You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@ranger.apache.org by "Nigel Jones (JIRA)" <ji...@apache.org> on 2017/05/10 17:21:04 UTC

[jira] [Assigned] (RANGER-1486) New usersync alternative for Atlas (vdc)

     [ https://issues.apache.org/jira/browse/RANGER-1486?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Nigel Jones reassigned RANGER-1486:
-----------------------------------

    Assignee: Nigel Jones

> New usersync alternative for Atlas (vdc)
> ----------------------------------------
>
>                 Key: RANGER-1486
>                 URL: https://issues.apache.org/jira/browse/RANGER-1486
>             Project: Ranger
>          Issue Type: New Feature
>          Components: usersync
>            Reporter: Nigel Jones
>            Assignee: Nigel Jones
>              Labels: VirtualDataConnector
>
> As part of the Atlas Virtualization Data Connector work we are using this within a large enterprise with a lot of users & groups stored in ldap.
> The connector -- which has a ranger plugin to apply access control policies -- is used by a relatively small subset of these users. However that can't easily be transcribed to an optimal ldap query.
> Since Atlas will have the definitive list of roles that are being used, this new usersync will instead retrieve a list of roles from Atlas, and will then use this list to retrieve only those users found in this list of roles from LDAP.
> This is an alternative usersync so shouldn't conflict and will use the same ranger APIs



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)