Group Synchronization

One-way synchronization of group memberships can be enabled upon user login. Group synchronization is a 1:1 mapping; multiple groups mapping to the same external mapping name is not supported.

When group membership is enabled for the IdP used with LogScale, if the group name in LogScale is the same as the group name in that IDP, then users will be mapped to that group automatically.

In order to map a group name from an external system such as LDAP to a LogScale group you can specify a Mapping name in the External provider tab:

Group Synchronization

Figure 71. Group Synchronization

When a user who is a member of the above LDAP group logs in to LogScale, they will be a member of the LogScale group that defines the mapping. In the current version of LogScale a user will remain a member of the LogScale groups from the last login until they log in again with a new set of groups.


Once a user's group membership has been synchronized in LogScale, deleting it in the LDAP external provider will not take effect in LogScale.

For specific instructions on how to setup group synchronization for the different authentication mechanisms go to the Configuring Security overview page and select a relevant entry.