Start Page

Top

ccollab admin group sync

Description

The ccollab admin group sync command synchronizes the server's group configuration with the configuration in the supplied XML.

See Syncing Groups section for details.

Command Line Syntax:

ccollab [global-options] admin group sync [--create-users] [--delete-groups] <syncfile>

Command Options

Option

Required?

Description

--create-users

No

Whether to create users in the syncdata that do not already exist; if not specified, nonexistent users will be ignored

--delete-groups

No

Whether to delete groups not in the syncdata; if not specified, groups are disabled instead

<syncfile>

Yes

Filename of the input XML syncdata, or - for stdin

Remarks:

You must be an Administrator to execute this command.
The format of XML syncdata file should comply with the following full XML Schema (opens in a new window).
This command does not affect the groups that were created manually, using the ccollab admin group create command.

Examples:

ccollab admin group sync /tmp/input --delete-groups

cat /tmp/input | ccollab admin group sync - --create-users

Example XML input:

<groups>

 <group guid="groupa" title="Group A" description="The A Group concerned with initials">

         <group-admin login="alice" />

         <member-user login="alice" />

         <member-user login="adama" />

 </group>

 <group guid="groupb" title="Group B" description="The B Group that includes those in Group A">

         <group-admin login="brian" />

         <member-user login="bob" />

         <member-user login="betty" />

         <member-group guid="groupa" />

 </group>

 <group guid="groupc" title="Group C" description="The C Group that is everyone."

         includes-all-users="true" allow-associate-with-reviews="no" >

         <member-group guid="groupb" />

 </group>

</groups>

 

Example script to synchronize LDAP groups with a Collaborator groups

The following VBScript retrieves LDAP group and their members and saves them in the groupsync.xml file in a format compatible with the ccollab admin group sync command:

' Create a file system object. We will write to this file, and then pass it to

' "ccollab admin group sync" later, outside of this script

set objFSO=CreateObject("Scripting.FileSystemObject")

set objFile = objFSO.CreateTextFile("groupsync.xml",True)

' Get an LDAP connection object

set conn = createobject("ADODB.Connection")

' Get the Root DSE, which means use our local domain and local DC

set iAdRootDSE = GetObject("LDAP://RootDSE")

' Get the default naming context for the local domain, e.g. DC=smartbear, DC=local

strDefaultNamingContext = iAdRootDSE.Get("defaultNamingContext")

' Set a filter to only display groups that are within a specific Outlook.Application

ouFilter = "OU=Test OU,"

' Open the connection to the directory server

Conn.Provider = "ADsDSOObject"

Conn.Open "ADs Provider"

' Build the query string

strQueryDL = "<LDAP://" & ouFilter & strDefaultNamingContext & ">;(&(objectCategory=group)(objectClass=group));distinguishedName,member,adspath;subtree"

' Build a command object

set objCmd = createobject("ADODB.Command")

objCmd.ActiveConnection = Conn

' We want to search everything

objCmd.Properties("SearchScope") = 2

' Set the command text to our search string from above

objCmd.CommandText = strQueryDL

' Send the quest, store the results

Set objRs = objCmd.Execute

' Echo out the opening <groups> XML tag

objFile.Write "<groups>" & vbCrLf

' Iterate through the results

While Not objRS.eof

         printGroup (objRS.Fields("distinguishedName"))

 objRS.MoveNext

Wend

' Echo out the closing </groups> XML tag

objFile.Write "</groups>" & vbCrLf

' Close the groupsync.xml file

objFile.Close

 

' ---------------------- Begin Utility Methods ------------------------

 

function printGroup (groupDN)

 Set group = GetObject("LDAP://" & groupDN)

 ' Echo out the opening <group> XML tag

 ' Set the groups guid to the distinguished name, the title to the common name, and copy the description field from LDAP to Collab

 objFile.Write "<group guid=""" & group.distinguishedName & """ title=""" & group.CN & """ description=""" & group.description & """>" & vbCrLf

 For Each memberDN In group.member

         printGroupMember(memberDN)

 Next

 ' Echo out the closing </group> XML tag

 objFile.Write "</group>" & vbCrLf

end function

 

Sub printGroupMember (memberDN)

 ' Get the LDAP object passed as memberDN

 Set member = GetObject("LDAP://" & memberDN)

 ' Figure out if this is an actual user, or a sub group

 For Each objClass In member.objectClass

         If objClass = "group" Then

                 ' If we get here, this is a group, not a user!

                 ' Echo out the <member-group> XML tag. A groups GUID is it's distinguished name

                 objFile.Write "<member-group guid=""" & member.distinguishedName & """ />" & vbCrLf

                 ' and then exit this sub routine

                 Exit Sub

         End If

 Next

 ' If we got here, then this is a regular user object, print it out        

 ' Echo out the <member-user> XML tag. A user's sAMAccountName should be their Collab login

 objFile.Write "<member-user login=""" & member.sAMAccountName & """ />" & vbCrLf

End Sub

 

Note: Modify the ouFilter to point to an Active Directory OU that contains the security groups that you want to mirror in Collaborator. This is currently set to Test OU.

Save this as groupsync.vbs and run it.

cscript groupsync.vbs

It will generate the groupsync.xml output file that should be passed to the ccollab admin group sync command:

ccollab admin group sync --create-users --delete-groups groupsync.xml

Now you will see the members of those security groups created in the same group in Collaborator.


© 2003-2025 SmartBear Software. All rights reserved.