同期をスケジュールする
ディレクトリコネクタCLIを使用する組織では、デスクトップアプリのInterval設定を使用する代わりに、定義された間隔で自動同期をスケジュールすることができます。これは、ヘッドレス環境や、デスクトップアプリをバックグラウンドで実行できない状況で特に役立ちます。
同期をスケジュールするには、LinuxやMacOSなどのUnix系環境ではCronを、Windows環境ではタスクスケジューラを使用してください。
Cron permissions
When running a cron job, we recommend doing so as a dedicated Directory Connector user. Create a bwdc user if you haven't already, and add that user to the etc/cron.allow list. This will allow a non-Root user to set up and run cron jobs.
In order to continue, you will also need your organization's API key client_id and client_secret, which can be obtained by an organization owner from the Web Vault by navigating to organization Settings → My Organization.
Setup a sync script
In order avoid session timeouts, we recommend creating a shell script to run through cron. This script should securely read your client_secret to complete the login, and run a bwdc sync command that writes output to bwdc.log.
チップ
Need to sync from multiple directories? In your sync script, you can specify multiple folders, each of which must contain a data.json file with your directory sync settings.
You can then specify each directory to sync by performing multiple bwdc sync operations, for example:
BashBITWARDENCLI_CONNECTOR_APPDATA_DIR="./instance-1" bwdc sync
BITWARDENCLI_CONNECTOR_APPDATA_DIR="./instance-2" bwdc syncSetup the cron job
As the permitted bwdc user:
Edit the user's crontab file by entering
crontab -ein the terminal, or as edit the crontab file as any user by enteringcrontab -u <bwdc_username> -e.Add a line to the crontab that includes:
A scheduling expression that will determine the time/recurrence interval on which to execute the desired command (for example,
0 0 * * 2to run every Tuesday at midnight).The command to execute at the specified time/recurrence interval. In this case, execute the previously created sync script (for example,
bwdcSyncService.sh):
For example, to run the sync script every Monday at 12:00:
Bash# 0 12 * * 1 bwdcSyncService.shCron job scheduling expressions
Use the following reference when scheduling syncs via cron to ensure you're scheduling them for the desired time:
Bash# ┌───────────── minute (0 - 59)
# │ ┌───────────── hour (0 - 23)
# │ │ ┌───────────── day of the month (1 - 31)
# │ │ │ ┌───────────── month (1 - 12)
# │ │ │ │ ┌───────────── day of the week (0 - 6) (Sunday to Saturday;
# │ │ │ │ │ 7 is also Sunday on some systems)
# │ │ │ │ │
# │ │ │ │ │
# * * * * * <command to execute>チップ
If you're not yet comfortable with cron job scheduling expressions, check out https://crontab.guru/ for help.
Please note, this is a third-party resource that is not operated or maintained by Bitwarden.
Task Scheduler permissions
When running a task, we recommend doing so as a dedicated Directory Connector user. Create a bwdc user if you haven't already.
In order to continue, you will also need your organization's API key client_id and client_secret, which can be obtained by an organization owner from the Web Vault by navigating to organization Settings → My Organization.
Setup a sync script
In order to avoid session timeouts, you will need to create a script to run as the Task Scheduler action. This script should securely read your client_secret to complete the login, and run a bwdc sync command that writes output to bwdc.log.
チップ
Need to sync from multiple directories? In your sync script, you can specify multiple folders, each of which must contain a data.json file with your directory sync settings.
You can then specify each directory to sync by performing multiple bwdc sync operations, for example:
BashBITWARDENCLI_CONNECTOR_APPDATA_DIR="./instance-1" bwdc sync
BITWARDENCLI_CONNECTOR_APPDATA_DIR="./instance-2" bwdc syncCreate a task
As the dedicated bwdc user:
Open Task Scheduler and select Create Task from the Actions menu.
Configure the task with the following security options:
Set the task to use the created
bwdcuser.Set the task to Run whether user is logged on or not.
Select the Triggers tab and select the New... button to create a trigger that fits your directory sync needs.
チップ
For example, you could create a weekly trigger that runs at 8:00 PM every Sunday or every week:
Using Task Scheduler Select the Actions tab and select the New... button to create an action that runs the created sync script.
Select OK to finish creating the scheduled task.