Problem
You notice that the portal doesn’t show all portal tiles anymore.
The portal tiles are configured to be visible only by specific group members.
Investigation
In the file /var/cache/univention-portal/groups.json you notice that users are missing groups, e.g.:
"exampleuser": [
"cn=examplegroup,cn=groups,ou=exampleou,dc=school,dc=de"
],
but the user is actually in more groups than only this one! Even the Domain Users group is missing for the exampleuser, which is really suspicious.
You might try to rebuild the ldap cache and portal cache:
/usr/share/univention-group-membership-cache/univention-ldap-cache rebuild
/usr/sbin/univention-portal update --reason ldap:group
In this case this didn’t work though. The ldap cache was correct, and the portal cache could be triggered, but always built the groups.json with the missing groups for some users.
Solution
In this case, groups had duplicate uniqueMember entries:
dn: cn=examplegroup2,cn=groups,ou=exampleou,dc=school,dc=de
uniqueMember: uid=exampleuser,cn=admins,cn=users,ou=exampleou,dc=school,dc=de
uniqueMember: uid=exampleuser,cn=admins,cn=users,ou=exampleou,dc=school,dc=de
So remove the duplicate entry from group that have those, and the portal group cache should be built correctly again.