LDAP Group Membership Issue

[makinbacon21]

Hello! I'm not exactly new to Proxmox but hadn't bothered messing around with LDAP yet. I got everything set up and all the users are detected along with the only group I care about, cn=staff,ou=Group,.... However! None of the users in that group are listed as members, no one at all in fact. We don't have memberOf attributes on the user objects, just memberUid for each member on the group entry. Am I missing something?

Settings:

 

[smartin78]

Hello we have exactly the same issue. Someone have a solution ? thanks

 

[AidanWV]

Hey, ever find a solution to this?

Same boat here, can successfully sync ldap (freeipa) matching users and two matching groups, but there's no link in proxmox between the sync'd users and groups.

Using the following sync settings:

User classes: inetOrgPerson
Group classes: groupOfNames
User filter: memberOf=cn=group-proxmox-*
Group filter: (&(ObjectClass=groupofnames)(cn=*proxmox*))

Desired outcome: sync matches all users configured in two groups ("group-proxmox-admin" and "group-proxmox-user"), syncs all users, and associates each proxmox user with the correct sync'd group name, so permissions in proxmox can then be assigned to these groups.

Edit: with some further testing, users with direct group membership are getting the user<->group association, but users inherited via group membership (ie, a user which is a member of "general-admins" group, and the "general-admins" group is a member of the "group-proxmox-admin") aren't being matched. I'm going to dig further to see if I can find a way for this to work with inherited membership..