AdministratörskonsolAnvändarhanteringDirectory Connector

Schemalägg en synkronisering

För organisationer som använder Directory Connector CLI kan automatiska synkroniseringar schemaläggas på definierade intervall som ett alternativ till att använda skrivbordsappens intervallinställning. Detta är särskilt användbart i huvudlösa miljöer, eller under omständigheter där en stationär app inte kan köras i bakgrunden.

För att schemalägga synkroniseringar, använd Cron i Unix-liknande miljöer inklusive Linux och MacOS, och använd Task Scheduler i Windows-miljöer:

Cron permissions

When running a cron job, we recommend doing so as a dedicated Directory Connector user. Create a bwdc user if you haven't already, and add that user to the etc/cron.allow list. This will allow a non-Root user to set up and run cron jobs.

In order to continue, you will also need your organization's API key client_id and client_secret, which can be obtained by an organization owner from the Web Vault by navigating to organization SettingsMy Organization.

Setup a sync script

In order avoid session timeouts, we recommend creating a shell script to run through cron. This script should securely read your client_secret to complete the login, and run a bwdc sync command that writes output to bwdc.log.

tip

Need to sync from multiple directories? In your sync script, you can specify multiple folders, each of which must contain a data.json file with your directory sync settings.

You can then specify each directory to sync by performing multiple bwdc sync operations, for example:

Bash
# Linux
BITWARDENCLI_CONNECTOR_APPDATA_DIR="./instance-1" bwdc sync
BITWARDENCLI_CONNECTOR_APPDATA_DIR="./instance-2" bwdc sync

# Windows
set BITWARDENCLI_CONNECTOR_APPDATA_DIR=./instance-1
bwdc sync
set BITWARDENCLI_CONNECTOR_APPDATA_DIR=./instance-2
bwdc sync

Setup the cron job

As the permitted bwdc user:

  1. Edit the user's crontab file by entering crontab -e in the terminal, or as edit the crontab file as any user by entering crontab -u <bwdc_username> -e.

  2. Add a line to the crontab that includes:

    • A scheduling expression that will determine the time/recurrence interval on which to execute the desired command (for example, 0 0 * * 2 to run every Tuesday at midnight).

    • The command to execute at the specified time/recurrence interval. In this case, execute the previously created sync script (for example, bwdcSyncService.sh):

For example, to run the sync script every Monday at 12:00:

Bash
# 0 12 * * 1 bwdcSyncService.sh

Cron job scheduling expressions

Use the following reference when scheduling syncs via cron to ensure you're scheduling them for the desired time:

Bash
# ┌───────────── minute (0 - 59)
# │ ┌───────────── hour (0 - 23)
# │ │ ┌───────────── day of the month (1 - 31)
# │ │ │ ┌───────────── month (1 - 12)
# │ │ │ │ ┌───────────── day of the week (0 - 6) (Sunday to Saturday;
# │ │ │ │ │                                   7 is also Sunday on some systems)
# │ │ │ │ │
# │ │ │ │ │
# * * * * * <command to execute>
tip

If you're not yet comfortable with cron job scheduling expressions, check out https://crontab.guru/ for help.

Please note, this is a third-party resource that is not operated or maintained by Bitwarden.