I am using a OpenLDAP Directory profile to sync my users from my FreeIPA instance.
The User sync works great and without a Problem.
Syncing groups also works but group membership is not properly assigned.
The primary groups get properly assigned to each user.
I have a group called “pbx_users” wich indicates general access to the PBX.
Every user that is synced must be member of the group.
But if i check in FreePBX no user is assigned to it.
I’ve checked the wiki and multiple other Forum threads without a solution.
The OpenLDAP Group configuration also contains a Field that is not documented in the wiki called “Group Member Identifier Attribute”.
Here is a Screenshot of my Group configuration
Here is the Group sync part of the userman sync log (usernames replaced):
Updating All Groups ldapsearch -w ... -H "ldap://<our FreeIPA server>:389" -D "uid=freepbx,cn=sysaccounts,cn=etc,dc=<company name>,dc=de" -b "cn=groups,cn=accounts,dc=<company name>,dc=de" -s sub "(|(cn=pbx_*)(objectclass=mepmanagedentry))" Retrieving all groups... Got 12 groups Working on user1 Updating user1 Working on user2 Updating user2 Working on user3 Updating user3 Working on user4 Updating user4 Working on user5 Updating user5 Working on user6 Updating user6 Working on user7 Updating user7 Working on ttestington Updating ttestington Working on user8 Updating user8 Working on user9 Updating user9 Working on pbx_users Updating pbx_users Working on user10 Updating user10 Finished adding users from non-primary groups Updating Primary Groups User user1 primary group is user1 User user2 primary group is user2 User user4 primary group is user4 User user5 primary group is user5 User user6 primary group is user6 User user7 primary group is user7 User user8 primary group is user8 User user9 primary group is user9 Executing User Manager Hooks Updating User user1...done Updating User user2...done Updating User user4...done Updating User user5...done Updating User user6...done Updating User user7...done Updating User user8...done Updating User user9...done Updating Group user1...done Updating Group user2...done Updating Group user3...done Updating Group user4...done Updating Group user5...done Updating Group user6...done Updating Group user7...done Updating Group ttestington...done Updating Group user8...done Updating Group user9...done Updating Group pbx_users...done Updating Group user10...done Finished
Hopefully someone can help me getting the group assignment to work.