Please whack me over the head if there's a better place to pursue this semi-lame question.

We have about 150 LDAP groups and in our earlier configuration with D6 ldap_integration module we used a cron'd synch to update groups (because that seemed like what worked) and we did not filter groups/roles because synch times became prolonged.

With the new D7 LDAP, "Upon user login" synch seems to work fine and I want to use filtering to have only 25-30 needed groups synch'd to Drupal roles. Dumb me, though, I let the horse out of the barn and have already accrued more than 70 Drupal roles from user login synch.

I poked around a bit but did not see anything about aging out roles under "Authorization". So my question is if I turn on filtering (to 25-30 roles) will roles outside the filter get dropped or do I need to prune them manually? And the safest way to do that would be...?

Admin pages like Permissions get pretty boggy and difficult with 150 roles so I need to pare this down before launch. I though I might just experiment but then got wimpy and decided to ask :(

Thanks for this great module.

Jim

Comments

johnbarclay’s picture

The only way I know of is to manually delete the roles in drupal or write an SQL query.

johnbarclay’s picture

Status: Active » Fixed

Status: Fixed » Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.