Topics Map > University of Chicago > IT Services > Accounts, Identity, & Security > Access Management
Grouper - Pushing Groups to LDAP
This article explains how to push Grouper groups to LDAP.
- Log in to Grouper UI
- Find desired group
- Click More Actions
- Select Admin UI
- Click Edit group
- Check LDAPSync and Provisioner group types, then click Save
- Click Edit attributes
- Set Destinations to no_group and Send To to ldap
- Click the Save attributes and finish button.
Membership changes take about an hour to go from Grouper to LDAP.
Memberships can be found in the ucIsMemberOf LDAP attribute on an individual's LDAP entry. For example, if the Grouper group "uc:personal:blair:test-group" was pushed to LDAP, members of that group would have a ucIsMemberOf value of "uc:personal:blair:test-group". Membership values can then be consumed either by applications using LDAP directly or Shibboleth-enabled applications.