New users are not created in a newly LDAP integrated on-premise 2.0+ platform.
This can be caused when the bind DN user does not have sufficient permissions to perform a dir sync. The bind DN user must either be a domain admin or have the Replicating Directory Changes permissions in active directory.
In order to verify the cause, you can inspect the docker logs as follows:
$ docker ps | grep replicated_replicated.1
0df94ce4fb5d replicated/replicated:stable-2.49.0 "/usr/bin/entrypoint…" 6 weeks ago Up 6 weeks 9874/tcp, 9876-9877/tcp, 9879/tcp replicated_replicated.1.n1nul7swhvc2uvsit33kim3vi
Take the container ID from your output as highlighted above, and use it for the following command:
$ docker logs 0df94ce4fb5d 2>&1 | grep "dir sync: LDAP Result Code 50"
If the following output is seen, then the bind DN user does not have the necessary access:
WARN 2021-03-30T17:22:08+00:00 identity/sync.go:170 Failed to sync identity source for config host=server.company.com, dn=dc=users,dc=company,dc=com: active directory: dir sync: LDAP Result Code 50 "Insufficient Access Rights": 00002105: LdapErr: DSID-0C09098A, comment: Error processing control, data 0, v4563
Perform one of the following actions:
keywords: agile central Insufficient Access Rights