 INFO LdapDeltaUserGroupBuilder [UnixUserSyncThread] - Performing user search first 06 Jun 2019 16:57:36 INFO LdapDeltaUserGroupBuilder [UnixUserSyncThread] - extendedUserSearchFilter = (&(objectclass=person)(|(uSNChanged>=0)(modifyTimestamp>=19700101120000Z))) 06 Jun 2019 16:57:36 INFO LdapDeltaUserGroupBuilder [UnixUserSyncThread] - uSNChangedVal = 3723and currentDeltaSyncTime = 3723 06 Jun 2019 16:57:36 INFO LdapDeltaUserGroupBuilder [UnixUserSyncThread] - longGroupName: CN=Enterprise Admins,CN=Users,DC=adapt,DC=ad,DC=com, groupName: Enterprise Admins 06 Jun 2019 16:57:37 INFO LdapDeltaUserGroupBuilder [UnixUserSyncThread] - Updating user count: 1, userName: AWSAdminD-9267114D60 06 Jun 2019 16:57:37 INFO LdapDeltaUserGroupBuilder [UnixUserSyncThread] - uSNChangedVal = 3771and currentDeltaSyncTime = 3771 06 Jun 2019 16:57:37 INFO LdapDeltaUserGroupBuilder [UnixUserSyncThread] - longGroupName: CN=Application.Adapt.Adapt_Eng,CN=Users,DC=adapt,DC=ad,DC=com, groupName: Application.Adapt.Adapt_Eng 06 Jun 2019 16:57:37 INFO LdapDeltaUserGroupBuilder [UnixUserSyncThread] - Updating user count: 2, userName: Helene Treadwell 06 Jun 2019 16:57:37 INFO LdapDeltaUserGroupBuilder [UnixUserSyncThread] - uSNChangedVal = 3756and currentDeltaSyncTime = 3756 06 Jun 2019 16:57:37 INFO LdapDeltaUserGroupBuilder [UnixUserSyncThread] - longGroupName: CN=Administrators,CN=Builtin,DC=adapt,DC=ad,DC=com, groupName: Administrators 06 Jun 2019 16:57:37 INFO LdapDeltaUserGroupBuilder [UnixUserSyncThread] - longGroupName: CN=Group Policy Creator Owners,CN=Users,DC=adapt,DC=ad,DC=com, groupName: Group Policy Creator Owners 06 Jun 2019 16:57:37 INFO LdapDeltaUserGroupBuilder [UnixUserSyncThread] - longGroupName: CN=Schema Admins,CN=Users,DC=adapt,DC=ad,DC=com, groupName: Schema Admins 06 Jun 2019 16:57:37 INFO LdapDeltaUserGroupBuilder [UnixUserSyncThread] - longGroupName: CN=Domain Admins,CN=Users,DC=adapt,DC=ad,DC=com, groupName: Domain Admins 06 Jun 2019 16:57:37 INFO LdapDeltaUserGroupBuilder [UnixUserSyncThread] - Updating user count: 3, userName: Administrator 06 Jun 2019 16:57:37 INFO LdapDeltaUserGroupBuilder [UnixUserSyncThread] - uSNChangedVal = 3993and currentDeltaSyncTime = 3993 06 Jun 2019 16:57:38 INFO LdapDeltaUserGroupBuilder [UnixUserSyncThread] - Updating user count: 4, userName: Sanjay Darisi 06 Jun 2019 16:57:38 INFO LdapDeltaUserGroupBuilder [UnixUserSyncThread] - uSNChangedVal = 3786and currentDeltaSyncTime = 3786 06 Jun 2019 16:57:38 INFO LdapDeltaUserGroupBuilder [UnixUserSyncThread] - longGroupName: CN=Application.Adapt.Adapt_Eng,CN=Users,DC=adapt,DC=ad,DC=com, groupName: Application.Adapt.Adapt_Eng 06 Jun 2019 16:57:38 INFO LdapDeltaUserGroupBuilder [UnixUserSyncThread] - Updating user count: 5, userName: Steve Hall 06 Jun 2019 16:57:38 INFO LdapDeltaUserGroupBuilder [UnixUserSyncThread] - uSNChangedVal = 3547and currentDeltaSyncTime = 3547 06 Jun 2019 16:57:38 INFO LdapDeltaUserGroupBuilder [UnixUserSyncThread] - longGroupName: CN=Denied RODC Password Replication Group,CN=Users,DC=adapt,DC=ad,DC=com, groupName: Denied RODC Password Replication Group 06 Jun 2019 16:57:38 INFO LdapDeltaUserGroupBuilder [UnixUserSyncThread] - Updating user count: 6, userName: krbtgt 06 Jun 2019 16:57:38 INFO LdapDeltaUserGroupBuilder [UnixUserSyncThread] - uSNChangedVal = 3546and currentDeltaSyncTime = 3546 06 Jun 2019 16:57:39 INFO LdapDeltaUserGroupBuilder [UnixUserSyncThread] - longGroupName: CN=Guests,CN=Builtin,DC=adapt,DC=ad,DC=com, groupName: Guests 06 Jun 2019 16:57:39 INFO LdapDeltaUserGroupBuilder [UnixUserSyncThread] - Updating user count: 7, userName: Guest 06 Jun 2019 16:57:39 INFO LdapDeltaUserGroupBuilder [UnixUserSyncThread] - LdapDeltaUserGroupBuilder.getUsers() completed with user count: 7 06 Jun 2019 16:57:39 INFO UserGroupSync [UnixUserSyncThread] - End: initial load of user/group from source==>sink 06 Jun 2019 16:57:39 INFO UserGroupSync [UnixUserSyncThread] - Done initializing user/group source and sink 06 Jun 2019 16:57:40 INFO UnixAuthenticationService [main] - Enabling Unix Auth Service! 06 Jun 2019 16:57:40 INFO UnixAuthenticationService [main] - Enabling Protocol: [SSLv2Hello] 06 Jun 2019 16:57:40 INFO UnixAuthenticationService [main] - Enabling Protocol: [TLSv1] 06 Jun 2019 16:57:40 INFO UnixAuthenticationService [main] - Enabling Protocol: [TLSv1.1] 06 Jun 2019 16:57:40 INFO UnixAuthenticationService [main] - Enabling Protocol: [TLSv1.2] 06 Jun 2019 17:40:59 INFO PasswordValidator [Thread-11] - Response [FAILED: [admin] does not exists.] for user: admin 06 Jun 2019 21:12:23 INFO PasswordValidator [Thread-12] - Response [FAILED: [admin] does not exists.] for user: admin 06 Jun 2019 21:12:26 INFO PasswordValidator [Thread-13] - Response [FAILED: [admin] does not exists.] for user: admin 06 Jun 2019 22:39:30 INFO PasswordValidator [Thread-14] - Response [FAILED: [admin] does not exists.] for user: admin -Helene Treadwell
