You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by sp...@apache.org on 2017/08/22 22:43:15 UTC
ranger git commit: RANGER-1632: Fixed issue where Users are not
sync'd when sAMAccountName is different than CN associated with groups -
ranger-0.7
Repository: ranger
Updated Branches:
refs/heads/ranger-0.7 e2f94d227 -> 852d326ec
RANGER-1632: Fixed issue where Users are not sync'd when sAMAccountName is different than CN associated with groups - ranger-0.7
Project: http://git-wip-us.apache.org/repos/asf/ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/ranger/commit/852d326e
Tree: http://git-wip-us.apache.org/repos/asf/ranger/tree/852d326e
Diff: http://git-wip-us.apache.org/repos/asf/ranger/diff/852d326e
Branch: refs/heads/ranger-0.7
Commit: 852d326ecc047392422669cbf8d165ff22123ccb
Parents: e2f94d2
Author: Sailaja Polavarapu <sp...@hortonworks.com>
Authored: Tue Aug 22 15:32:19 2017 -0700
Committer: Sailaja Polavarapu <sp...@hortonworks.com>
Committed: Tue Aug 22 15:32:19 2017 -0700
----------------------------------------------------------------------
.../process/LdapDeltaUserGroupBuilder.java | 35 ++++++++++++++++----
.../config/UserGroupSyncConfig.java | 12 +++++--
.../ranger/usergroupsync/TestLdapUserGroup.java | 30 ++++++++++++++++-
ugsync/src/test/resources/ADSchema.ldif | 2 +-
4 files changed, 67 insertions(+), 12 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ranger/blob/852d326e/ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapDeltaUserGroupBuilder.java
----------------------------------------------------------------------
diff --git a/ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapDeltaUserGroupBuilder.java b/ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapDeltaUserGroupBuilder.java
index 645a248..1204d79 100644
--- a/ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapDeltaUserGroupBuilder.java
+++ b/ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapDeltaUserGroupBuilder.java
@@ -32,6 +32,7 @@ import java.util.Map;
import java.util.Properties;
import java.util.Set;
import java.util.StringTokenizer;
+import java.util.HashMap;
import javax.naming.Context;
import javax.naming.InvalidNameException;
@@ -111,6 +112,7 @@ public class LdapDeltaUserGroupBuilder extends AbstractUserGroupSource {
//private Map<String, UserInfo> userGroupMap;
private Table<String, String, String> groupUserTable;
+ private Map<String, String> userNameMap;
public static void main(String[] args) throws Throwable {
LdapDeltaUserGroupBuilder ugBuilder = new LdapDeltaUserGroupBuilder();
@@ -149,6 +151,7 @@ public class LdapDeltaUserGroupBuilder extends AbstractUserGroupSource {
DateFormat dateFormat = new SimpleDateFormat("yyyyMMddhhmmss");
deltaSyncUserTimeStamp = dateFormat.format(new Date(0));
deltaSyncGroupTimeStamp = dateFormat.format(new Date(0));
+ userNameMap = new HashMap<String, String>();
setConfig();
}
@@ -324,8 +327,8 @@ public class LdapDeltaUserGroupBuilder extends AbstractUserGroupSource {
Map<String,String> groupUsersMap = groupUserTable.row(groupName);
Set<String> userSet = new HashSet<String>();
for(Map.Entry<String, String> entry : groupUsersMap.entrySet()){
- String transformUserName = userNameTransform(entry.getKey());
- userSet.add(transformUserName);
+ //String transformUserName = userNameTransform(entry.getKey());
+ userSet.add(entry.getValue());
}
List<String> userList = new ArrayList<>(userSet);
String transformGroupName = groupNameTransform(groupName);
@@ -387,6 +390,7 @@ public class LdapDeltaUserGroupBuilder extends AbstractUserGroupSource {
}
continue;
}
+ //System.out.println("userEntry = " + userEntry);
Attributes attributes = userEntry.getAttributes();
if (attributes == null) {
@@ -405,7 +409,8 @@ public class LdapDeltaUserGroupBuilder extends AbstractUserGroupSource {
}
continue;
}
-
+
+ String userFullName = (userEntry.getNameInNamespace()).toLowerCase();
String userName = (String) userNameAttr.get();
if (userName == null || userName.trim().isEmpty()) {
@@ -446,6 +451,8 @@ public class LdapDeltaUserGroupBuilder extends AbstractUserGroupSource {
LOG.error("sink.addOrUpdateUser failed with exception: " + t.getMessage()
+ ", for user: " + transformUserName);
}
+ //System.out.println("Adding user fullname = " + userFullName + " username = " + transformUserName);
+ userNameMap.put(userFullName, transformUserName);
Set<String> groups = new HashSet<String>();
// Get all the groups from the group name attribute of the user only when group search is not enabled.
