Sailaji, this is looking good.
Few clarification: >Without nested group support for ranger user sync, during policy authoring >time, customers are misled that the policies that are configured for >HadoopGroup are not applied to bob as the membership is only for IT. Is the core consideration is that “HadoopGroup” is not synchronized into Ranger and that is why it is needed to sync them into Ranger DB? Also, how does this affect user authentication with Ranger? Thanks Bosco From: Sailaja Polavarapu <[email protected]> Date: Thursday, August 24, 2017 at 2:59 PM To: "[email protected]" <[email protected]> Cc: Don Bosco Durai <[email protected]>, "[email protected]" <[email protected]> Subject: Discuss - Nested group support for ranger usersync Hi All, We are planning to support nested groups with LDAP/AD for Ranger Usersync. I created a design document and attached to the Apache Jira: https://issues.apache.org/jira/browse/RANGER-1735 Please provide your comments and feedback. Thanks, Sailaja.
