RE: rangerusersync incorrectly registering 401 as success

Fri, 03 Jan 2025 01:01:11 -0800 

Try setting the password for usersync within the admin UI.

I sympathise, the documentation for all of these ranger items (if any at all) 
is the worst I have ever come across.  There may as well be none at all.

-----Original Message-----
From: Laurence Brown via user <user@ranger.apache.org> 
Sent: Friday, January 3, 2025 9:02 AM
To: Laurence Brown via user <user@ranger.apache.org>
Subject: rangerusersync incorrectly registering 401 as success

EXTERNAL


I'm having issue with authentication for ranger user sync

I've changed the password via updatepolicymgrpassword.py, if I log in  manually 
via the UI with the rangerusersync user and use the same API the record is 
accepted but the rangerusersync process does not seem to be picking this up 
properly and I get 401 rejects in the log.

Furthermore rangeruser sync seems to be flagging these as successes



02 Jan 2025 18:31:15 DEBUG o.a.r.u.p.PolicyMgrUserGroupBuilder 
[UnixUserSyncThread] - User Group Mapping: 
{"userName":null,"noOfNewUsers":0,"noOfNewGroups":0,"noOfModifiedUsers":0,"noOfModifiedGroups":0,"syncSource":"LDAP/AD","sessionId":null,"ldapSyncSourceInfo":{"ldapUrl":"ldaps://adntadmin.lb.someplace:636","groupSearchFirstEnabled":"true","groupSearchEnabled":"true","userSearchEnabled":"true","userSearchFilter":"(&(objectclass=person)(|(uSNChanged>=390680187)(modifyTimestamp>=19700105123120Z))(|(memberof=cn=ACG-CGM-DBPersonal,ou=Account
 Groups,ou=ITS 
Security,dc=pc,dc=internal,dc=someplace,dc=com)(memberof=CN=ACG-CGM-DB-Generic-Account,OU=Account
 Groups,OU=ITS 
Security,DC=pc,DC=internal,DC=someplace,DC=com)))","groupSearchFilter":"(&(objectclass=groupofnames)(|(uSNChanged>=0)(modifyTimestamp>=19700101000000Z)))","groupHierarchyLevel":"0","totalUsersSynced":2452,"totalGroupsSynced":35890,"totalUsersDeleted":0,"totalGroupsDeleted":0},"unixSyncSourceInfo":null,"fileSyncSourceInfo":null}
02 Jan 2025 18:31:15  WARN o.a.r.u.p.PolicyMgrUserGroupBuilder 
[UnixUserSyncThread] - Credentials response from ranger is 401.
02 Jan 2025 18:31:15 DEBUG o.a.r.u.p.PolicyMgrUserGroupBuilder 
[UnixUserSyncThread] - <== 
PolicyMgrUserGroupBuilder.tryUploadEntityInfoWithCred()
02 Jan 2025 18:31:15 DEBUG o.a.r.u.p.PolicyMgrUserGroupBuilder 
[UnixUserSyncThread] - <== PolicyMgrUserGroupBuilder.cookieBasedUploadEntity()
02 Jan 2025 18:31:15 DEBUG o.a.r.u.p.PolicyMgrUserGroupBuilder 
[UnixUserSyncThread] - REST response from /service/xusers/ugsync/auditinfo/ : 
{"statusCode":401,"msgDesc":"Authentication Failed"}
02 Jan 2025 18:31:15 DEBUG o.a.r.u.p.PolicyMgrUserGroupBuilder 
[UnixUserSyncThread] - AuditInfo Creation successful


Any suggestions to resolve this?

----------------------------------------------------------------------
This email and any attachment is confidential. If you are not the intended 
recipient, please contact the sender and delete this message. Macquarie does 
not represent or warrant that this communication is free from computer viruses 
or other defects. For important disclosures and information about the 
incorporation and regulated status of Macquarie Group entities please see: 
www.macquarie.com/disclosures

Reply via email to