LDAP nested Groups [Active Directory]


I would like to use a nested Group like “Zammad_User” which is member of another Group which all users have in Active Directory. The Documentation says currently nested Groups are not Supported by Zammad.

More about my Topic:
We have alot users in AD which are members of several groups. We have different softwares which sync this users via LDAP. All Users SHOULD have 1 Sync-Group which does nothing else than being member of the sync-group for each software. This is the clean way of doing LDAP-Sync in AD, because then not every User needs a sync-group for every software its synced to. Also then you know which Softwares is using this group. Of course its just practical in case all users should be synced. (Which is the case for us)
I don’t know if this is a rare requirement. For us it would be great, because all our customers (internal employees) are synced from Active Directory.

In Short: All AD-Users are member of Group “User-Sync”, which is member of Group “Zammad_User” which is synced to Zammad.

Feel free to answer/like if you would use this feature too.

Btw. this request looks similar

1 Like