If you have configured IBM Business Process Manager to work with an external security provider, you can use the Process Admin Console to synchronize external users and groups.
If you have created new User or Group in LDAP or done User-Group Mapping and it is not reflected in IBM BPM, you can follow below steps.
- Ask the newly created user or any user in the newly created or change group to log into BPM server, This will refresh the mapping and all data should be there again.
- Can do manula user sync from ProcessAdmin Console -> User Management.
- If above steps doesnt work, restart the servers.
IBM Business Process Manager synchronizes external users and groups based on the following triggers:
- Upon startup of a cluster member or server, all available groups (without members) are synchronized, so that all external groups that are available for modeling in the Process Designer repository are available for assignment in the Process Admin Console.
- When a user logs in to Process Portal for the first time, that user is created with the IBM Business Process Manager database.
- When a new or existing user logs in to Process Portal, that member's group memberships are updated. The groups the user is in are queried from the external user registry and the IBM Business Process Manager database content is updated to reflect the current state.
- When a REST call is triggered because a user that was newly registered in a federated repository (using an LDAP server) is not yet known to IBM Business Process Manager, synchronization of external users and groups with IBM Business Process Manager takes place. This synchronization is done only once.
