ido177 opened a new issue, #56107: URL: https://github.com/apache/airflow/issues/56107
### Description Currently, Airflow’s LDAP authentication via FAB Security Manager only supports direct group membership. In many enterprise setups, especially with Microsoft Active Directory, group memberships are structured hierarchically(nested groups). This prevents proper role assignment when users belong to groups indirectly. ### Use case/motivation - Enterprises often rely on nested groups for access control. - Without nested group support, users must be explicitly added to top-level groups mapped to Airflow roles, which leads to duplication and administrative overhead. - Supporting nested groups improves compatibility with real-world AD setups and reduces maintenance costs. ### Related issues _No response_ ### Are you willing to submit a PR? - [x] Yes I am willing to submit a PR! ### Code of Conduct - [x] I agree to follow this project's [Code of Conduct](https://github.com/apache/airflow/blob/main/CODE_OF_CONDUCT.md) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