@@ -467,6 +474,7 @@ public class LdapDeltaUserGroupBuilder extends AbstractUserGroupSource {
List<String> groupList = new ArrayList<String>(groups);
try {
sink.addOrUpdateUser(transformUserName, groupList);
+
} catch (Throwable t) {
LOG.error("sink.addOrUpdateUserGroups failed with exception: " + t.getMessage()
+ ", for user: " + transformUserName + " and groups: " + groupList);
@@ -495,7 +503,6 @@ public class LdapDeltaUserGroupBuilder extends AbstractUserGroupSource {
} else {
// If the user from the search result is present in the group user table,
// then addorupdate user to ranger admin.
- String userFullName = (userEntry.getNameInNamespace()).toLowerCase();
LOG.debug("Chekcing if the user " + userFullName + " is part of the retrieved groups");
if (groupUserTable.containsColumn(userFullName) || groupUserTable.containsColumn(userName)) {
String transformUserName = userNameTransform(userName);
@@ -505,6 +512,13 @@ public class LdapDeltaUserGroupBuilder extends AbstractUserGroupSource {
LOG.error("sink.addOrUpdateUser failed with exception: " + t.getMessage()
+ ", for user: " + transformUserName);
}
+ userNameMap.put(userFullName, transformUserName);
+ //Also update the username in the groupUserTable with the one from username attribute.
+ Map<String,String> userMap = groupUserTable.column(userFullName);
+ for(Map.Entry<String, String> entry : userMap.entrySet()){
+ LOG.debug("Updating groupUserTable " + entry.getValue() + " with: " + transformUserName + " for " + entry.getKey());
+ groupUserTable.put(entry.getKey(), userFullName, transformUserName);
+ }
}
}
@@ -537,7 +551,7 @@ public class LdapDeltaUserGroupBuilder extends AbstractUserGroupSource {
} while (cookie != null);
LOG.info("LdapDeltaUserGroupBuilder.getUsers() completed with user count: "
+ counter);
- } catch (Throwable t) {
+ } catch (Exception t) {
LOG.error("LdapDeltaUserGroupBuilder.getUsers() failed with exception: " + t);
LOG.info("LdapDeltaUserGroupBuilder.getUsers() user count: "
+ counter);
@@ -653,6 +667,7 @@ public class LdapDeltaUserGroupBuilder extends AbstractUserGroupSource {
}
userCount++;
String userName = getShortUserName(originalUserFullName);
+ originalUserFullName = originalUserFullName.toLowerCase();
if (groupSearchFirstEnabled && !userSearchEnabled) {
String transformUserName = userNameTransform(userName);
try {
@@ -661,8 +676,14 @@ public class LdapDeltaUserGroupBuilder extends AbstractUserGroupSource {
LOG.error("sink.addOrUpdateUser failed with exception: " + t.getMessage()
+ ", for user: " + transformUserName);
}
+ userNameMap.put(originalUserFullName, transformUserName);
+ }
+ //System.out.println("Adding " + userNameMap.get(originalUserFullName) + " and fullname = " + originalUserFullName + " to " + gName);
+ if (userNameMap.get(originalUserFullName) != null) {
+ groupUserTable.put(gName, originalUserFullName, userNameMap.get(originalUserFullName));
+ } else {
+ groupUserTable.put(gName, originalUserFullName, originalUserFullName);
}
- groupUserTable.put(gName, userName, userName);
}
LOG.info("No. of members in the group " + gName + " = " + userCount);
}
@@ -693,7 +714,7 @@ public class LdapDeltaUserGroupBuilder extends AbstractUserGroupSource {
} while (cookie != null);
LOG.info("LdapDeltaUserGroupBuilder.getGroups() completed with group count: "
+ counter);
- } catch (Throwable t) {
+ } catch (Exception t) {
LOG.error("LdapDeltaUserGroupBuilder.getGroups() failed with exception: " + t);
LOG.info("LdapDeltaUserGroupBuilder.getGroups() group count: "
+ counter);
