This is really old, but this is what I found.
"ranger.usersync.ldap.user.searchfilter":
"(|(samaaccountname=)(memberof=CN=)(...))
On Thu, Apr 18, 2024 at 10:54 AM Loïc CHANEL <loic.cha...@telecomnancy.net>
wrote:
> That's what I was hoping indeed, but unfortunately :
>
> 2024-04-18 14:39:39,400 [http-nio-6080-exec-7] DEBUG
> [RangerAuthenticationProvider.java:291] LDAP Authentication Failed:
> org.springframework.security.authentication.InternalAuthenticationServiceException:
> Failed to parse DN; nested exception is
> org.springframework.ldap.core.TokenMgrError: Lexical error at line 1,
> column 10. Encountered: "(" (40), after : ""
>
> I tried to escape the character with a backslash but got the exact same
> result. Any other ideas ?
> Best regards,
>
>
> Loïc CHANEL
> Technical leader Big Data
> Capgemini (Lyon, France)
>
>
> Le jeu. 18 avr. 2024 à 16:24, j km <alericmcke...@gmail.com> a écrit :
>
>> I think it is just an or
>> & (&(filter1) (filter2)) AND — all conditions must be met
>> | (|(filter1) (filter2)) OR — any number of conditions can be met
>> ! (!(filter1)) NOT — the condition must not be met
>>
>> On Thu, Apr 18, 2024 at 10:06 AM Loïc CHANEL <
>> loic.cha...@telecomnancy.net> wrote:
>>
>>> Just a follow-up question though : is there a way to define several
>>> dnpattern
>>> values ? Because the users are located into two different sections of my
>>> LDAP, so I have the following patterns :
>>> CN={0},OU=External,OU=Users,DC=cmb,DC=blabla,DC=org and
>>> CN={0},OU=Internal,OU=Users,DC=cmb,DC=blabla,DC=org and I want LDAP
>>> authentication to work for both.
>>> Best regards,
>>>
>>>
>>> Loïc CHANEL
>>> Technical leader Big Data
>>> Capgemini (Lyon, France)
>>>
>>>
>>> Le jeu. 18 avr. 2024 à 13:39, Loïc CHANEL <loic.cha...@telecomnancy.net>
>>> a écrit :
>>>
>>>> Hi Vipin,
>>>>
>>>> Already did this but didn't see the file name as I was expecting them
>>>> to be before the properties but not after.
>>>> By finding the loaded file in the logs I've been able to troubleshoot
>>>> my issue.
>>>> Thanks a lot for your help,
>>>>
>>>>
>>>> Loïc CHANEL
>>>> Technical leader Big Data
>>>> Capgemini (Lyon, France)
>>>>
>>>>
>>>> Le jeu. 18 avr. 2024 à 13:11, Vipin Rathor <v.rat...@gmail.com> a
>>>> écrit :
>>>>
>>>>> Hi Loïc,
>>>>> If you turn on log4j debug for Apache Ranger, then the debug log will
>>>>> tell you where the congratulations are being loaded from.
>>>>>
>>>>> Also, please check if you aren’t making changes in a different copy of
>>>>> the actual config file (most probably you might have checked but wouldn’t
>>>>> hurt to double check).
>>>>>
>>>>> Regards,
>>>>> VR
>>>>>
>>>>> On Apr 18, 2024, at 14:43, Loïc CHANEL <loic.cha...@telecomnancy.net>
>>>>> wrote:
>>>>>
>>>>>
>>>>> Hi everyone,
>>>>>
>>>>> I'm trying to configure the LDAP authentication for UI access, so I
>>>>> edited the properties in ranger-admin-site.xml file and restarted,
>>>>> but I saw in the logs the properties I edited are not applied. For
>>>>> instance, the property ranger.ldap.url has the value ldap://
>>>>> cmb.mydomain.org:389 in the XML file, but when Ranger starts I can
>>>>> see in the logs that the default value ( ldap:// ) is loaded by
>>>>> Ranger instead of what I defined.
>>>>> Is there something I'm missing ? How can I see where the values are
>>>>> loaded from ?
>>>>> Thanks for your help,
>>>>>
>>>>>
>>>>> Loïc CHANEL
>>>>> Technical leader Big Data
>>>>> Capgemini (Lyon, France)
>>>>>
>>>>>
