openshift/openshift-docs
1
0
Fork 0
mirror of https://github.com/openshift/openshift-docs.git synced 2026-02-05 12:46:18 +01:00
Code Issues Releases Activity
Files
eb7953df7f2265c293783ef096ad96e7fc5d90ff
openshift-docs/authentication/ldap-syncing.adoc
Andrea Hoffer 22ecbb3d18 OSDOCS#17381: Adding blank lines after includes
2025-11-20 17:24:32 +00:00

91 lines
3.6 KiB
Plaintext
Raw Blame History

:_mod-docs-content-type: ASSEMBLY
[id="ldap-syncing"]
= Syncing LDAP groups
include::_attributes/common-attributes.adoc[]
:context: ldap-syncing-groups
toc::[]
ifdef::openshift-enterprise,openshift-webscale,openshift-origin[]
As an administrator,
endif::[]
ifdef::openshift-dedicated,openshift-rosa,openshift-rosa-hcp[]
As an administrator with the `dedicated-admin` role,
endif::openshift-dedicated,openshift-rosa,openshift-rosa-hcp[]
you can use groups to manage users, change
their permissions, and enhance collaboration. Your organization may have already
created user groups and stored them in an LDAP server. {product-title} can sync
those LDAP records with internal {product-title} records, enabling you to manage
your groups in one place. {product-title} currently supports group sync with
LDAP servers using three common schemas for defining group membership: RFC 2307,
Active Directory, and augmented Active Directory.
ifndef::openshift-dedicated,openshift-rosa,openshift-rosa-hcp[]
For more information on configuring LDAP, see
xref:../authentication/identity_providers/configuring-ldap-identity-provider.adoc#configuring-ldap-identity-provider[Configuring an LDAP identity provider].
endif::openshift-dedicated,openshift-rosa,openshift-rosa-hcp[]
ifdef::openshift-dedicated,openshift-rosa,openshift-rosa-hcp[]
For more information on configuring LDAP, see
xref:../authentication/sd-configuring-identity-providers.adoc#config-ldap-idp_sd-configuring-identity-providers[Configuring an LDAP identity provider].
endif::openshift-dedicated,openshift-rosa,openshift-rosa-hcp[]
ifdef::openshift-enterprise,openshift-webscale,openshift-origin[]
[NOTE]
====
You must have `cluster-admin` privileges to sync groups.
====
endif::[]
ifdef::openshift-dedicated,openshift-rosa,openshift-rosa-hcp[]
[NOTE]
====
You must have `dedicated-admin` privileges to sync groups.
====
endif::openshift-dedicated,openshift-rosa,openshift-rosa-hcp[]
include::modules/ldap-syncing-about.adoc[leveloffset=+1]
include::modules/ldap-syncing-config-rfc2307.adoc[leveloffset=+2]
include::modules/ldap-syncing-config-activedir.adoc[leveloffset=+2]
include::modules/ldap-syncing-config-augmented-activedir.adoc[leveloffset=+2]
include::modules/ldap-syncing-running.adoc[leveloffset=+1]
include::modules/ldap-syncing-running-all-ldap.adoc[leveloffset=+2]
include::modules/ldap-syncing-running-openshift.adoc[leveloffset=+2]
include::modules/ldap-syncing-running-subset.adoc[leveloffset=+2]
include::modules/ldap-syncing-pruning.adoc[leveloffset=+1]
// OSD and ROSA dedicated-admins cannot create the cluster roles and cluster role bindings required for this procedure.
ifndef::openshift-dedicated,openshift-rosa,openshift-rosa-hcp[]
// Automatically syncing LDAP groups
include::modules/ldap-auto-syncing.adoc[leveloffset=+1]
[role="_additional-resources"]
.Additional resources
* xref:../authentication/identity_providers/configuring-ldap-identity-provider.adoc#configuring-ldap-identity-provider[Configuring an LDAP identity provider]
* xref:../nodes/jobs/nodes-nodes-jobs.adoc#nodes-nodes-jobs-creating-cron_nodes-nodes-jobs[Creating cron jobs]
endif::openshift-dedicated,openshift-rosa,openshift-rosa-hcp[]
include::modules/ldap-syncing-examples.adoc[leveloffset=+1]
include::modules/ldap-syncing-rfc2307.adoc[leveloffset=+2]
include::modules/ldap-syncing-rfc2307-user-defined.adoc[leveloffset=+2]
include::modules/ldap-syncing-rfc2307-user-defined-error.adoc[leveloffset=+2]
include::modules/ldap-syncing-activedir.adoc[leveloffset=+2]
include::modules/ldap-syncing-augmented-activedir.adoc[leveloffset=+2]
include::modules/ldap-syncing-nesting.adoc[leveloffset=+2]
include::modules/ldap-syncing-spec.adoc[leveloffset=+1]
View Git Blame Copy Permalink