You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@ranger.apache.org by "Mehul Parikh (JIRA)" <ji...@apache.org> on 2016/03/28 10:45:25 UTC

[jira] [Created] (RANGER-898) Change Ranger's default value for LDAP User / Group Sync Case Conversion properties to "none"

Mehul Parikh created RANGER-898:
-----------------------------------

             Summary: Change Ranger's default value for LDAP User / Group Sync Case Conversion properties to "none"
                 Key: RANGER-898
                 URL: https://issues.apache.org/jira/browse/RANGER-898
             Project: Ranger
          Issue Type: Improvement
          Components: usersync
    Affects Versions: 0.5.1
            Reporter: Mehul Parikh
            Assignee: Mehul Parikh
            Priority: Minor
             Fix For: 0.6.0


*Use Case:*

If user's LDAP / AD  has uppercase usernames and produce uppercase user Kerberos principals. When doing the initial user sync into Ranger, the default setting of "lower" causes all their user names to be saved in lower case, meaning they don't match the Kerberos principals that LDAP / AD is handing out. 
It seems to me the more sensible default for both username and group case conversion should be "none" and to just use whatever the backend directory hands out, as-is, to prevent unexpected confusion such as this.

*Proposed Solution:*
Change Ranger's default settings for below given properties : 

ldapGroupSync.username.caseConversion  = "none" 
ldapGroupSync.groupname.caseConversion = "none"




--
This message was sent by Atlassian JIRA
(v6.3.4#6332)