If it's enabled it's going to need a keystore to verify users SSL key-pair. If the keystore doesn't exist and it's enabled could be why. I could be wrong but that's one thing that stood out to me.
Unfortunately, the majority who use ranger will likely be doing so through the likes of Cloudera. So, most of the information and support will be hidden away in internal KBs or behind several stays of configuration and installation automation. Most people who are constantly committing to this project going will be doing out of their own necessity so have a great depth of understanding of how the product works, so likely don't rely on documentation. From: Marc Hoppins <marc.hopp...@eset.com> Sent: 17 December 2024 12:55 To: user@ranger.apache.org; Nathan English (VIR R) <nathan.engl...@bt.com> Subject: RE: Usersync fail Why does that matter? Setup script is failing to install usersync. Because of these errors, the setup script also fails to complete as there is no ranger-ugsync-site.xml file created. I am confused as to why there appears to be crucial elements missing from the setup and did not anticipate having to troubleshoot the install procedure. From: nathan.english.bt.com via user <user@ranger.apache.org<mailto:user@ranger.apache.org>> Sent: Tuesday, December 17, 2024 1:50 PM To: user@ranger.apache.org<mailto:user@ranger.apache.org> Subject: RE: Usersync fail EXTERNAL Not installed Ranger for an extremely long time. But do you have SSL Authentication enabled in the install.properties? From: Marc Hoppins <marc.hopp...@eset.com<mailto:marc.hopp...@eset.com>> Sent: 17 December 2024 12:42 To: user@ranger.apache.org<mailto:user@ranger.apache.org> Subject: Usersync fail Hi, All, Usersync setup.sh fails and throws keytool error: java.io.FileNotFoundException: /etc/ranger/usersync/conf/cert/unixauthservice.jks (No such file or directory) ERROR: unable to create JavaKeystore for SSL: file (/etc/ranger/usersync/conf/cert/unixauthservice.jks) These items appear to be created by set_globals.sh but this script (set_globals.sh) doesn't appear to be called at all anywhere. I have tried with fresh installations, using both 2.4.0 and 2.5.0 versions, but get the same errors. Am I missing some basic thing that should be configured beforehand? Marc
