Setting sub e-groups as roles

Hello everyone,

I use the “Automatic role population from simpleSAMLphp attributes” (/admin/config/people/simplesamlphp_auth/sync) so that I can assign roles to e-groups. I use an e-group that has two members and a sub-group of members. The problem is that the system gives the role only to the two members and not to the members of the subgroup. Do you know why this happens and how I can solve it?

Kind regards,

Hi Ioannis,

I can confirm you later on, but e-groups sync just unroll first level of users.It does not unroll sub e-groups.


Ioanni in that case just map the second e-group to the same role. Then it will work just fine.


The problem was that the machine names under “Automatic role population from simpleSAMLphp attributes” were probably populated wrongly during the migration.

In my case, the “Egroup name (my-egroup-name)” was populated as egroup_name_(my-egroup-name) instead of egroup_name_my_egroup_name_, which I found out was the correct machine name.

Kind regards,