Customizing Tine 2.0 LDAP sync
Since more than one year we moved from eGroupWare to Tine 2.0. After using eGroupWare for more than 5 years it was time to look for an alternative. Integrating Tine 2.0 into our it infrastructure was no big deal, it was even possible to connect it to our central LDAP server. The LDAP sync of Tine 2.0 is designed in a way to copy all user and group information from the LDAP server into the local Tine 2.0 database. The sync process is triggered via a cronjob. Since we have a lot of LDAP groups for the various applications we use, I was looking for a way to filter groups that should be synced. I realized there was no way of ignoring certain groups so I changed my plan and added some custom code which would at least hide the groups.
To accomplish that open the file Tinebase/Group.php and locate the syncGroups() method and look for the line
$groupBackend->mergeMissingProperties($group, $sqlGroup);
Put your custom filtering logic right after this method call. Be aware that the statement exists twice in the method and you need to add the customizations after both of the method calls. One of the method calls is used for updating the local copy and the other call is used for adding a new group to the Tine 2.0 database.
For instance it would be possible to check for a naming scheme of the LDAP groups and hide all groups that do not contain "tine-".
$group->visibility = (false !== strpos($group->name, 'tine-')) ? 'displayed' : 'hidden';
Currently we have more than 200 LDAP groups that get synced regulary into Tine 2.0 and so far this works quite fine for us. The downside of the approach is that we have to merge the "fix" for every new version of Tine 2.0. But thanks to Git it is no hassle to merge the changes in for every update.