I am using a OpenLDAP Directory profile to sync my users from my FreeIPA instance.
The User sync works great and without a Problem.
Syncing groups also works but group membership is not properly assigned.
The primary groups get properly assigned to each user.
I have a group called “pbx_users” wich indicates general access to the PBX.
Every user that is synced must be member of the group.
But if i check in FreePBX no user is assigned to it.
I’ve checked the wiki and multiple other Forum threads without a solution.
The OpenLDAP Group configuration also contains a Field that is not documented in the wiki called “Group Member Identifier Attribute”.
Here is a Screenshot of my Group configuration
Here is the Group sync part of the userman sync log (usernames replaced):
Updating All Groups
ldapsearch -w ... -H "ldap://<our FreeIPA server>:389" -D "uid=freepbx,cn=sysaccounts,cn=etc,dc=<company name>,dc=de" -b "cn=groups,cn=accounts,dc=<company name>,dc=de" -s sub "(|(cn=pbx_*)(objectclass=mepmanagedentry))"
Retrieving all groups...
Got 12 groups
Working on user1
Updating user1
Working on user2
Updating user2
Working on user3
Updating user3
Working on user4
Updating user4
Working on user5
Updating user5
Working on user6
Updating user6
Working on user7
Updating user7
Working on ttestington
Updating ttestington
Working on user8
Updating user8
Working on user9
Updating user9
Working on pbx_users
Updating pbx_users
Working on user10
Updating user10
Finished adding users from non-primary groups
Updating Primary Groups
User user1 primary group is user1
User user2 primary group is user2
User user4 primary group is user4
User user5 primary group is user5
User user6 primary group is user6
User user7 primary group is user7
User user8 primary group is user8
User user9 primary group is user9
Executing User Manager Hooks
Updating User user1...done
Updating User user2...done
Updating User user4...done
Updating User user5...done
Updating User user6...done
Updating User user7...done
Updating User user8...done
Updating User user9...done
Updating Group user1...done
Updating Group user2...done
Updating Group user3...done
Updating Group user4...done
Updating Group user5...done
Updating Group user6...done
Updating Group user7...done
Updating Group ttestington...done
Updating Group user8...done
Updating Group user9...done
Updating Group pbx_users...done
Updating Group user10...done
Finished
Hopefully someone can help me getting the group assignment to work.