p4 ldapsync

Synopsis

Synchronize Perforce group memberships with LDAP groups.

Syntax

p4 [gopts] ldapsync -g [-n] [-i N] [group ...]

Description

The p4 ldapsync command updates the users in the specified Perforce groups to match the members in the corresponding LDAP groups. The correspondence between a Perforce group and an LDAP group is defined in the Perforce group spec. If you do not specify a group name, all groups with LDAP configurations are updated.

You can use the [no]downcase option in the ldap spec options field to specify whether p4 ldapsync should downcase user names (found by the group query) when updating user names.

For information about using the Perforce group spec to associate an LDAP group with a Perforce group, see "Authorization using LDAP groups" in the Helix Versioning Engine Administrator Guide: Fundamentals.

You can synchronize once or at a given interval. To enable periodic synchronization, you must add the p4 ldapsync command as a startup command as follows:

  1. Check that the Perforce server has its server id set. Use the p4 serverid command to check.

  2. If the server has no server id, assign one using a command like the following: 

    $ p4 serverid my-server

  3. Use the p4 configure show command to check which startup configurables are already being used. Select the next available number. For example, if six startup configurables are being used, you can set the startup configurable that runs the p4 ldapsync command as number 7: 

    $ p4 configure set "my-server#startup.7=ldapsync -g -i 1800"

    This command will update all groups with valid LDAP synchronization configurations every 1800 seconds (30 minutes).

Options

-g

Required to specify groups.

-i N

Execute the command every N seconds.

If this option is not specified, the command executes once and exits.

-n

Preview the operation and show the groups that would be affected without taking any action.

group

The name of a Perforce group that must be updated when changes to the corresponding LDAP group take place. If no group names are specified, all groups with LDAP configurations are updated.

Usage Notes

Can File Arguments Use Revision Specifier? Can File Arguments Use Revision Range? Minimal Access Level Required

N/A

N/A

super

Examples

p4 ldapsync -g

Updates all groups for which LDAP configurations have been defined.

Related Commands

To view a list of all LDAP configurations

p4 ldaps

To create or edit an LDAP configuration

p4 ldap

To define LDAP-related configurables

p4 configure

To define LDAP configurations for a Perforce group spec

p4 group