unixauthservice/scripts/install.properties - ranger - Git at Google

 # Licensed to the Apache Software Foundation (ASF) under one or more
 # contributor license agreements.  See the NOTICE file distributed with
 # this work for additional information regarding copyright ownership.
 # The ASF licenses this file to You under the Apache License, Version 2.0
 # (the "License"); you may not use this file except in compliance with
 # the License.  You may obtain a copy of the License at
 #
 #     http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.

 #
 # The following URL should be the base URL for connecting to the policy manager web application
 # For example:
 #
 #  POLICY_MGR_URL = http://policymanager.xasecure.net:6080
 #
 POLICY_MGR_URL =

 # sync source,  only unix and ldap are supported at present
 # defaults to unix
 SYNC_SOURCE =


 #
 # Minumum Unix User-id to start SYNC.
 # This should avoid creating UNIX system-level users in the Policy Manager
 #
 MIN_UNIX_USER_ID_TO_SYNC = 1000

 # sync interval in minutes
 # user, groups would be synced again at the end of each sync interval
 # defaults to 5   if SYNC_SOURCE is unix
 # defaults to 360 if SYNC_SOURCE is ldap
 SYNC_INTERVAL =

 #User and group for the usersync process
 unix_user=ranger
 unix_group=ranger


 # ---------------------------------------------------------------
 # The following properties are relevant only if SYNC_SOURCE = ldap
 # ---------------------------------------------------------------

 # URL of source ldap
 # a sample value would be:  ldap://ldap.example.com:389
 # Must specify a value if SYNC_SOURCE is ldap
 SYNC_LDAP_URL =

 # ldap bind dn used to connect to ldap and query for users and groups
 # a sample value would be cn=admin,ou=users,dc=hadoop,dc=apache,dc-org
 # Must specify a value if SYNC_SOURCE is ldap
 SYNC_LDAP_BIND_DN =

 # ldap bind password for the bind dn specified above
 # please ensure read access to this file  is limited to root, to protect the password
 # Must specify a value if SYNC_SOURCE is ldap
 # unless anonymous search is allowed by the directory on users and group
 SYNC_LDAP_BIND_PASSWORD =
 CRED_KEYSTORE_FILENAME=/usr/lib/xausersync/.jceks/xausersync.jceks
 # search base for users
 # sample value would be ou=users,dc=hadoop,dc=apache,dc=org
 SYNC_LDAP_USER_SEARCH_BASE =

 # search scope for the users, only base, one and sub are supported values
 # please customize the value to suit your deployment
 # default value: sub
 SYNC_LDAP_USER_SEARCH_SCOPE = sub

 # objectclass to identify user entries
 # please customize the value to suit your deployment
 # default value: person
 SYNC_LDAP_USER_OBJECT_CLASS = person

 # optional additional filter constraining the users selected for syncing
 # a sample value would be (dept=eng)
 # please customize the value to suit your deployment
 # default value is empty
 SYNC_LDAP_USER_SEARCH_FILTER =

 # attribute from user entry that would be treated as user name
 # please customize the value to suit your deployment
 # default value: cn
 SYNC_LDAP_USER_NAME_ATTRIBUTE = cn

 # attribute from user entry whose values would be treated as
 # group values to be pushed into Policy Manager database
 # You could provide multiple attribute names separated by comma
 # default value: memberof, ismemberof
 SYNC_LDAP_USER_GROUP_NAME_ATTRIBUTE = memberof,ismemberof
 #
 # UserSync - Case Conversion Flags
 # possible values:  none, lower, upper
 SYNC_LDAP_USERNAME_CASE_CONVERSION=lower
 SYNC_LDAP_GROUPNAME_CASE_CONVERSION=lower

 #user sync log path
 logdir=logs
 #/var/log/ranger/usersync
	# Licensed to the Apache Software Foundation (ASF) under one or more
	# contributor license agreements. See the NOTICE file distributed with
	# this work for additional information regarding copyright ownership.
	# The ASF licenses this file to You under the Apache License, Version 2.0
	# (the "License"); you may not use this file except in compliance with
	# the License. You may obtain a copy of the License at
	#
	# http://www.apache.org/licenses/LICENSE-2.0
	#
	# Unless required by applicable law or agreed to in writing, software
	# distributed under the License is distributed on an "AS IS" BASIS,
	# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	# See the License for the specific language governing permissions and
	# limitations under the License.

	#
	# The following URL should be the base URL for connecting to the policy manager web application
	# For example:
	#
	# POLICY_MGR_URL = http://policymanager.xasecure.net:6080
	#
	POLICY_MGR_URL =

	# sync source, only unix and ldap are supported at present
	# defaults to unix
	SYNC_SOURCE =


	#
	# Minumum Unix User-id to start SYNC.
	# This should avoid creating UNIX system-level users in the Policy Manager
	#
	MIN_UNIX_USER_ID_TO_SYNC = 1000

	# sync interval in minutes
	# user, groups would be synced again at the end of each sync interval
	# defaults to 5 if SYNC_SOURCE is unix
	# defaults to 360 if SYNC_SOURCE is ldap
	SYNC_INTERVAL =

	#User and group for the usersync process
	unix_user=ranger
	unix_group=ranger


	# ---------------------------------------------------------------
	# The following properties are relevant only if SYNC_SOURCE = ldap
	# ---------------------------------------------------------------

	# URL of source ldap
	# a sample value would be: ldap://ldap.example.com:389
	# Must specify a value if SYNC_SOURCE is ldap
	SYNC_LDAP_URL =

	# ldap bind dn used to connect to ldap and query for users and groups
	# a sample value would be cn=admin,ou=users,dc=hadoop,dc=apache,dc-org
	# Must specify a value if SYNC_SOURCE is ldap
	SYNC_LDAP_BIND_DN =

	# ldap bind password for the bind dn specified above
	# please ensure read access to this file is limited to root, to protect the password
	# Must specify a value if SYNC_SOURCE is ldap
	# unless anonymous search is allowed by the directory on users and group
	SYNC_LDAP_BIND_PASSWORD =
	CRED_KEYSTORE_FILENAME=/usr/lib/xausersync/.jceks/xausersync.jceks
	# search base for users
	# sample value would be ou=users,dc=hadoop,dc=apache,dc=org
	SYNC_LDAP_USER_SEARCH_BASE =

	# search scope for the users, only base, one and sub are supported values
	# please customize the value to suit your deployment
	# default value: sub
	SYNC_LDAP_USER_SEARCH_SCOPE = sub

	# objectclass to identify user entries
	# please customize the value to suit your deployment
	# default value: person
	SYNC_LDAP_USER_OBJECT_CLASS = person

	# optional additional filter constraining the users selected for syncing
	# a sample value would be (dept=eng)
	# please customize the value to suit your deployment
	# default value is empty
	SYNC_LDAP_USER_SEARCH_FILTER =

	# attribute from user entry that would be treated as user name
	# please customize the value to suit your deployment
	# default value: cn
	SYNC_LDAP_USER_NAME_ATTRIBUTE = cn

	# attribute from user entry whose values would be treated as
	# group values to be pushed into Policy Manager database
	# You could provide multiple attribute names separated by comma
	# default value: memberof, ismemberof
	SYNC_LDAP_USER_GROUP_NAME_ATTRIBUTE = memberof,ismemberof
	#
	# UserSync - Case Conversion Flags
	# possible values: none, lower, upper
	SYNC_LDAP_USERNAME_CASE_CONVERSION=lower
	SYNC_LDAP_GROUPNAME_CASE_CONVERSION=lower

	#user sync log path
	logdir=logs
	#/var/log/ranger/usersync