AnsweredAssumed Answered

Selective AD sync for groups

Question asked by adschwar on Apr 2, 2013
Latest reply on Apr 5, 2013 by thijslemmens
We have an incredibly large set of users (~100k) and groups in Active Directory. We sync users but not groups, as it would likely never finish and, if it did, it would yield a ridiculous mess.

We need to allow users to selectively create one or more groups (but not all!) in Alfresco from the set that exist in AD; this is not hard to do with some custom code. However, users also want these groups to be kept in sync with what's in AD.

In lieu of implementing our own daemon to do the syncing, I'm trying to figure out if there is a way to do this using some configuration trickery. I can't figure out how to do this by configuring the group sync and would be surprised if there was a way. However, since users have "memberOf" data in AD and we do sync users, is it somehow possible to have Alfresco update groups based on what the user's "memberOf" field?