On this page

You can import users and groups after all LDAP server configuration is completed. Teamwork Cloud importing also works as a user synchronization mechanism. Existing users will only be synchronized and new users in the Teamwork Cloud Admin will be imported. You can see user data in the Users application before choosing to import users. This importing and synchronization mechanism applies to groups as well. Data, including full name, phone, email, and department, will be synchronized. 

Importing and synchronizing users and groups

To import/synchronize users and groups

  1. On the selected LDAP server card click the Import button. The Import LDAP user/group pane opens.

  2. Query all users/groups or specific users/groups and select them. 
  3. Click the button. New users/groups will be imported or existing users/groups will be synchronized. The existing user information will be updated but the role assignment stays the same.

Managing roles

You can assign roles in the same pane, while selecting users and groups to be imported.

Assigning roles

To assign a role from one user/group to another

  1. On the Import LDAP user/group pane, next to Role assignments, click Set Roles
  2. In the Set roles pane, type a role name in the search bar.
  3. Select a role. If it is a custom role, specify scope.
  4. Click the Save button to save the changes. 

Copying assignments

To copy assignment(s) from one user/group to another

  1. On the Import LDAP user/group pane, next to Role assignments, click Set Roles
  2. In the Set roles pane, type a username whose assignments you want to copy in the search bar.
  3. Select a user/group. The assignments associated with the selected user/group will appear.
  4. Click the Save button to save the changes. The selected assignments will be assigned to the target user/group.

Troubleshooting

If you cannot synchronize users and/or groups, check the server.log file for a message warning about illegal characters. For example:

INFO 2023-10-17 01:00:01.111Z CN=Name, OU=Users Has illegal character [\\]. Cannot be imported

If you see a similar message, allow the use of the character in the application.conf file:

esi.ldap.allowBackSlashChar = true