Skip to Content

Issue: LDAP roles not assigned to users after migration from 3.1 to 4.1


Assumption: Groups might not added before migration.

Detailed background of issue:

Assume migrated 3.1 objects to 4.1 (New system).

LDAP groups are not syncing for all our users unless I manually re-create their LDAP alias.  But aliases assigned to all users successfully. For example, <User> has a valid LDAP alias, shown here in the Properties section of his user profile:

ldap .jpg

However, when we look at Member Of, his Information Technology LDAP group does not appear:

ldap .jpg

Actual assigned LDAP group should show as below. As of now we are deleting alias –> recreating Enterprise alias –> deleting enterprise alias and finally –> Re-creating LDAP group alias.

ldap .jpg

Update groups and users with alias option is not working using on-demand option.


  • Try with on-demand option as this is worked for me in Development environment.
  • Remove LDAP groups and add again in CMC LDAP configuration.

To report this post you need to login first.

Be the first to leave a comment

You must be Logged on to comment or reply to a post.

Leave a Reply