Looking for some clarification on how incremental sync works / does. I have recently configured Ranger/AD sync with incremental sync off and the user search filter blank. This resulted in all users from AD being added to Ranger.
This was just intended as a base-case test, but when adding a new user search filter for the Ranger AD configs in Ambari and restarting the Ranger service, no changes appear to have been made (which is what I had expected when setting incremental sync to off) and ALL of the AD users are still visible, not just the ones specified by the filter. At this point have a some questions: 1. If I were to go into the Ranger UI and go to the users and groups menu and manually delete all of the AD users and groups, then add the user search filter to the Ranger configs, and restart Ranger would that wipe the rest of the users from Ranger's user DB and leave only the AD users from the search filter once Ranger was restarted? Any other way to get this desired result? 2. What would happen if accidentally manually deleted a unix user from the users and groups menu in the Ranger UI? Would they repopulate once restarted Ranger or would I need to something else to fix the mistake? -- This electronic message is intended only for the named recipient, and may contain information that is confidential or privileged. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution or use of the contents of this message is strictly prohibited. If you have received this message in error or are not the named recipient, please notify us immediately by contacting the sender at the electronic mail address noted above, and delete and destroy all copies of this message. Thank you.
