Configuring Repository to use LDAP groups¶
Repository can be configured to allow synchronizing the membership of organization groups with groups in an LDAP directory. Owners of an organization can select a specific LDAP group as the source of group members.
Once this is enabled, users who sign in to Repository who are members of the LDAP group automatically are granted the permissions of the organization group.
To enable LDAP groups, configure the following:
- Authenticated bind to LDAP. Repository needs to perform searches against the directory to determine the available groups and the membership of those groups.
- A query for Repository to identify the groups in your LDAP directory. For more information, see GROUP_SEARCH.
If LDAP synchronization is disabled or the LDAP server is unreachable, the member list at the time is used for the group.
To administer and debug LDAP synchronization, a superuser can visit:
your.anaconda.repository with your Repository IP
address or domain name.