Connected FreePBX with Active Directory and in process of troubleshooting I found that after I do “fwconsole userman --syncall --force” all my linked extension are cleared.
Domain Users group is not showing in user account -> Login details: Groups
Please fix this!
Asterisk 14.6.2
FreePBX 14.0.1.14
https://issues.freepbx.org/browse/FREEPBX-15614
Userman is in the edge track
userman v13.0.76.30
userman v14.0.3.28
Thank you. I’ll try it
userman v14.0.3.30 and same behavior. No default group and extensions are cleared after “fwconsole userman --syncall --force”
I don’t know if is related or not but FYI my “Manage group localy” is set to YES
You won’t have any groups if you are managing them locally
Theoretically maybe but in practice I have this. Even after rebuild AD connection
How you can see There is no “Domain Users” group which is primary one.
Whatever user yoy are using to connect to active directory doesn’t have permissions to list all groups.
Not true. I did AD query with this user and I can read any information.
Here what I have when I do “fwconsole userman --sync 3 --force --verbose”
Unable to find dlevxxxxxx primary group
Group ID: 513
User SID: S-1-5-21-2137147135-35066698-1846349546-10110
Group SID: S-1-5-21-2137147135-35066698-1846349546-513
Seems like this is Domain Users group. I’ll try to add FreePBX AD agent user to domain admins and will see if error will disappear.
Same error even if FreePBX AD agent user is Domain Admin.
Finally found the solution.
With userman 14.0.3.30 go to user account in Active Directory -> Telephones Tab -> fill “IP phone” filed
So userman after resync will relink proper extension.
My AD user agent has read only rights for AD. In this case if you’ll link extension to AD user from freepbx GUI (what I did initially) after force AD sync linked extension will be cleared.
