diff --git a/admin_manual/configuration_server/occ_command.rst b/admin_manual/configuration_server/occ_command.rst index 081e5cb98..5a2c63068 100644 --- a/admin_manual/configuration_server/occ_command.rst +++ b/admin_manual/configuration_server/occ_command.rst @@ -946,6 +946,7 @@ you can run the following LDAP commands with ``occ``:: ldap ldap:check-user checks whether a user exists on LDAP. + ldap:check-group checks whether a group exists on LDAP. ldap:create-empty-config creates an empty LDAP configuration ldap:delete-config deletes an existing LDAP configuration ldap:search executes a user or group search @@ -990,6 +991,11 @@ use the ``--force`` option to force it to check all active LDAP connections:: sudo -u www-data php occ ldap:check-user --force robert +``ldap:check-group`` checks whether a group still exists in the LDAP directory. +Use with ``--update`` to update group membership cache on Nextcloud side:: + + sudo -u www-data php occ ldap:check-group --update mygroup + ``ldap:create-empty-config`` creates an empty LDAP configuration. The first one you create has ``configID`` ``s01``, and all subsequent configurations that you create are automatically assigned IDs:: diff --git a/admin_manual/configuration_user/user_auth_ldap.rst b/admin_manual/configuration_user/user_auth_ldap.rst index 3f24120da..ed8c6e4a4 100644 --- a/admin_manual/configuration_user/user_auth_ldap.rst +++ b/admin_manual/configuration_user/user_auth_ldap.rst @@ -796,6 +796,10 @@ in batches from all users again. Beside that they are also refreshed during a login for this user or can be fetched manually via the occ command ``occ ldap:check-user --update USERID`` where ``USERID`` is Nextcloud's user id. +For groups, a cache of memberships is stored in database to be able to fire +events when a membership is added or removed. This cache is updated by a background +job, and can be force updated using ``occ ldap:check-group --update GROUPID``. + Caching ^^^^^^^