Overview
You are utilizing both the LDAP user sync task and the user decay task in your Jive hosted or on-premise community, and you have noticed that the LDAP user sync task is not taking into account whether or not the user decay task had previously deactivated a user when it determines whether or not the user should be active.
For example, user A was deactivated by the user decay task, but after the LDAP sync task runs, you notice that user A is now active again.
The solution to this issue is to:
- Upgrade to Jive version 9.2.1 or later.
- Ensure that the LDAP user sync is scheduled to take place before the user decay task.
Solution
Upgrading to Jive Version 9.2.1 or Later
In versions of Jive prior to 9.2.1, the LDAP task and the user decay task could overlap with each other when the LDAP sync took longer than expected to complete. In Jive versions 9.2.1 or higher, if the LDAP sync is still running when the user decay task has been scheduled to run, the decay task will automatically reschedule itself, and it will only run when it detects that the LDAP sync is not running.
To determine if you need to upgrade your Jive instance, follow these steps:
- Browse to the Admin Console > System.
- Check the value of the Jive SBS Version field.
- If the version number is lower than 9.2.1: You will need to upgrade your Jive instance.
- If the version number is 9.2.1 or higher: Move on to setting the LDAP and user decay task schedules.
Setting the LDAP Synchronization and the User Decay Task Schedules
- Browse to the Admin Console.
- Click on System > System Properties.
- Copy and paste spring.userDataSynchronizationTask.cronExpression into the "Property Name" text box at the top of the page:
- This system property controls when the LDAP user sync task runs. The value of the property is a series of six characters separated by spaces. For example, if you want the LDAP user sync to run at 3 am, the value would be: 0 0 3 * * ?
- The first three characters are interpreted in this order:
- The second, minute, and hour that the task will start running.
- The last three characters of * * ? indicate that the task should run every day of every month, on all the days of the week. These characters should not be modified.
- The hours allowed are from 0-23.
- To avoid any performance impact on your Jive community, the process start time should be set outside of business hours.
- The first three characters are interpreted in this order:
- Once you've determined the value you would like to set, enter it into the "Property Value" text box.
- Click on the Save Property button.
- Copy and paste spring.userDecayTask.cronExpression into the "Property Name" text box at the top of the page.
- This property controls when the user decay task runs. Set this to be later than the value that was set for the LDAP user sync task, as per the format described in step 4. For example, to set the user decay task to run at 4 am, set it to: 0 0 4 * * ?
- Click on the Save Property button.
- The user decay task has now been scheduled to run after the LDAP user sync.
Testing
- Log in to the Admin Console.
- Click on the People tab.
- Search for a user who you had identified was getting reactivated by the LDAP sync task.
- Wait until the next scheduled runs of the LDAP sync task and the user decay task complete.
- Return to the Admin Console > People section.
- Search for the user you identified in Step 3.
- Confirm that the user is deactivated.
Comments
0 comments
Please sign in to leave a comment.