Synchronizing LDAP users

You can manually synch users or synch them during a nightly batch job, but make sure for good performance you use the correct rules.

Before you begin, make sure you have an active connection to an LDAP directory server in the Server Configuration tab to see the other configuration tabs. For more information, see Overview of directory server integration steps.

Fastpath:
  • Admin Console > People > Directory Server, than the User Synchronization tab
  • Advanced Admin Console > People > Settings > Directory Server Settings, than the User Synchronization tab
Typically the application is configured to synchronize a user profile to LDAP each time the user logs in to the community. Additionally, you can also run the synchronization nightly to catch up with any changes during the day. However, you may want to sync users manually when:
  • You have added a number of new users in LDAP who have never logged into the community
  • You want to mass-disable community users from LDAP.

To set up synchronization:

  1. Go to the directory server configuration page:
    • Admin Console > People > Directory Server
    • Advanced Admin Console > People > Settings > Directory Server Settings
  2. Make sure you defined a valid connection to an LDAP directory server in the Server Configuration tab.
    If you don't have a working connection established, you won't be able to see the rest of the configuration tabs.
  3. In the User Synchronization tab, specify the synchronization setting.
    1. If you want to synch fields every night automatically, select Scheduled sync task enabled.
    2. If you want to synchronize each user fields whenever they log in, select Synchronize user profiles on login.
    3. If you want synchronization to result in user accounts that have been deleted from LDAP being auto-disabled, select Disable federated user accounts not found in the directory. If you check this box, you can also disable users based on matching a field value if you set the User Disabled Field and User Disabled Field Value fields in the User Mapping tab. See User Mapping for more information about these fields.
  4. Click Save Changes to save the configuration.
  5. If you want to synch accounts immediately, click Run Synchronization Task Now.

A LDAP group is synced into Jive only when a user from that LDAP group logs into your community. So you may not see all your LDAP groups synced into the community once you create the groups, but they will be synced over some time. To minimize the impact, the sync runs in small batches after the user logs into Jive.