You are not logged in.
I am looking to automate the import and sync of the GLPI users , based in glpi:ldap:synchronize_users commands
I found in French forum this topic : h-t-t-p-s://forum.glpi-project.org/viewtopic.php?id=285613 that is almost what I need .
Although I am missing some info and this one was the only example I found
What I am trying to do :
1. To filter the active users based on a group filter ( otherwise all AD users are sync )
2. To sync the existing users
3. To create the new ones that are added to AD
4. To disable the users that are nor active anymore to AD
My LDAP filter is not working properly : added to UI Authentication→ LDAP Directories as Connection Filter
and tested with bin/console glpi:ldap:synchronize_users -u --only-update-existing - got no errors but , the users was not able to login anymore ...
Trying to figure if its my syntax incorrect or I am missing something else ?
I am reluctant about the ldap filter and the deleted-user-strategy , if they are in correct syntax
This is my script ( based on what I found in the linked post and the documentation) :
#!/bin/bash
datefin=$(date '+%Y-%m-%d')
datedebut=$(date -d "1 day ago" '+%Y-%m-%d')
cd /var/www/html/glpi
echo yes | php bin/console glpi:ldap:synchronize_users -f --ldap-filter=(&(objectClass=user)(objectCategory=person)(!(userAccountControl:1.2.840.113556.1.4.803:=2))(CN=MyUsergroup,OU=DG,OU=Group,OU=myou,DC=DomainName,DC=COM))
echo yes | php bin/console glpi:ldap:synchronize_users -u --begin-date=$datedebut --end-date=$datefin
echo yes | php bin/console glpi:ldap:synchronize_users -c --begin-date=$datedebut --end-date=$datefin
echo yes | php bin/console glpi:ldap:synchronize_users -d --deleted-user-strategy=3I would appreciate any help
Thank in advance
Last edited by Sizuka (2023-03-02 15:53:24)
Offline