From 1f28f874dd67cca6e176d050b015653532e6082a Mon Sep 17 00:00:00 2001 From: nscuro Date: Thu, 21 May 2026 18:02:12 +0200 Subject: [PATCH] Document that LDAP sync happens at login-time Signed-off-by: nscuro --- docs/guides/administration/configuring-ldap.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/docs/guides/administration/configuring-ldap.md b/docs/guides/administration/configuring-ldap.md index 0d1cedf..2fb51fd 100644 --- a/docs/guides/administration/configuring-ldap.md +++ b/docs/guides/administration/configuring-ldap.md @@ -12,6 +12,11 @@ user's own credentials to verify their password. On success, the system grants access. With user provisioning enabled, Dependency-Track creates the account automatically on first login. +On every successful login, Dependency-Track refreshes the user's distinguished +name and email from the directory, and (when team synchronisation is enabled) +re-evaluates team membership against the user's current LDAP groups. A user +who never logs in keeps the attributes captured at provisioning time. + ## Prerequisites - A service account in the LDAP directory with read access to users and groups.