Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Selective AD sync for groups

adschwar
Champ in-the-making
Champ in-the-making

‎04-02-2013 04:32 PM

We have an incredibly large set of users (~100k) and groups in Active Directory. We sync users but not groups, as it would likely never finish and, if it did, it would yield a ridiculous mess.

We need to allow users to selectively create one or more groups (but not all!) in Alfresco from the set that exist in AD; this is not hard to do with some custom code. However, users also want these groups to be kept in sync with what's in AD.

In lieu of implementing our own daemon to do the syncing, I'm trying to figure out if there is a way to do this using some configuration trickery. I can't figure out how to do this by configuring the group sync and would be surprised if there was a way. However, since users have "memberOf" data in AD and we do sync users, is it somehow possible to have Alfresco update groups based on what the user's "memberOf" field?

Thanks,
Adam
Labels:
0 Kudos
1 REPLY 1

thijslemmens
Champ in-the-making
Champ in-the-making

‎04-05-2013 08:26 AM

The userRegistry contains the groupQuery. It is configured in common-ldap-context.xml an instance of LDAPUserRegistry. You could use the setGroupQuery on that bean to change the groups for the next synchronization.
Make sure it is set to the right value then before you do the first synchronization on startup.
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2025 Khoros, LLC