Uploaded image for project: 'Ranger'
  1. Ranger
  2. RANGER-1486

New usersync alternative for Atlas (vdc)

Attach filesAttach ScreenshotAdd voteVotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • New Feature
    • Status: Open
    • Major
    • Resolution: Unresolved
    • None
    • None
    • usersync

    Description

      As part of the Atlas Virtualization Data Connector work we are using this within a large enterprise with a lot of users & groups stored in ldap.

      The connector – which has a ranger plugin to apply access control policies – is used by a relatively small subset of these users. However that can't easily be transcribed to an optimal ldap query.

      Since Atlas will have the definitive list of roles that are being used, this new usersync will instead retrieve a list of roles from Atlas, and will then use this list to retrieve only those users found in this list of roles from LDAP.

      This is an alternative usersync so shouldn't conflict and will use the same ranger APIs

      Attachments

        Issue Links

        Activity

          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            jonesn Nigel Jones
            jonesn Nigel Jones

            Dates

              Created:
              Updated:

              Slack

                Issue deployment