Synchronizing LDAP/Active Directory Groups

This Wiki page describes how the LDAP/Active Directory synchronization works and how can be configured.

How it works

This feature implements a one way group synchronization between LDAP/Active Directory and codeBeamer. The synchronization can not be executed from the codeBeamer it runs immediately after the user authentication in a part of the user synchronization. The process executes the following steps:

• Fetch all groups from LDAP/Active Directory for the user who logged id
• Fetch all user's and codeBeamer group as well which have LDAP/Active Directory name (it can be configured in system administration page)
• Removes that codeBeamer group(s) from user which have no match in the user's LDAP/Active Directory groups (was removed or the user never be in this LDAP/Active directory group)
• Add that codeBeamer group(s) to user which not already assigned to user, has the same LDAP/Active directory name which can be found in the fetched LDAP/Active Directory user group list (the user was added to the specified LDAP/Active directory group)

Configuration

• Go to system admininistration tab and open the user groups page

Figure: User Group List

• There is a new column (since 7.9.0) in the list: LDAP/AD Group Name. This column contains the LDAP/AD group name which is assigned to the codeBeamer group.
• To set the group name open the contex menu then click on edit

Figure Edit User Group

• The LDAP/Active Directory group name can be specified in this page. Make sure the correct LDAP/Active Directory group name is specified or the synchronization won't work.