Skip to content

Commit

Permalink
Document new command ldap:check-group
Browse files Browse the repository at this point in the history
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
  • Loading branch information
come-nc committed Aug 28, 2023
1 parent 2ccba7f commit dec9032
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 0 deletions.
6 changes: 6 additions & 0 deletions admin_manual/configuration_server/occ_command.rst
Original file line number Diff line number Diff line change
Expand Up @@ -946,6 +946,7 @@ you can run the following LDAP commands with ``occ``::

ldap
ldap:check-user checks whether a user exists on LDAP.
ldap:check-group checks whether a group exists on LDAP.
ldap:create-empty-config creates an empty LDAP configuration
ldap:delete-config deletes an existing LDAP configuration
ldap:search executes a user or group search
Expand Down Expand Up @@ -990,6 +991,11 @@ use the ``--force`` option to force it to check all active LDAP connections::

sudo -u www-data php occ ldap:check-user --force robert

``ldap:check-group`` checks whether a group still exists in the LDAP directory.
Use with ``--update`` to update group membership cache on Nextcloud side::

sudo -u www-data php occ ldap:check-group --update mygroup

``ldap:create-empty-config`` creates an empty LDAP configuration. The first
one you create has ``configID`` ``s01``, and all subsequent configurations
that you create are automatically assigned IDs::
Expand Down
4 changes: 4 additions & 0 deletions admin_manual/configuration_user/user_auth_ldap.rst
Original file line number Diff line number Diff line change
Expand Up @@ -796,6 +796,10 @@ in batches from all users again. Beside that they are also refreshed during a
login for this user or can be fetched manually via the occ command
``occ ldap:check-user --update USERID`` where ``USERID`` is Nextcloud's user id.

For groups, a cache of memberships is stored in database to be able to fire
events when a membership is added or removed. This cache is updated by a background
job, and can be force updated using ``occ ldap:check-group --update GROUPID``.

Caching
^^^^^^^

Expand Down

0 comments on commit dec9032

Please sign in to comment.