Add cron schedule option for LdapAddOnSeatSyncWorker

Implementation: Add cron schedule option for LdapAddOnSeatSyncWorker

Background

Currently, the GitlabSubscriptions::AddOnPurchases::LdapAddOnSeatSyncWorker worker is triggered only when users sign in, but this doesn't work properly with SSO enabled environments. This creates a manual overhead for administrators who need to enable Duo for users manually.

Objective

Add a configurable cron schedule option for the LdapAddOnSeatSyncWorker similar to how the ldap_group_sync_worker is implemented, allowing automated Duo seat allocation/removal based on LDAP attributes at scheduled intervals.

Requirements

1. Add configuration options to allow administrators to set a cron schedule for the LdapAddOnSeatSyncWorker
2. Ensure the worker can run on a scheduled basis independent of user sign-in events
3. Maintain the existing functionality when users sign in
4. Document the new configuration options in the Duo add-on seat management with LDAP documentation

References

• Current LdapAddOnSeatSyncWorker: https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/app/workers/gitlab_subscriptions/add_on_purchases/ldap_add_on_seat_sync_worker.rb
• Similar implementation in ldap_group_sync_worker: https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/app/workers/ldap_group_sync_worker.rb
• Duo add-on seat management with LDAP documentation: https://docs.gitlab.com/administration/duo_add_on_seat_management_with_ldap/

Impact

This enhancement will significantly reduce manual effort for administrators managing Duo entitlements in large organizations with SSO enabled, particularly for environments with thousands of users.