Issues with LDAP group sync
Hey folks, I am running Teamcity 9.0.5 (build 32523) right now and have some trouble getting group sync to work.
Our Ldap has the following setup:
users are in ou=people,cn=users with class posixUser
groups are in ou=groups,cn={groupName} with class posixGroup
members of groups are indentified by the groups memberUid field mapping to user uid.
I set everything up and user sync works fine, but I get this in the logs when syncing groups:
Skipped 12 unknown members during membership synchronization of the remote group '{remoteId='cn=ops,ou=groups,dc=someDC,dc=com', groupKey='OPS', members=12}' as they are not present in the full list of users or groups. Ignored members: '12 members here...'
Anyone know what this is about?
The users ignored are all synced fine and can login to TC via LDAP...
Please sign in to leave a comment.
Hi Tobias
The log message has not been preserved. Could you post it once again please.
The log message is:
I probably should mention that all members of the group were ignored. It's not just some that may be in different CNs
Hi ,
I am also facing the same issue which you have posted.
So do you have any update on this issue??
Were you able to resolve it ? If yes could you please let me know
We got the same issue.
Is there any answer for this problem?
Hello,
Could you please describe the issue in more detail? What TeamCity version is used? Please attach ldap-config.properties file and ldap log.
Hi,
This is ldap logs:
errors: [Skipped 20 unknown members during membership synchronization of the remote group '{remoteId='cn=ReleaseEngineering,ou=Groups,dc=xxx,dc=com', groupKey='RELEASE', members=20}'Ldap group TC configure:
Configuration in ldap-mapping.xml:
TC is able to query LDAP groups:
TeamCity version is 9.1.1 (build 37059).
Please let me know if you need more infomation.thanks.
Thank you for provided details. The users from the group "ReleaseEngineering" were skipped:
errors: [Skipped 20 unknown members during membership synchronization of the remote group '{remoteId='cn=ReleaseEngineering,ou=Groups,dc=xxx,dc=com', groupKey='RELEASE', members=20}'because they are not present in users list ("remote users=442") filtered by teamcity.users.base and teamcity.users.filter properties. Please modify the ldap config file.
Hi Alina,
Thank for your feedback,but the members not in userlist seems not right,as they are able to login TC by LDAP accounts.Futhermore,after modifying ldap config (adjust filter scope),queried users up to 3769 but still got error with group synchronization: