 | LDAP administration section and automatic user synchronization tool |
| Type | application |
| Category | |
| Developed by | Unknown |
| Rating | |
| License | Unknown |
Table of contents
Description
LDAP configuration section
This is simply a UI that exposes the LDAP configuration properties.
You can refer to http://platform.xwiki.org/xwiki/bin/view/AdminGuide/Authentication#HLDAPAuthentication and http://platform.xwiki.org/xwiki/bin/view/AdminGuide/LDAPAuthenticationUseCases for more information about LDAP configuration in XWiki.
LDAP synchronization feature
Configuring the synchronization frequencies
The LDAP synchronization relies on the Scheduler Application. It bring two scheduler jobs :
- One is responsible to start a synchronization cycle. It's name in the scheduler job table is Start LDAP synchronization cycle. Its default cron configuration is 0 0 2 * * ?, which means every night at 2 A.M.
- The other one is responsible to execute batches of user account synchronization. It's name in the scheduler job table is Execute LDAP synchronization batch. It's default configuration is 0 0/5 * * * ?, meaning every five minutes.
You can change the frequency of execution of each of the two jobs to better fit your need. Don't forget to unschedule and reschedule the jobs you edit in order for the new settings to take effect. Also, don't forget that LDAP group members are cache, for 6 hours as a default setting (see the parameter xwiki.authentication.ldap.groupcache_expiration). If you have a synchronization frequency higher than the cache purge frequency, you will not see the synchronization effects as expected.
Prerequisites & Installation Instructions
For the synchronization feature :
- You need to ensure the document XWiki.AdminLdapSyncSheet is saved by a user with programming access level
- You need to ensure the two scheduler jobs (namely XWiki.LdapFetchUsersToSynchronize and XWiki.SynchronizeLdapUsers) have sufficient rights (they should be saved by a user with programming access level) and are actually scheduled.
