Closed jsiegers closed 4 years ago
My bad. It does sort of work but only when the users logins again. That will trigger an LDAP sync. Is there a way to trigger this sync?
That would be Gitlab's job. Once this tool finishes its job Gitlab has enough information about the external LDAP user to pull in updates. -- Typically Gitlab will do an email address match for the initial LDAP login, but as soon as it knows the LDAP user object DN it no longer needs a matching email address. This tool supplies Gitlab with the LDAP user object DN for each user it syncs.
I think this may be of relevance to you: https://gitlab.com/gitlab-org/gitlab-ce/issues/38660
This tool only syncs on demand. You would need to set up a cron or scheduled task to run this tool if you require it to sync attribute updates for you periodically.
When I change the email address of a user in LDAP then that change is not synced back into GitLab. Which is making it harder to find people.
So far in my tests it will sync once during creation of the account. But when it's changed after that the email address will stay the same.