How to add already synced Mobility users to an ldap group

  • 7015639
  • 08-Sep-2014
  • 04-Feb-2015

Environment

Novell Data Synchronizer Mobility Pack
Novell GroupWise Mobility Service

Situation

How to add pre-existing, already synced users to a new or old ldap group
Users were added manually and now want to be added to a group for easier administration
Alternative steps for adding Mobility users to an ldap group in batch

Resolution

If the ldap group doesn't already exist, create it. See NetIQ iManager Creating a Group.

Please follow the steps below to add already synced Mobility users to a specific ldap group:

  1. Add Mobility users to the ldap group, select from one of the following options:
    • (option A) Using iManager, see Modifying Members of Group to add users to the ldap group one at a time.
    • (option B) Using ldapmodify, add all mobility users to the specified group in batch:
      • Export a list of users by FDN context to a file. From a terminal window:
        psql -tU datasync_user -d datasync -c "select distinct dn from targets where \"targetType\"='user' AND dn ilike 'cn=%';" | sed -e 's/^[[:space:]]*//' | sed '/^\s*$/d' > mobilityUserList.txt
      • See TID 7015638 - How to add a list of users to a group with ldap. Use mobilityUserList.txt to add these users to the specified ldap group.

  2. Update Mobility ldap group information:
    • If the group has already been added to Mobility:
    • If the group has not yet been added to Mobility:
      • Associate the already existing Mobility users with their respective group membership according to queried LDAP information by following the steps from TID 7012163.
        Note: Adding a new group to WebAdmin doesn't automatically associate the pre-existing existing users that were added manually with the new group. In an attempt to resolve, this will update the psql datasync database membershipCache table according to queried LDAP group membership information. This requires that the LDAP user source is properly configured in Mobility WebAdmin.