LDAP node - add groups to a user

SKis · March 17, 2025, 7:33pm

Hey there! How are you?
My Name is Steffen and I’m quite new to this fantastic n8n community. I try to automate an entire IT onboarding process. Creating the user from scratch or as a copy from an existing user still works. Now I’m stuck with the active directory groups.

Describe the problem/error/question

I want to copy Active Directory Groups to a newly created user with a ldap node

What is the error message (if any)?

argument must be a string (was: object)

Please share your workflow

Share the output returned by the last node

I have an array with a various amount of groups with all the CN information I need. In the meantime I know that it’s not possible to modify the “memberOf” attribute directly but to add the user to all the groups instead. How can I loop through all the items and add the user? Is it possible with the ldap node or any other?

Information on your n8n setup

n8n version: 1.82.3
Database (default: SQLite): Postgres DB
n8n EXECUTIONS_PROCESS setting (default: own, main): default
Running n8n via (Docker, npm, n8n cloud, desktop app): docker
Operating system: ubuntu 24.04

Thank you for your help and please let me know if you need more detailed information.

With best regards
Steffen

barn4k · March 17, 2025, 8:28pm

hello @SKis

according to the error message, you are trying to pass an object where only a string should be.

Can you provide some sample input data for the node (you can remove any sensitive info from it) ?

SKis · March 17, 2025, 9:46pm

Hello @barn4k ,

sure - here is some output from the node before.

"memberOf": [
"CN=GroupA,OU=Groups,OU=contoso.com,DC=contoso,DC=com",
"CN=GroupB,OU=Groups,OU=contoso.com,DC=contoso,DC=com",
"CN=GroupC,OU=Groups,OU=contoso.com,DC=contoso,DC=com"
]

Like I said, it’s an array with values. If I try to fetch a single string the following error occurs:

0000209A: SvcErr: DSID-031A1092, problem 5003 (WILL_NOT_PERFORM), data 0 Code: 0x35

This error means that you have to add the user to the groups and not the groups to the user. So I need something like a loop over a ldap node that add the user in all different groups from the array before.

** EDIT **

If I switch the DNs between user and the first group and rename the “memberOf” attribute to “member” only, I’m able to add the user to the first group. This is the way, but how can I loop?

Greets
Steffen

barn4k · March 17, 2025, 10:51pm

You can place a Split Out node to split the array

SKis · March 18, 2025, 11:48am

Hey @barn4k,

thank you for your answer and your time. I receive the following error on the last node:
0000202B: RefErr: DSID-0310084B, data 0, 1 access points ref 1: ‘contoso.com’ Code: 0xa [item 0]

But I’ve found a solution with a code-node to loop every single item. I hope this snippet helps other users with a similar problem.

Thank you and have nice day.

Greets Steffen

system · March 25, 2025, 11:49am

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.