mirror of
https://github.com/openshift/openshift-docs.git
synced 2026-02-06 15:46:57 +01:00
55 lines
2.4 KiB
Plaintext
55 lines
2.4 KiB
Plaintext
[[ldap-syncing]]
|
|
= Syncing LDAP groups
|
|
include::modules/common-attributes.adoc[]
|
|
:context: ldap-syncing-groups
|
|
toc::[]
|
|
|
|
ifdef::openshift-enterprise,openshift-webscale,openshift-origin[]
|
|
As an administrator,
|
|
endif::[]
|
|
ifdef::openshift-dedicated[]
|
|
As a xref:../authentication/understanding-and-creating-service-accounts.html#dedicated-admin-role-overview_{context}[dedicated administrator],
|
|
endif::[]
|
|
you can use groups to manage users, change
|
|
their permissions, and enhance collaboration. Your organization may have already
|
|
created user groups and stored them in an LDAP server. {product-title} can sync
|
|
those LDAP records with internal {product-title} records, enabling you to manage
|
|
your groups in one place. {product-title} currently supports group sync with
|
|
LDAP servers using three common schemas for defining group membership: RFC 2307,
|
|
Active Directory, and augmented Active Directory.
|
|
|
|
For more information on configuring LDAP, see
|
|
xref:../authentication/identity_providers/configuring-ldap-identity-provider.adoc#configuring-ldap-identity-provider[Configuring an LDAP identity provider].
|
|
|
|
ifdef::openshift-enterprise,openshift-webscale,openshift-origin[]
|
|
[NOTE]
|
|
====
|
|
You must have `cluster-admin` privileges to sync groups.
|
|
====
|
|
endif::[]
|
|
|
|
ifdef::openshift-dedicated[]
|
|
[NOTE]
|
|
====
|
|
You must have `dedicated-admins` privileges to sync groups.
|
|
====
|
|
endif::[]
|
|
|
|
include::modules/ldap-syncing-about.adoc[leveloffset=+1]
|
|
include::modules/ldap-syncing-config-rfc2307.adoc[leveloffset=+2]
|
|
include::modules/ldap-syncing-config-activedir.adoc[leveloffset=+2]
|
|
include::modules/ldap-syncing-config-augmented-activedir.adoc[leveloffset=+2]
|
|
include::modules/ldap-syncing-running.adoc[leveloffset=+1]
|
|
include::modules/ldap-syncing-running-all-ldap.adoc[leveloffset=+2]
|
|
include::modules/ldap-syncing-running-openshift.adoc[leveloffset=+2]
|
|
include::modules/ldap-syncing-running-subset.adoc[leveloffset=+2]
|
|
include::modules/ldap-syncing-pruning.adoc[leveloffset=+1]
|
|
include::modules/ldap-syncing-examples.adoc[leveloffset=+1]
|
|
include::modules/ldap-syncing-rfc2307.adoc[leveloffset=+2]
|
|
include::modules/ldap-syncing-rfc2307-user-defined.adoc[leveloffset=+2]
|
|
include::modules/ldap-syncing-rfc2307-user-defined-error.adoc[leveloffset=+2]
|
|
include::modules/ldap-syncing-activedir.adoc[leveloffset=+2]
|
|
include::modules/ldap-syncing-augmented-activedir.adoc[leveloffset=+2]
|
|
include::modules/ldap-syncing-nesting.adoc[leveloffset=+2]
|
|
include::modules/ldap-syncing-spec.adoc[leveloffset=+1]
|