Commit 8a460fff authored by James Lopez's avatar James Lopez

update docs

parent 49f0dddd
---
title: Add LDAP synchronization based on filter for GitLab groups
merge_request:
author:
type: added
...@@ -54,9 +54,12 @@ new groups they might be added to when the user logs in. That way they don't nee ...@@ -54,9 +54,12 @@ new groups they might be added to when the user logs in. That way they don't nee
to wait for the hourly sync to be granted access to the groups that they are in to wait for the hourly sync to be granted access to the groups that they are in
in LDAP. in LDAP.
If `group_base` is set in LDAP configuration, a group sync process will run We can also add a GitLab group to sync with one or multiple LDAP groups or we can
every hour, on the hour. This allows GitLab group membership to be automatically also add a filter. The filter must comply with the syntax defined in [RFC 2254](https://tools.ietf.org/search/rfc2254).
updated based on LDAP group members.
A group sync process will run every hour on the hour, and `group_base` must be set
in LDAP configuration for LDAP synchronizations based on group CN to work. This allows
GitLab group membership to be automatically updated based on LDAP group members.
The `group_base` configuration should be a base LDAP 'container', such as an The `group_base` configuration should be a base LDAP 'container', such as an
'organization' or 'organizational unit', that contains LDAP groups that should 'organization' or 'organizational unit', that contains LDAP groups that should
...@@ -97,8 +100,9 @@ production: ...@@ -97,8 +100,9 @@ production:
To take advantage of group sync, group owners or masters will need to create an To take advantage of group sync, group owners or masters will need to create an
LDAP group link in their group **Settings -> LDAP Groups** page. Multiple LDAP LDAP group link in their group **Settings -> LDAP Groups** page. Multiple LDAP
groups can be linked with a single GitLab group. When the link is created, an groups and/or filters can be linked with a single GitLab group. When the link is
access level/role is specified (Guest, Reporter, Developer, Master, or Owner). created, an access level/role is specified (Guest, Reporter, Developer, Master,
or Owner).
## Administrator Sync ## Administrator Sync
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment