Can you try to manually perform the LDAP search and make sure it returns the proper entry?
(&(|(samaccountname=Team-mOps)(mail=Team-mOps)(userPrincipalName=Team-mOps))(|(&(&(ObjectClass=user)(|(memberOf=CN=OX-Test-Users,OU=Mitarbeiter,DC=intern,DC=punkt,DC=de)(memberOf=CN=OX-Users,OU=Mitarbeiter,DC=intern,DC=punkt,DC=de)))(!(UserAccountControl:1.2.840.113556.1.4.803:=2)))(ObjectClass=group))) Francis > On Jan 20, 2020, at 10:38 AM, Lars Liedtke (lied...@punkt.de) <users@sogo.nu> > wrote: > > Hi Francis, > > This is a working group: > > version: 1 > dn: CN=Team-Pi,OU=Mitarbeiter,DC=intern,DC=punkt,DC=de > objectClass: group > objectClass: top > groupType: -2147483646 > instanceType: 4 > objectCategory: CN=Group,CN=Schema,CN=Configuration,DC=intern,DC=punkt,DC=de > cn: Team-Pi > distinguishedName: CN=Team-Pi,OU=Mitarbeiter,DC=intern,DC=punkt,DC=de > dSCorePropagationData: 16010101000000.0Z > mail: p...@punkt.de > member: CN=Member1,OU=Mitarbeiter,DC=intern,DC=punkt,DC=de > member: CN=Member2,OU=Mitarbeiter,DC=intern,DC=punkt,DC=de > member: CN=Member3,OU=Mitarbeiter,DC=intern,DC=punkt,DC=de > member: CN=Member4,OU=Mitarbeiter,DC=intern,DC=punkt,DC=de > member: CN=Member5,OU=Mitarbeiter,DC=intern,DC=punkt,DC=de > member:: Q049VGhvbWFzIFDDtnR6c2NoLE9VPU1pdGFyYmVpdGVyLERDPWludGVybixEQz1wdW5 > rdCxEQz1kZQ== > member: CN=Member6,OU=Mitarbeiter,DC=intern,DC=punkt,DC=de > member: CN=Member7,OU=Mitarbeiter,DC=intern,DC=punkt,DC=de > member: CN=Member8,OU=Mitarbeiter,DC=intern,DC=punkt,DC=de > member: CN=Member9,OU=Mitarbeiter,DC=intern,DC=punkt,DC=de > member:: Q049QWxleGFuZGVyIELDtmhtLE9VPU1pdGFyYmVpdGVyLERDPWludGVybixEQz1wdW5 > rdCxEQz1kZQ== > member: CN=Member10,OU=Mitarbeiter,DC=intern,DC=punkt,DC=de > member:: Q049SsO8cmdlbiBFZ2VsaW5nLE9VPU1pdGFyYmVpdGVyLERDPWludGVybixEQz1wdW5 > rdCxEQz1kZQ== > name: Team-Pi > objectGUID:: PBbJg3IXH0jvv73vv71mIe+/ve+/ve+/vSc= > objectSid:: AQUAAAAAAAUVAAAA77+9b9K4G++/vW4/Ngbvv73vv70kCwAA > sAMAccountName: Team-Pi > sAMAccountType: 268435456 > uSNChanged: 11535365 > uSNCreated: 8727024 > whenChanged: 20200117093209.0Z > whenCreated: 20170705091619.0Z > zarafaAccount: 0 > <minhadkggmedlnfm.png> > > And this is a not working group > > version: 1 > dn: CN=Team-mOps,OU=Mitarbeiter,DC=intern,DC=punkt,DC=de > objectClass: group > objectClass: top > groupType: -2147483646 > instanceType: 4 > objectCategory: CN=Group,CN=Schema,CN=Configuration,DC=intern,DC=punkt,DC=de > cn: Team-mOps > distinguishedName: CN=Team-mOps,OU=Mitarbeiter,DC=intern,DC=punkt,DC=de > dSCorePropagationData: 20101124131241.0Z > dSCorePropagationData: 16010101000001.0Z > mail: m...@punkt.de > member: CN=Member1,OU=Mitarbeiter,DC=intern,DC=punkt,DC=de > member: CN=Lars Liedtke,OU=Mitarbeiter,DC=intern,DC=punkt,DC=de > member:: Q049SsO2cmcgU2Nod2VpemVyLE9VPU1pdGFyYmVpdGVyLERDPWludGVybixEQz1wdW5 > rdCxEQz1kZQ== > member: CN=Member2,OU=Mitarbeiter,DC=intern,DC=punkt,DC=de > member: CN=Member3,OU=Mitarbeiter,DC=intern,DC=punkt,DC=de > member: CN=Member4,OU=Mitarbeiter,DC=intern,DC=punkt,DC=de > member: CN=Member5,OU=Mitarbeiter,DC=intern,DC=punkt,DC=de > member: CN=Member6,OU=Mitarbeiter,DC=intern,DC=punkt,DC=de > name: Team-mOps > objectGUID:: 77+9x7wO77+9fWFB77+9De+/vRDvv73vv73vv712 > objectSid:: AQUAAAAAAAUVAAAA77+9b9K4G++/vW4/Ngbvv73vv717CgAA > sAMAccountName: Technik > sAMAccountType: 268435456 > uSNChanged: 11536349 > uSNCreated: 8391 > whenChanged: 20200117141232.0Z > whenCreated: 20100112101614.0Z > <mijnimmgbopbghco.png> > > I have other groups, which are working with a difference between CN and > sAMAccountName, so this can't be it. > > > > Lars > > > > Am 20.01.20 um 15:02 schrieb Francis Lachapelle (flachape...@inverse.ca): >> Hi Lars >> >> Please share the LDAP entry of a problematic group. >> >> >> Francis >> >> >>> On Jan 17, 2020, at 9:36 AM, Lars Liedtke (lied...@punkt.de) <users@sogo.nu> >>> wrote: >>> >>> Thank you, that worked. But some groups show a "0" the team and don't >>> expand. >>> >>> In the log I see the following: >>> >>> Jan 17 15:31:46 sogod [38517]: <0x0x811ebc598[NGLdapConnection]> Using >>> ldap_initialize for LDAP URL: >>> ldap://127.0.0.1:389 >>> >>> 2020-01-17 15:31:46.696 sogod[38517:100191] -[NGLdapConnection >>> _searchAtBaseDN:qualifier:attributes:scope:]: search at base >>> 'ou=mitarbeiter,dc=intern,dc=punkt,dc=de' filter '(cn=Team-mOps)' for attrs >>> '*' >>> Jan 17 15:31:46 sogod [38517]: <0x0x80f2c9858[NGLdapConnection]> Using >>> ldap_initialize for LDAP URL: >>> ldap://127.0.0.1:389 >>> >>> 2020-01-17 15:31:46.726 sogod[38517:100191] -[NGLdapConnection >>> _searchAtBaseDN:qualifier:attributes:scope:]: search at base >>> 'ou=mitarbeiter,dc=intern,dc=punkt,dc=de' filter >>> '(&(|(samaccountname=Team-mOps)(mail=Team-mOps)(userPrincipalName=Team-mOps))(|(&(&(ObjectClass=user)(|(memberOf=CN=OX-Test-Users,OU=Mitarbeiter,DC=intern,DC=punkt,DC=de)(memberOf=CN=OX-Users,OU=Mitarbeiter,DC=intern,DC=punkt,DC=de)))(!(UserAccountControl:1.2.840.113556.1.4.803:=2)))(ObjectClass=group)))' >>> for attrs '*' >>> Jan 17 15:31:46 sogod [38517]: |SOGo| request took 0.049511 seconds to >>> execute >>> │ >>> Jan 17 15:31:46 sogod [38517]: 172.17.28.1 "GET >>> /SOGo/so/ry86/Contacts/punkt.de_directory/Team-mOps/members HTTP/1.1" 405 >>> 22/0 0.050 - - - >>> >>> While with those groups that work there is a 200 there and then it starts >>> querying for the team members. I can't see a notable difference inside the >>> AD between the definitions of thos teams. Any Idea? >>> >>> Lars >>> >>> Am 17.01.20 um 14:44 schrieb Francis Lachapelle ( >>> flachape...@inverse.ca >>> ): >>> >>>> Hi Lars >>>> >>>> When the parameter SOGoLDAPGroupExpansionEnabled is set to YES in >>>> sogo.conf, a new button should appear to expand groups in the mail editor >>>> and attendees editor: >>>> >>>> <sogo-webmail-group-expansion.png> >>>> >>>> >>>> Francis >>>> >>>> >>>>> On Jan 17, 2020, at 7:54 AM, Lars Liedtke (lied...@punkt.de) >>>>> <users@sogo.nu> >>>>> wrote: >>>>> >>>>> Hello Christian, >>>>> >>>>> did I misinterpret this "mail(js): new button to expand recipients that >>>>> are LDAP groups" in >>>>> >>>>> https://github.com/inverse-inc/sogo/releases/tag/SOGo-4.2.0 >>>>> then? >>>>> >>>>> Best regards >>>>> >>>>> Lars >>>>> >>>>> Am 17.01.20 um 13:49 schrieb Christian Mack >>>>> ( >>>>> christian.m...