Mattermost Peer-to-Peer Forum

LDAP Group Sync Alpha Release


#1

The Enterprise Edition LDAP group sync feature has been in active development for a couple of months and we are excited to be releasing our alpha version this week. This feature automates user onboarding by allowing customers to set default team and channel membership based on LDAP groups. This is useful if you have a large amount of users to onboard at one time, or if you onboard users frequently. We expect a beta version to be available in Mattermost v5.8.

What does the alpha release entail?

An alpha release allows customers to test the feature in their staging environments and ensure the feature works with different varieties of LDAP systems and group structures including nested groups. It also allows us to get feedback on the functionality and user experience prior to releasing in beta.

Contributing to alpha testing

The alpha release will be available to E20 customers as a custom build. We are looking for customers that are open to work closely with us and provide feedback about their LDAP system and group structure, performance, and their deployment environment. If you have interest in testing, accessing the feature early, and working closely with our product development team in future enhancements to this feature, please reach out to Katie Wiersgalla, Product Manager for the feature, on community.mattermost.com or via email at katie[at]mattermost.com.

Roadmap for Group Sync Feature

The LDAP group sync is the first phase of a larger Group feature. Later phases for groups are currently planned to include:

Phase 2:

  • Create custom groups (outside of LDAP sync) and manually add users
  • @mention groups
  • /invite groups directly into a channel
  • Add groups to the Channel or Team directly from the UI

Phase 3:

  • Extend management of groups to Team/Channel Admins via permissions
  • Define roles and permissions when adding groups to team/channel
  • Remove users from teams/channels when removed from group via sync
  • Restrict group members’ ability to leave team/channel
  • Restrict team/channel membership to only the group

Phase 4:

  • Create groups based on other SCIM systems

#2

Great. Will this feature also be available for E10?


#3

Thank you for your interest in this feature @JtheBAB .

At this time, the ability to sync LDAP with Groups will be an E20 feature. We are planning on releasing functionality listed in Phase 2 to E10 customers targeting early 2019.