I don't understand that an issue from 2020 is still not even acknowledged as an issue? Am I missing something here??
The issue is that there is still a bug where the users are not associated with the top level groups AD groups if they a part of the nest groups inside. So therefore we cannot apply permissions using the AD groups....we have to go back and build out local PVE groups using the AD users instead which is not usable at scale. What we need is that the LDAP system to function similar to how it functions in vCenter where we can see the AD groups and the members of those groups ( even if those members belong to a nested group inside the top level group ). From there we would be able to use the groups directly to give permissions to resource pools/Vms etc
ex. PVE Permissions>PVE Role > TOPLEVEL AD GROUPs> Nested AD roll groups > AD Users
@iwik - as mentioned in the bugzilla post, i would be cool if proxmox development team can find inspiration from your fix to officially add it into the repo