@uni-konstanz.de >>>>> ): >>>>> >>>>>> Hello >>>>>> >>>>>> AFAIK: Those buttons only exist for attendees and privileges, not for >>>>>> emails. >>>>>> Emails will be sent to the group email address, which are resolved >>>>>> into recipients by the SMTP and/or IMAP server. >>>>>> >>>>>> >>>>>> Kind regards, >>>>>> Christian Mack >>>>>> >>>>>> Am 17.01.20 um 11:04 schrieb Lars Liedtke ( >>>>>> lied...@punkt.de >>>>>> ): >>>>>> >>>>>>> Hello all, >>>>>>> >>>>>>> I saw that with SOGo 4.2.0 a button has been added to expand LDAP groups >>>>>>> in the mail editor. >>>>>>> >>>>>>> But I seem to be unable to meet the requirements to get the button >>>>>>> enabled. In the calendar the groups are expanded. So There the >>>>>>> requirements are met. Which Fields have to set (and how) in the LDAP (AD >>>>>>> in my case) so that this very useful functionality can be activated? >>>>>>> >>>>>>> An example of our groups (redacted with privacy things, e.g. the group >>>>>>> has more members than me): >>>>>>> >>>>>>> version: 1 >>>>>>> >>>>>>> dn: CN=Team-mOps,OU=Mitarbeiter,DC=intern,DC=punkt,DC=de >>>>>>> objectClass: group >>>>>>> objectClass: top >>>>>>> groupType: -2147483646 >>>>>>> instanceType: 4 >>>>>>> objectCategory: >>>>>>> CN=Group,CN=Schema,CN=Configuration,DC=intern,DC=punkt,DC=de >>>>>>> cn: Team-mOps >>>>>>> distinguishedName: CN=Team-mOps,OU=Mitarbeiter,DC=intern,DC=punkt,DC=de >>>>>>> dSCorePropagationData: 20101124131241.0Z >>>>>>> dSCorePropagationData: 16010101000001.0Z >>>>>>> mail: >>>>>>> tech...@punkt.de >>>>>>> >>>>>>> member: CN=Lars Liedtke,OU=Mitarbeiter,DC=intern,DC=punkt,DC=de >>>>>>> name: Team-mOps >>>>>>> sAMAccountName: Technik >>>>>>> sAMAccountType: 268435456 >>>>>>> uSNChanged: 11268255 >>>>>>> uSNCreated: 8391 >>>>>>> >>>>>>> >>>>>>> Best Regards >>>>>>> >>>>>>> Lars >>>>>>> >>>>>>> --- >>>>>>> punkt.de GmbH >>>>>>> Lars Liedtke >>>>>>> .infrastructure >>>>>>> >>>>>>> Kaiserallee 13a >>>>>>> 76133 Karlsruhe >>>>>>> >>>>>>> Tel. +49 721 9109 500 >>>>>>> >>>>>>> https://infrastructure.punkt.de >>>>>>> i...@punkt.de >>>>>>> >>>>>>> >>>>>>> AG Mannheim 108285 >>>>>>> Geschäftsführer: Jürgen Egeling, Daniel Lienert, Fabian Stein >>>>>>> >>>> -- >>>> >>>> users@sogo.nu >>>> https://inverse.ca/sogo/lists >>> -- >>> — >>> >>> punkt.de >>> GmbH >>> Lars Liedtke >>> .infrastructure >>> >>> Kaiserallee 13a >>> 76133 Karlsruhe >>> >>> Tel. +49 721 9109 500 >>> >>> >>> https://infrastructure.punkt.de >>> i...@punkt.de >>> >>> >>> >>> AG Mannheim 108285 >>> Geschäftsführer: Jürgen Egeling, Daniel Lienert, Fabian Stein >>> >>> -- >>> >>> users@sogo.nu >>> https://inverse.ca/sogo/lists >>> >>> <0xDD6D744EC1628062.asc> >>> > -- > --- > punkt.de GmbH > Lars Liedtke > .infrastructure > > Kaiserallee 13a > 76133 Karlsruhe > > Tel. +49 721 9109 500 > > https://infrastructure.punkt.de > i...@punkt.de > > > AG Mannheim 108285 > Geschäftsführer: Jürgen Egeling, Daniel Lienert, Fabian Stein > > -- > users@sogo.nu > https://inverse.ca/sogo/lists > <0xDD6D744EC1628062.asc> -- users@sogo.nu https://inverse.ca/sogo/lists
