During the synchronization session, all changes made to users and groups in the LDAP directory are applied to the corresponding connected bpm’online organizational structure elements.
Automatic synchronization
To set up automatic synchronization:
1.Open the System Designer by clicking the button in the top right corner of the application window.
2.Click the [LDAP integration setup] link in the [Import and integration] block.
3.Populate the [Synchronization interval (hours)] field. Automatic synchronization of users with LDAP will be performed with the indicated interval.
Note
Population of other fields of the [LDAP integration setup] page is described in a separate article. Read more >>>
4.Click the [Save] button to save the new folder (Fig. 1).
After you save the LDAP integration setup page, the synchronization will be run automatically. The “Run LDAP import” process will be run (Fig. 2).
Manual synchronization
To run the manual synchronization:
1.Open the System Designer by clicking the button in the top right corner of the application window.
2.Click the [Organizational roles] link in the [Users and administration] block.
3.Select the [Synchronize with LDAP] option in the section menu (Fig. 3). The “Run LDAP synchronization” process will be run, which in its turn calls the “Synchronize user data with LDAP” process (Fig. 4).
After the synchronization is complete, a confirmation message will be displayed.
Synchronization results
-
If an LDAP user is no longer among the active users, the [Active] checkbox will be cleared on the page of the corresponding bpm’online user and such user will not be able to log in.
-
If a previously inactive LDAP user has been activated, then the [Active] checkbox will be selected on the page of the synchronized bpm’online user.
-
If an LDAP user or group of users has been renamed, then the synchronized bpm’online users and roles will be renamed as well.
-
If an LDAP user has been excluded from an LDAP group that was synchronized with a bpm’online organizational structure element, then the corresponding bpm’online user will be excluded from the corresponding bpm’online organizational structure element.
-
If a synchronized LDAP user has been added to a synchronized LDAP group, then the corresponding bpm’online user will be added to the corresponding bpm’online organizational structure element.
-
If new unsynchronized LDAP users have been added to a synchronized LDAP element, the users will be imported to bpm’online.
-
If there are bpm’online users (not imported from LDAP) whose names match LDAP user names, their synchronization will not be performed.
-
If a synchronized LDAP user was deleted from a group connected with bpm’online organizational structure element, such user will remain active in bpm’omline but will not be able to log in.
See also
•Linking LDAP elements to bpm’online users and roles