ldapenforcer sync #
Synchronize LDAP with configuration
Synopsis #
Synchronizes LDAP directory with the current configuration.
ldapenforcer sync [flags]
Options #
--dry-run Perform a dry run without making changes
-h, --help help for sync
--poll Enable polling mode to continuously check for config changes
--poll-config-interval string Interval for --poll mode to check if the config file has changed and sync if so (recommended: "10s") (default "10s")
--poll-ldap-interval string Interval for --poll mode to compare the config file to the LDAP server and sync if different (recommended: "24h") (default "24h")
Options inherited from parent commands #
--bind-dn string DN for binding to LDAP
--ca-cert-file string Path to CA certificate file for LDAPS
--config string Config file path
--enforced-group-ou string Full OU for enforced groups
--enforced-people-ou string Full OU for enforced people
--enforced-svcacct-ou string Full OU for enforced service accounts
--ldap-log-level string LDAP-specific log level (ERROR, WARN, INFO, DEBUG, TRACE) (default "INFO")
--ldap-uri string LDAP URI (e.g. ldap://example.com:389)
--log-level string Main log level (ERROR, WARN, INFO, DEBUG, TRACE) (default "INFO")
--password string Password for binding to LDAP
--password-command string Command to execute to retrieve the password
--password-command-via-shell Execute password command via shell (using sh -c)
--password-file string File containing the password for binding to LDAP
SEE ALSO #
- ldapenforcer - LDAPEnforcer is a tool for enforcing LDAP policies
- ldapenforcer sync sync-group - Synchronize a specific group
- ldapenforcer sync sync-person - Synchronize a specific person
- ldapenforcer sync sync-svcacct - Synchronize a specific service account