Skip to content

LDAP Sync Plugin

Audience: System Administrators

Content Summary: This page details Immuta's LDAP Sync plugin. This plugin takes an existing and configured LDAP IAM and seeds Immuta with all of its users, subject to the intersection of the IAM's user search filter and the plugin's (optional) user search filter. The plugin can be configured to run periodically to maintain synchronization with the remote LDAP IAM.

Overview

The LDAP Sync Plugin is an extension to the Immuta LDAP IAM to allow LDAP users to be synchronized with Immuta without having to log in to the Immuta Web UI. The plugin expands the LDAP IAM by adding the following features:

  • New User Sync - New users returned by the configured LDAP IAM's User Search Filter will be synchronized into Immuta as if they logged into the Web UI. The User profile, User Group membership, and SQL Accounts will all be created based on the LDAP IAM configuration.
  • Existing User Sync - Existing users returned by the configured LDAP IAM's User Search Filter will have their User Group memberships re-synchronized as if they logged into the Web UI.
  • Disabled User Sync - Users who exist in Immuta and are associated with the configured LDAP IAM, but no longer are returned by the LDAP IAM's User Search Filter, will be disabled. All access to Immuta will be revoked for the user.
  • Scheduled Periodic Sync - Runs the synchronization process based on a configurable schedule.

Enable

Enable LDAP Sync from the App Settings page.