Hello,
When I create custom attribute “testattribute” in Active Directory and assigned to group class.
Then in Apache Jackrabbit Oak LDAP Identity Provider, set Group object class = group, and set Group name attribute = testattribute Group member attribute = blank
Then sync using Jmx console
But when I checked useradmin, no group name is synced. My expectation is, value n testattribute should be synced in useradmin group name. I only see default group everyone.
I think this happens because AEM LDAP could not check membership of user?
When I configure standard Active Directory user group sync shown below, user and group are successfully synced. I think because Group member attribute = member lets AEM LDAP back check if user belongs to the group.
Apache Jackrabbit Oak LDAP Identity Provider
User object classes = person organizationalPerson
User ID attribute sAMAccountName
Group object classes = group
Group Name attribute = sAMAccountName
Group Member attribute = member
in Windows Active Directory, member attribute in Group includes user names which belong to this Group.
I think - AEM LDAP back checks this member, and only if user name found in member, AEM LDAP adds group name in user in useradmin. This is my guess.
Anyway, my objective is to sync custom attribute as a group name in useradmin.
I appreciate your support.
Regards, Mike
