Group synchronization
Group synchronization mirrors in the user directory the group hierarchies that are in the LDAP directory.
When you set the
group-sync-enabled
option (in the
config-ldap-group-sync command), the user directory synchronizes groups from the LDAP directory. Synchronizing groups relieves the administrator of the responsibility of managing group memberships. Assigning licenses and privileges to
Spotfire groups is still accomplished in the Administrator Manager in
Spotfire Analyst.
When configuring the groups to be synchronized, specify either the group account names or the distinguished names. The account names and the distinguished names may contain an asterisk (*) as a wildcard character. This wildcard behaves just like the asterisk wildcard in standard LDAP search filters.
Group synchronization enabled
configuration property is set and no groups or group context names are configured, the user directory synchronizes all groups that it can find in the configured context names.
The synchronized groups can also be used to filter the set of users that are synchronized with the user directory. By enabling the
filter-users-by-groups
option, only users that are members of at least one of the synchronized groups are synchronized with the user directory.