LDAP Group Import Missing 'Member' Field Information

Stephen Skaggs · ‎01-13-2022

So I am having an issue with some LDAP import AD groups missing 'member' field information. Which is causing issues with adding users to the group with the missing member details.

So I have three test groups that have three different group scopes associated to them that may or may not have something to do with the missing information. Any help on why and how to fix it would be appreciated.

1st group - GroupScope : Universal - Member information shows up

2nd group - GroupScope : DomainLocal - Member information is MISSING

3rd group - GroupScope : Global - Member information is MISSING

Craig Gruwell · ‎01-14-2022

Are they all using the same LDAP Server record (where the attributes are defined to be retrieved from LDAP)?

Stephen Skaggs · ‎01-14-2022

Yes, they are all coming from the same LDAP server record and the attributes defined are as follows:

'cn,dc,department,description,employeeID,employeeNumber,givenName,l,mail,managedBy,manager,member,memberOf,mobile,objectGUID,sAMAccountName,sn,Source,telephoneNumber,title,useraccountcontrol,userPrincipalName'

It has no problem pulling other groups member field information, some are blank and some are filled in. I have not directly checked AD for the others groups but I have users showing in the members tab in AD for all three groups I mentioned.

Craig Gruwell · ‎01-17-2022

Do the imports all share the same LDAP data source? If so, if you drill into the LDAP Target (of the data source record), then select Browse (related link) and filter on one of the groups, do you see members listed?

Stephen Skaggs · ‎01-18-2022

Yes they share the same LDAP data source. This is what I see when I browse and filter, the member fields don't show for two of the groups.