You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@ranger.apache.org by 黄健 <hu...@jd.com> on 2015/02/11 07:21:39 UTC

A bug about LDAP

Hi!
First I'm sorry that I have not enouth ability to build the capability with Ranger and LDAP .but I can show you the problem which I found.
Today, the bug is about LDAD synchronization blew
SYNC_LDAP_USER_GROUP_NAME_ATTRIBUTE = memberof,ismemberof
It is not work
In ldap, The attribute "memberof" is only used in objectclass "distinguishedNameMatch", and "ismemberof" is used for Active Directory, we can't add the attribute to the objectclass about person.  I advise that you can use the attribute "memeber" in the objectclass "posixGroup", The other system use this attribute.

________________________________
Yours sincerely, Jian Huang
Beijing China