[
https://issues.apache.org/jira/browse/RANGER-3973?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18024215#comment-18024215
]
Jonas Hartwig commented on RANGER-3973:
---------------------------------------
Ok, so i reached out to my LDAP person. Turns out our ldap bind user was not
allowed to read uSNChanged. So this is not required to change anymore. As there
was an issue with the integration rather then the code. But the question
remains why the configuration of
SYNC_LDAP_DELTASYNC
is ignored and forced into the XML as true.
> LDAP incremental search not always available
> --------------------------------------------
>
> Key: RANGER-3973
> URL: https://issues.apache.org/jira/browse/RANGER-3973
> Project: Ranger
> Issue Type: Improvement
> Components: Ranger
> Affects Versions: 2.3.0
> Reporter: Jonas Hartwig
> Priority: Blocker
> Fix For: 3.0.0
>
>
> In certain situations the LDAP incremental user/groups search is not
> available. There is a feature already to disable incremental loads. This is a
> request to add a feature to disable using the delta fields for lookup. Our
> LDAP does not have modifyTimestamp field.
> When the flag ranger.usersync.ldap.deltasync is set ldap search should not
> use properties
> uSNChanged and modifyTimestamp (they are not needed).
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
