I have a group in which we are utilizing LDAP Sync that appears to be stuck in syncing. I can not get it to complete syncing. Where can I check to figure out what is going on? I have other groups that are syncing successfully.
1 Like
The problem boils down to a role conflict. IE, the user would have a higher role in a group higher in the hierarchy. (If a user has say Maintainer access in a parent group, then they can not be assigned Developer access via LDAP sync) My particular problem ended up being that before we had implemented LDAP sync, a user had requested access to a parent group, but it had never been approved. So the user actually wasn’t a member but they still had a pending role assignment which conflicted. So check the parent groups of the group you are attempting to sync and remove any non-sync’d users whom would be sync’d from memberships and delete any pending invites or requests in parent groups.
@jonl3 - Thank you so much for providing details about this issue. I checked and found out that I have a user in 2 LDAP groups that Sync as Owner and Maintainer. Definitely like you discovered “a role conflict”.
Thanks again!