Version: 0.9.x

Synchronizing teams and users from LDAP

Starting Tetrate Service Bridge (TSB) 0.6.5, users and teams can be automatically synchronized from LDAP.

There is a CronJob that will run every hour and will fetch the existing users and groups from the configured LDAP source and populate them to TSB.

The LDAP configuration for the queries used to synchronize the users and groups from LDAP are explained in the LDAP Configuration guide.

On-demand LDAP sync

It is possible to manually trigger an LDAP sync if needed. To do so, you can create a Kubernetes Job based on the existing Kubernetes CronJob that schedules the sync executions, as follows:

kubectl create job -n tcc --from=cronjob/teamsync teamsync-manual-run

This will create the teamsync-manual-run Kubernetes job that will execute the LDAP sync immediately.

Troubleshooting

The teamsync service prints detailed logs for the entire login process. If needed, debug logs can be enabled by starting the teamsync service with the following startup flags:

--log-output-level \
  "teamsync:debug,teamsync/job:debug,teamsync/ldap:debug,ldap:debug"

On-demand LDAP sync​

Troubleshooting​

On-demand LDAP sync

Troubleshooting