Skip to main content

Public

Project privacy set to public. By default, its content is available to everyone (authenticated or not). Please note that more restrictive permissions might exist on some items.

    •  
      request #20143 force ldap attribute update
    Actions
    Infos
    #20143
    Jeff CLAY (jeffclay)
    2021-03-30 11:20
    2021-03-26 15:33
    21736
    Details
    force ldap attribute update

    I have Tuleap linked with my AD and groups are syncing appropriately. Some of the users did not have an e-mail address in the ldap attribute when the group was synced. I have since added e-mail in ldap but Tuleap doesn't seem to recognize the new data. I have tried clicking "Update directory group binding (groupname)" but it just says "# users not impacted". I went ahead and clicked the "Synchronize" button but it didn't update anything.

    Is there a way to force Tuleap to update all attributes from the existing users?

    Authentication & LDAP
    12.5
    EL7 (CentOS|RHEL)
    • [ ] enhancement
    • [ ] internal improvement
    Empty
    Stage
    Empty
    Closed
    2021-03-30
    Attachments
    Artifact links
    Empty
    Empty
    References
    References list is empty
    Display settings

    Follow-ups

    User avatar
    Manuel Vacelet (vaceletm)2021-03-30 11:20

    The changes did sync/update overnight.

    Good!

    For future reference, is there a way to force that type of update instead of waiting?

    You could force to run the nightly synchro by hand with

    tuleap daily-job

    But this will trigger everything that run at nights (stats, re-synchro). On big platforms it can be CPU & IO consuming

    • Status changed from New to Closed
    • Close date set to 2021-03-30
    User avatar
    Jeff CLAY (jeffclay)2021-03-29 21:59

    The changes did sync/update overnight. For future reference, is there a way to force that type of update instead of waiting?

    Thank you

    User avatar
    Manuel Vacelet (vaceletm)2021-03-26 17:26

    That said, during nightly synchro the new attributes should be replicated. Is $sys_ldap_daily_sync set to 1 in your config ?

    User avatar
    Jeff CLAY (jeffclay)2021-03-26 17:20

    It seems that the ldap group sync is only checking for new user accounts and not modified fields on existing accounts. There aren't any new users to sync so I get the expected message about the number of unaffected users.

    User avatar
    Manuel Vacelet (vaceletm)2021-03-26 17:10

    You might have some clues about what's going one when you force synchronisation in ldap logs (might need the platform verbosity set to debug)