With LDAP integration, it is possible to automatically add users to the domain server. Does the same capability exist for groups?
Yes, a similar ability exists for service update 31.2.1 and higher but the technique is different.
For users, any new users is added automatically when property server.domain.ldap.auto.create is set to true.
For groups, it is not as simple as adding all groups passed from LDAP queries because not all are typically intended for AutoPilot. Instead, when LDAP integration is active, the domain uses a special group name to identify which groups will be added. This is an example of a group that will be a model for other groups
The carat ^ is always required followed by a regular expression pattern that will match the groups to automatically add. In this example, any group returned in the LDAP group response that begins with nastel will automatically be added if it does not exist (nastel_admin, nastel_dev, nastel_user) when a user logs in with one of these groups and it is has not previously been added.
Example: Groups in Domain Server before login,
^nastel.*
Group after a user logs in who is in LDAP groups: user, testers, nastel.developer and nastel.tester
^nastel.*
nastel.develper
nastel.tester
Users and testers were not added since they did not match the regular expression.
The groups nastel.developer and nastel.tester were added because they did meet it and did not previously exist.
note that the regular expression as used is case sensitive and would not match NASTEL.TEST.
This can greatly simplify the group management in the domain server. However, in order for the groups to be used, each would still need to be individually fully defined in Navigator or XRay (nastel_admin, nastel_dev, nastel_user, and so on).