All users are admin after enable "ldap-sync-admin-groups"

[karvox]

Hello everyone,

After I enable ldap-sync-admin-groups all successfull login-in by users become a wekan administrator. My admin group on MS AD has 2 users, what is wrong? Is a bug? or misconfiguration? This is my wekan config:

Key Value
debug true
default-authentication-method ldap
ldap-authentication true
ldap-authentication-password xxxxxxxxxxxxxxxxxxxxxxxxx
ldap-authentication-userdn CN=Wekan Authenticator,CN=Users,DC=xxx,DC=xxx,DC=xxx,DC=xxx
ldap-background-sync true
ldap-background-sync-import-new-users false
ldap-background-sync-interval every 1 minute
ldap-background-sync-keep-existant-users-updated true
ldap-basedn DC=xxx,DC=xxx,DC=xxx,DC=xxx
ldap-enable true
ldap-encryption false
ldap-fullname-field displayName
ldap-group-filter-enable true
ldap-group-filter-group-id-attribute cn
ldap-group-filter-group-member-attribute member
ldap-group-filter-group-member-format dn
ldap-group-filter-group-name WekanUsers
ldap-group-filter-objectclass group
ldap-host 10.10.10.10
ldap-idle-timeout 10000
ldap-log-enabled true
ldap-login-fallback false
ldap-port 389
ldap-reconnect true
ldap-sync-admin-groups ti
ldap-sync-admin-status true
ldap-sync-user-data-fieldmap {'cn':'name', 'mail':'email'}
ldap-timeout 10000
ldap-unique-identifier-field sAMAccountName
ldap-user-search-field sAMAccountName
ldap-user-search-filter (&(objectClass=user)(memberOf=CN=WekanUsers,CN=Users,DC=xxx,DC=xxx,DC=xxx,DC=xxx))
ldap-user-search-scope sub
ldap-username-field sAMAccountName
mail-from Wekan Boards Support [email protected]
mail-url smtp://notify-wekan@:[email protected]:587/?ignoreTLS=false&tls={rejectUnauthorized:true}&secure=false
port 3001
root-url http://wekan.xxx.xxx.xxx
with-api true