Synchronizing LDAP with Jazz Team Server repository user information
To synchronize the user information in the Jazz Team Server repository with the information in the LDAP directory, you must use the LDAP sync task. Applications registered with the Jazz Team Server will update their local user repositories via their contribution synchronization task.
By default, synchronization happens nightly at 1:00 AM. You can also manually start the synchronization with the command repotools -syncUsers.
Note: To create new users on the Jazz Team Server or
an application registered with the server, see Creating users
During synchronization, the following tasks are performed:
- New user records are created in the Jazz Team Server repository for all users in the LDAP user directory who are members of the mapped LDAP groups, but do not already exist in the Jazz Team Server repository.
- Name and email address fields are updated in the Jazz Team Server repository if the values in repository and the LDAP user directory do not match.
- Ambiguous entries may be displayed in the LDAP user directory. These entries are created when the LDAP nightly sync task cannot uniquely update the name or email address fields of a user in the Jazz Team Server repository. For example: If a user has multiple names in the LDAP user directory and none of those names match the entry in the Jazz Team Server repository, then the sync task will record an event to indicate the ambiguous account. An administrator can then manually refresh the user record.
- Error records are created if there are multiple user IDs for a user in the LDAP user directory or if a user that is referenced by an LDAP group does not exist. For example, if the JazzAdmins group in the LDAP directory has a member named Joe and his record does not exist in the LDAP user directory, then this might indicate that the user is no longer part of the organization. Typically, you would manually archive this user in the repository.