Maping ROLES in rocket chat from group in Active Directory


Hi to all. Who know, how to map this roles :

  • moderator
  • leader
  • owner
    with Active Directory group’s?
    With admin and user roles all fine.


I’m not sure exactly how well you can map them all.

There have been other threads here on LDAP/AD mapping so please have a search.

Also I believe there are more advanced LDAP/AD features in the EE edition but I am not sure which. I need to check.

Hi John. So any update about this issue?

I’ve asked for some info - I’ll try and let you know soonest.

I have studied all the possible documentation that relates to integration with active directory.
From what I’ve learned that there are two role scopes. global and room.
it was the room scope of roles that caused me only questions to which there are no answers in the documentation)
There is a logical suspicion that to map roles different from the user and admin roles, we need to create our own role in the global scope of roles and map this role to the group in active directory. But this is just a guess.

One of the devs is having a look at this and I hope will give some advice in due course.

So I hope this vaguely explains it!

that’s correct, LDAP only assigns global roles.
It’s not something done deliberately, just a consequence of how our roles work
Global roles are stored on the user data, room roles are stored on the user x room relationship - when role syncing was implemented on ldap it simply synced with the user data