http://git-wip-us.apache.org/repos/asf/ranger/blob/852d326e/ugsync/src/main/java/org/apache/ranger/unixusersync/config/UserGroupSyncConfig.java
----------------------------------------------------------------------
diff --git a/ugsync/src/main/java/org/apache/ranger/unixusersync/config/UserGroupSyncConfig.java b/ugsync/src/main/java/org/apache/ranger/unixusersync/config/UserGroupSyncConfig.java
index df16043..1564760 100644
--- a/ugsync/src/main/java/org/apache/ranger/unixusersync/config/UserGroupSyncConfig.java
+++ b/ugsync/src/main/java/org/apache/ranger/unixusersync/config/UserGroupSyncConfig.java
@@ -1065,9 +1065,15 @@ public class UserGroupSyncConfig {
}
/* Used only for unit testing */
- public void setDeltaSync(boolean deltaSyncEnabled) {
- prop.setProperty(LGSYNC_LDAP_DELTASYNC_ENABLED, String.valueOf(deltaSyncEnabled));
- }
+ public void setDeltaSync(boolean deltaSyncEnabled) {
+ prop.setProperty(LGSYNC_LDAP_DELTASYNC_ENABLED, String.valueOf(deltaSyncEnabled));
+ }
+
+ /* Used only for unit testing */
+ public void setUserNameAttribute(String userNameAttr) {
+ prop.setProperty(LGSYNC_USER_NAME_ATTRIBUTE, userNameAttr);
+ }
+
public String getGroupRoleRules() {
if(prop != null && prop.containsKey(GROUP_BASED_ROLE_ASSIGNMENT_RULES)) {
String GroupRoleRules = prop.getProperty(GROUP_BASED_ROLE_ASSIGNMENT_RULES);
http://git-wip-us.apache.org/repos/asf/ranger/blob/852d326e/ugsync/src/test/java/org/apache/ranger/usergroupsync/TestLdapUserGroup.java
----------------------------------------------------------------------
diff --git a/ugsync/src/test/java/org/apache/ranger/usergroupsync/TestLdapUserGroup.java b/ugsync/src/test/java/org/apache/ranger/usergroupsync/TestLdapUserGroup.java
index e5bf110..6ebc311 100644
--- a/ugsync/src/test/java/org/apache/ranger/usergroupsync/TestLdapUserGroup.java
+++ b/ugsync/src/test/java/org/apache/ranger/usergroupsync/TestLdapUserGroup.java
@@ -91,9 +91,10 @@ public class TestLdapUserGroup extends AbstractLdapTestUnit{
config = UserGroupSyncConfig.getInstance();
ldapBuilder = new LdapUserGroupBuilder();
}
-
+
@Test
public void testUpdateSinkTotalUsers() throws Throwable {
+ config.setUserNameAttribute("sAMAccountName");
config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com");
config.setUserSearchFilter("");
config.setGroupSearchBase("OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
@@ -112,6 +113,7 @@ public class TestLdapUserGroup extends AbstractLdapTestUnit{
@Test
public void testUpdateSinkWithoutPagedResults() throws Throwable {
+ config.setUserNameAttribute("sAMAccountName");
config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com");
config.setUserSearchFilter("");
config.setGroupSearchBase("OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
@@ -130,6 +132,7 @@ public class TestLdapUserGroup extends AbstractLdapTestUnit{
@Test
public void testUpdateSinkUserFilter() throws Throwable {
+ config.setUserNameAttribute("sAMAccountName");
config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com");
//config.setUserSearchFilter("(|(memberof=cn=usersGroup9,ou=Group,dc=openstacklocal)(memberof=cn=usersGroup4,ou=Group,dc=openstacklocal))");
config.setUserSearchFilter("(|(memberof=CN=Group10,OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com)(memberof=CN=Group11,OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com))");
@@ -148,6 +151,7 @@ public class TestLdapUserGroup extends AbstractLdapTestUnit{
@Test
public void testUpdateSinkTotalGroups() throws Throwable {
+ config.setUserNameAttribute("sAMAccountName");
config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com");
