Issue: LDAP roles not assigned to users after migration from 3.1 to 4.1
Cause:
Assumption: Groups might not added before migration.
Detailed background of issue:
Assume migrated 3.1 objects to 4.1 (New system).
LDAP groups are not syncing for all our users unless I manually re-create their LDAP alias. But aliases assigned to all users successfully. For example, <User> has a valid LDAP alias, shown here in the Properties section of his user profile:
However, when we look at Member Of, his Information Technology LDAP group does not appear:
Actual assigned LDAP group should show as below. As of now we are deleting alias --> recreating Enterprise alias --> deleting enterprise alias and finally --> Re-creating LDAP group alias.
Update groups and users with alias option is not working using on-demand option.
Resolution:
- Try with on-demand option as this is worked for me in Development environment.
- Remove LDAP groups and add again in CMC LDAP configuration.