LDAPSync tool in version 24.x does not add users to their respective AE groups, despite stating that it's doing it...
This is random and occurs for different users and different groups.

After further investigation, only when launching the ldapsync in trace mode (-l TRACE) we could find the following message that explained that the user configured in ldapsync for performing the sync (on this case it was other than UC/UC user) was missing privileges:

Message from Automation Engine: id=4518 text=Missing privilege"

Ldapsync 24.x launched against AE 24.x

DE174272: ldapsync would not write an error message in case of missing privileges in the output, traces had to be enabled to figure the problem out.

Update to a fix version listed below or a newer version if available.

Fix version:
Component(s): LDAPSync

Automation.Engine 24.4.4 - Planned release March 2026

Public Title: LDAP-Sync does not write an error in case of missing privileges for the user

Public Description: A problem was fixed in LDAP-Sync: If LDAP-Sync user lacks privileges, output shows that sync was done, but in practice sync was not done. With this fix, an appropriate error message is shown in case of missing privileges for the Automic user defined in LDAP-Sync.