ranger-usersync使用ldap时候必须配置配置密码,如下ldap访问无需密码采用的匿名访问方式(使用LDAP admin软件访问时候如果填写密码会报错)。
# ldap bind password for the bind dn specified above
# please ensure read access to this file is limited to root, to protect the password
# Must specify a value if SYNC_SOURCE is ldap
# unless anonymous search is allowed by the directory on users and group
SYNC_LDAP_BIND_PASSWORD =
报错如下:
[ranger@ranger ranger-2.6.0-usersync]$ ./setup.sh
INFO: moving [/opt/ranger-2.6.0-usersync/usersync/conf/java_home.sh] to [/opt/ranger-2.6.0-usersync/usersync/conf/.java_home.sh.21012026164731] .......
Direct Key not found:ranger_base_dir
Direct Key not found:rangerUsersync_password
Direct Key not found:hadoop_conf
Direct Key not found:USERSYNC_PID_DIR_PATH
Direct Key not found:SYNC_GROUP_USER_MAP_SYNC_ENABLED
Traceback (most recent call last):File "./setup.py", line 625, in <module>main()File "./setup.py", line 436, in mainmodifiedInstallProps = convertInstallPropsToXML(installProps)File "./setup.py", line 269, in convertInstallPropsToXMLldapPass = ret[SYNC_LDAP_BIND_PASSWORD_KEY]
KeyError: 'ranger.usersync.ldap.ldapbindpassword'
可以修改setup.py略过校验
找到此行,注释即可# password_validation(ldapPass, SYNC_LDAP_BIND_PASSWORD_KEY)
其实,这个校验也比较简单,就是不能为空if password:
def password_validation(password, userType):if password:if re.search("[\\\`'\"]", password):print("[E] " + userType + " property contains one of the unsupported special characters like \" ' \ `")sys.exit(1)else:print("[I] " + userType + " property is verified.")else:print("[E] Blank password is not allowed for property " + userType + ",please enter valid password.")sys.exit(1)