As part of the Atlas Virtualization Data Connector work we are using this within a large enterprise with a lot of users & groups stored in ldap.
The connector – which has a ranger plugin to apply access control policies – is used by a relatively small subset of these users. However that can't easily be transcribed to an optimal ldap query.
Since Atlas will have the definitive list of roles that are being used, this new usersync will instead retrieve a list of roles from Atlas, and will then use this list to retrieve only those users found in this list of roles from LDAP.
This is an alternative usersync so shouldn't conflict and will use the same ranger APIs