LDAP sync groups

[evgenii-erokhin]

When configuring authorization in DeviceHub via LDAP, user groups are not pulled up from LDAP
We use Open LDAP 2.6.7v
DeviceHub 1.4.4v

Our ldap is configured so that the group has an objectClass: groupOfUniqueNames with a list of uniqueMember.
And the user has the memberOf attribute.

Command connect to ldap in devicehub-auth docker container:

stf auth-ldap --port 3000 \
--app-url https://${STF_DOMAIN}:${STF_PORT} \
--secret=${STF_SECRET} \
--ldap-url ldap://my-ldap-url:389 \
--ldap-bind-dn "cn=user,dc=example,dc=com" \
--ldap-bind-credentials "password" \
--ldap-search-dn "dc=example,dc=com" \
--ldap-search-field "uid" \
--ldap-search-class "inetOrgPerson" \
--ldap-privilege-mapping '{"devops":"admin","qa":"user"}' \
--ldap-search-scope sub

logs of devicehub-auth:

Initialized sentry for environment: unset
Warning: Sentry sample_rate is 0
(node:1) ExperimentalWarning: Importing JSON modules is an experimental feature and might change at any time
(Use `node --trace-warnings ...` to show where the warning was created)
192.168.64.4
2025-07-10T12:51:02.734Z INF/auth-ldap 1 [*] Listening on port 3000
Starting DeviceHub
2025-07-11T06:40:50.226Z INF/util:ldaputil 1 [*] User "eerohin@company-name.com" is member of [  ]
2025-07-11T06:40:50.226Z INF/auth-ldap 1 [::ffff:192.168.64.17] Authenticated "eerohin@company-name.com" with privilege "user"

[evgenii-erokhin]

Hi! Do you have any updates on this issue?