I succesfully setup Xwiki Enterprise 9.4 with ldap plugin. In my environment, I setup my xwiki to authenticate on Active Directory LDAP ( run perfectly !). How do you do to have all sync users From Active Directory to xwiki database ? Target is to add Active Directory LDAP’s user to local group on xwiki.
Hello,
xwiki account is created at first login but you can use this setting to map xwiki groups to LDAP groups:
You can check this settings too:
#-# Time in s after which the list of members in a group is refreshed from LDAP
#-# The default is 21600 (6 hours)
xwiki.authentication.ldap.groupcache_expiration=86400
#-# [Since 1.3M2, XWikiLDAPAuthServiceImpl]
#-# - create : synchronize group membership only when the user is first created
#-# - always: synchronize on every login
#-# The default is always
# xwiki.authentication.ldap.mode_group_sync=always
If your concern is authorization what we usually do is setup all required authorizations using XWiki groups and configure the authenticator to automatically put the users in the right groups when they login as suggested by @Pbas.
Don’t know if it’s an option for you but I think that the XWiki SAS company has done this kind of work in the past for its customers (and if not, I’m sure they could do it) so you might also want to request a quote from their professional services, see https://www.xwiki.org/xwiki/bin/view/Main/Support#HProfessionalSupport (or from any other listed company!).