Table of Contents

1. Overview

2. Details

2.1 Tool usage

2.2 Input properties

2.3 Discovery of usersync properties

2.4 Discovery of authentication properties

2.5 Retrieval of users and/or groups

2.6 Output directory content

2.7 Other usersync related properties

3. Assumptions

1. Overview

Ldap Connection Check tool is a command line tool that helps Ranger admin to configure Ldap properties for UserSync module. This tool collects minimal input from admin about the ldap/AD server and discovers various properties for users and groups in order to successfully pull only targeted Users and Groups from the Ldap/AD server. It provides various options like discovering/verifying user sync related properties as well as authentication properties, generating install properties for manual installation, etc. Once all the required properties are discovered and tested, these properties can be applied in Ranger config either through Ambari or manual install. 

2. Details

Ldap Connection check tool is a command line tool and can be run on any machine where Java is installed and Ldap/AD server access is available. This tool can be used to discover not only  user sync related properties but also authentication properties if needed. It also generates ambari configuration properties as well as install properties for manual installation. User is also provided an option to discover both the user and group properties together or separately. As part of the tool, a template properties file is provided for the user to update the values specific to the setup.

...