config.setUserSearchFilter("");
config.setGroupSearchBase("OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
@@ -166,6 +170,7 @@ public class TestLdapUserGroup extends AbstractLdapTestUnit{
@Test
public void testUpdateSinkGroupFilter() throws Throwable {
+ config.setUserNameAttribute("sAMAccountName");
config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com");
config.setUserSearchFilter("");
config.setGroupSearchBase("OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
@@ -184,6 +189,7 @@ public class TestLdapUserGroup extends AbstractLdapTestUnit{
@Test
public void testUpdateSinkGroupSearchDisable() throws Throwable {
+ config.setUserNameAttribute("sAMAccountName");
config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com");
config.setUserSearchFilter("");
config.setGroupSearchBase("OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
@@ -202,6 +208,7 @@ public class TestLdapUserGroup extends AbstractLdapTestUnit{
@Test
public void testUpdateSinkMultipleOUs() throws Throwable {
+ config.setUserNameAttribute("sAMAccountName");
config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=BusinessUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com");
config.setUserSearchFilter("cn=*");
config.setGroupSearchBase("OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
@@ -221,6 +228,7 @@ public class TestLdapUserGroup extends AbstractLdapTestUnit{
@Test
public void testUpdateSinkMultipleOUsNoGroupSearch() throws Throwable {
+ config.setUserNameAttribute("sAMAccountName");
config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=BusinessUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com");
config.setUserSearchFilter("cn=*");
config.setGroupSearchBase("OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
@@ -240,6 +248,7 @@ public class TestLdapUserGroup extends AbstractLdapTestUnit{
@Test
public void testMultipleOUGroupsNoGroupSearch() throws Throwable {
+ config.setUserNameAttribute("sAMAccountName");
config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=BusinessUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com");
config.setUserSearchFilter("cn=*");
config.setGroupSearchBase("OU=HdpGroups,OU=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
@@ -259,6 +268,7 @@ public class TestLdapUserGroup extends AbstractLdapTestUnit{
@Test
public void testMultipleOUGroupsWithGroupSearch() throws Throwable {
+ config.setUserNameAttribute("sAMAccountName");
config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=BusinessUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com");
config.setUserSearchFilter("cn=*");
config.setGroupSearchBase("OU=HdpGroups,OU=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
@@ -278,6 +288,7 @@ public class TestLdapUserGroup extends AbstractLdapTestUnit{
@Test
public void testUpdateSinkMultipleOUGroups() throws Throwable {
+ config.setUserNameAttribute("sAMAccountName");
config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=BusinessUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com");
config.setUserSearchFilter("cn=*");
config.setGroupSearchBase("OU=HdpGroups,OU=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
@@ -297,6 +308,7 @@ public class TestLdapUserGroup extends AbstractLdapTestUnit{
@Test
public void testGroupBasedAllUsers() throws Throwable {
+ config.setUserNameAttribute("sAMAccountName");
config.setUserSearchBase("DC=ranger,DC=qe,DC=hortonworks,DC=com;");
config.setUserSearchFilter("cn=*");
config.setGroupSearchBase("OU=HdpGroups,OU=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
