-
Type:
Improvement
-
Status: Closed
-
Resolution: Deferred
-
Affects Version/s: 6.23.13, 7.18.3
-
Fix Version/s: None
-
Component/s: LDAP, permissions
-
Labels:None
e*Feature description:*
Feature to Auto-sync the AD groups with imported LDAP groups on Artifactory. For example, set up an LDAP server, import the LDAP groups to Artifactory. Now, if a user is removed from AD groups, there should be an auto-sync mechanism to check and remove the user automatically in Artifactory groups
Currently, is it is possible to use the Update Groups REST API to remove the user from the Artifactory groups, but there is too much manual work involved.
Steps to reproduce:
Step 1: Created an LDAP server and configured it with Artifactory
Step 2: Created a user "vigneshs" and mapped the user to the "dev" group and imported to Artifactory, after a successful login, I could notice that the user is mapped under the "dev" group
Step 3: Now, removed the user "vigneshs" from LDAP groups by updating the memberUid, which indicates that the user is no longer will be part of the "dev" group
Removed user from a group of Ldap:
Step 4: Now, as the user is removed in LDAP or updated on the LDAP group, it will not remove the user in Artifactory groups, only if the authentication check performed from Artifactory to LDAP server again to validate the user, upon a failed validation, the user will be removed from groups.
