Running tasks of automatic synchronization with AD

Rake tasks are used for periodic synchronization with AD server. To run them on a schedule you must register calls for necessary commands in crontab.

Automatic execution of procedures
  • In Unix-based systems go to the server console under the user, used to run the application Redmine.

  • Typing the command
    crontab -e
    set up a task to run a rake-procedure redmine:make_full_sync_from_ldap

  • The following example uses the direct execution of the script using rvm. Result of the synchronization is saved in the log-file.

Manual execution of procedures
  • In Unix-based systems go to the server console under the user, used to run the application Redmine.

  • Go to the directory where the Redmine is installed

  • In the console, execute commands
    rake redmine:make_full_sync_from_ldap
    or
    bundle exec rake redmine:make_full_sync_from_ldap,
    depending on the configuration of your server.

If required, you can also not to do a full synchronization with ldap, but use procedures to synchronize only some objects:

  • Task redmine:sync_users_guids_from_ldap - for each user login is looking for an appropriate login in AD and saves object Guid in Redmine. Since the entire synchronization of objects with AD is based on the guid, then this task is necessary only in those cases when Redmine already have users registered bypassing the synchronization with AD.
  • Task redmine:sync_users_from_ldap - synchronizes only users.
  • Task redmine:sync_groups_from_ldap - synchronizes only departments and positions.
  • Task redmine:include_users_to_groups_by_title_and_department - automatically includes users into groups on the basis of the rules set up for them.
  • Task redmine:build_user_tree - rebuilds users tree.
  • Task redmine:build_department_title_relations - recreates directory of available positions in departments.
  • Task redmine:rebuild_privelegies_for_deputy_users - tests and sets/takes away the rights obtained by substituting.