@@ -336,6 +348,7 @@ public class TestLdapUserGroup extends AbstractLdapTestUnit{
@Test
public void testGroupBasedWithNoUsers() throws Throwable {
+ config.setUserNameAttribute("sAMAccountName");
config.setUserSearchBase("DC=ranger,DC=qe,DC=hortonworks,DC=com;");
config.setUserSearchFilter("cn=*");
config.setGroupSearchBase("OU=HdpGroups,OU=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
@@ -356,6 +369,7 @@ public class TestLdapUserGroup extends AbstractLdapTestUnit{
@Test
public void testGroupBasedWithAllUsersAndGroups() throws Throwable {
+ config.setUserNameAttribute("sAMAccountName");
config.setUserSearchBase("DC=ranger,DC=qe,DC=hortonworks,DC=com;");
config.setUserSearchFilter("cn=*");
config.setGroupSearchBase("OU=HdpGroups,OU=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
@@ -375,6 +389,7 @@ public class TestLdapUserGroup extends AbstractLdapTestUnit{
@Test
public void testGroupBasedWithSingleOU() throws Throwable {
+ config.setUserNameAttribute("sAMAccountName");
config.setUserSearchBase("DC=ranger,DC=qe,DC=hortonworks,DC=com;");
config.setUserSearchFilter("cn=*");
config.setGroupSearchBase("OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
@@ -395,6 +410,7 @@ public class TestLdapUserGroup extends AbstractLdapTestUnit{
@Test
public void testUpdateSinkWithEmptyUserSearchBase() throws Throwable {
+ config.setUserNameAttribute("sAMAccountName");
config.setUserSearchBase("");
config.setUserSearchFilter("");
config.setGroupSearchBase("OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
@@ -413,6 +429,7 @@ public class TestLdapUserGroup extends AbstractLdapTestUnit{
@Test
public void testGBWithUserSearchDisabled() throws Throwable {
+ config.setUserNameAttribute("sAMAccountName");
config.setUserSearchBase("DC=ranger,DC=qe,DC=hortonworks,DC=com;");
config.setUserSearchFilter("cn=User*");
config.setGroupSearchBase("OU=HdpGroups,OU=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
@@ -433,6 +450,7 @@ public class TestLdapUserGroup extends AbstractLdapTestUnit{
@Test
public void testGBWithNoUsersAndUserSearchDisabled() throws Throwable {
+ config.setUserNameAttribute("sAMAccountName");
config.setUserSearchBase("DC=ranger,DC=qe,DC=hortonworks,DC=com;");
config.setUserSearchFilter("cn=*");
config.setGroupSearchBase("OU=HdpGroups,OU=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
@@ -453,6 +471,7 @@ public class TestLdapUserGroup extends AbstractLdapTestUnit{
@Test
public void testUpdateSinkShortUserName() throws Throwable {
+ config.setUserNameAttribute("cn");
config.setUserSearchBase("ou=people,DC=ranger,DC=qe,DC=hortonworks,DC=com");
config.setUserSearchFilter("uid=*");
config.setUserObjectClass("posixAccount");
@@ -473,6 +492,7 @@ public class TestLdapUserGroup extends AbstractLdapTestUnit{
@Test
public void testShortUserNameWithGroupBased() throws Throwable {
+ config.setUserNameAttribute("cn");
config.setUserSearchBase("ou=people,DC=ranger,DC=qe,DC=hortonworks,DC=com");
config.setUserSearchFilter("uid=*");
config.setUserObjectClass("posixAccount");
@@ -493,6 +513,7 @@ public class TestLdapUserGroup extends AbstractLdapTestUnit{
@Test
public void testUpdateSinkWithUserGroupMapping() throws Throwable {
+ config.setUserNameAttribute("sAMAccountName");
config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com");
config.setUserSearchFilter("");
config.setGroupSearchBase("OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
@@ -525,6 +546,7 @@ public class TestLdapUserGroup extends AbstractLdapTestUnit{
@Test
public void testGBWithInvalidOU() throws Throwable {
+ config.setUserNameAttribute("sAMAccountName");
