You may also synchronize LDAP groups by using the Create or Replace Group API to create groups with the ldap realm and full DN path to the group object under your LDAP server.
Limitation
Make sure to use lower case only when creating LDAP groups through the REST API.Using upper or mixed case will prevent synchronization of groups.
When using the REST API to synchronize LDAP groups, you need to specify the exact and full Group DN path to the group on your LDAP server. The example below shows the JSON payload you would use to synchronize the "testgroup" group displayed in the below LDAP server:
 |
Sample JSON:
{
"name": "testgroup",
"description" : "This groups already exists in ldap",
"autoJoin" : false,
"realm": "ldap",
"realmAttributes": "ldapGroupName=testgroup;groupsStrategy=STATIC;groupDn=cn=testgroup,ou=support,ou=UserGroups,dc=openstack,dc=org"
}