Just started a new Foreman 1.15.0 deployment and configured LDAP with AD
for authentication with the base DN being the OU with the users and the
Groups base DN being the OU with the security groups. I also enabled the
two options under the Account tab to create the user and to usergroup
sync.I have successfully logged in with a AD user account and verified that
the account is created and working.
Then I created a user group, set the role as Administrators and attached
the security group from the Groups base DN to it but on refreshing the
external group the above mentioned user which is a direct member to the AD
group attached to the user group is not added to the group. I have tried
this in a variety of ways, removing the user from foreman and logging on
again, changing the bases to be at a higher level, implement LDAP filter to
restrict the accounts to a subset, run the foreman-rake
ldap:check_usergroup(sp) command which ran successfully. Nothing seems to
enable the AD users to be added to the local user group.
Any ideas or suggestions would be greatly appreciated.