config.setUserSearchBase("DC=ranger,DC=qe,DC=hortonworks,DC=com;");
config.setUserSearchFilter("cn=User*");
config.setGroupSearchBase("OU=HdpGroup1,OU=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
@@ -545,6 +567,7 @@ public class TestLdapUserGroup extends AbstractLdapTestUnit{
@Test
public void testMultipleOUInvalidOU() throws Throwable {
+ config.setUserNameAttribute("sAMAccountName");
config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=HadoopUsers1,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=BusinessUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com");
config.setUserSearchFilter("cn=*");
config.setGroupSearchBase("OU=HdpGroups,OU=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;OU=Groups1,DC=ranger,DC=qe,DC=hortonworks,DC=com");
@@ -564,6 +587,7 @@ public class TestLdapUserGroup extends AbstractLdapTestUnit{
@Test
public void testDeltaUpdateSinkTotalGroups() throws Throwable {
+ config.setUserNameAttribute("sAMAccountName");
config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com");
config.setUserSearchFilter("");
config.setGroupSearchBase("OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
@@ -585,6 +609,7 @@ public class TestLdapUserGroup extends AbstractLdapTestUnit{
@Test
public void testDeltaUpdateSinkMultipleOUGroups() throws Throwable {
+ config.setUserNameAttribute("sAMAccountName");
config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=BusinessUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com");
config.setUserSearchFilter("cn=*");
config.setGroupSearchBase("OU=HdpGroups,OU=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
@@ -606,6 +631,7 @@ public class TestLdapUserGroup extends AbstractLdapTestUnit{
@Test
public void testDeltaGroupBasedWithUserFilter() throws Throwable {
+ config.setUserNameAttribute("sAMAccountName");
config.setUserSearchBase("DC=ranger,DC=qe,DC=hortonworks,DC=com;");
config.setUserSearchFilter("cn=User*");
config.setGroupSearchBase("OU=HdpGroups,OU=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
@@ -628,6 +654,7 @@ public class TestLdapUserGroup extends AbstractLdapTestUnit{
@Test
public void testDeltaGroupBasedWithNoUsers() throws Throwable {
+ config.setUserNameAttribute("sAMAccountName");
config.setUserSearchBase("DC=ranger,DC=qe,DC=hortonworks,DC=com;");
config.setUserSearchFilter("cn=*");
config.setGroupSearchBase("OU=HdpGroups,OU=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
@@ -650,6 +677,7 @@ public class TestLdapUserGroup extends AbstractLdapTestUnit{
@Test
public void testDeltaGBWithUserSearchDisabled() throws Throwable {
+ config.setUserNameAttribute("sAMAccountName");
config.setUserSearchBase("DC=ranger,DC=qe,DC=hortonworks,DC=com;");
config.setUserSearchFilter("cn=User*");
config.setGroupSearchBase("OU=HdpGroups,OU=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
http://git-wip-us.apache.org/repos/asf/ranger/blob/852d326e/ugsync/src/test/resources/ADSchema.ldif
----------------------------------------------------------------------
diff --git a/ugsync/src/test/resources/ADSchema.ldif b/ugsync/src/test/resources/ADSchema.ldif
index 8366d3a..a45a2fb 100644
--- a/ugsync/src/test/resources/ADSchema.ldif
+++ b/ugsync/src/test/resources/ADSchema.ldif
@@ -280,7 +280,7 @@ cn: User1000
userPassword: password
distinguishedName: CN=User1000,CN=Users,DC=ranger,DC=qe,DC=hortonworks,DC=com
memberOf: CN=Group10,OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com
-sAMAccountName: User1000
+sAMAccountName: U1000
#codePage: 0
#badPasswordTime: 0
pwdLastSet: 130850196406172191