Adressbuch in Roundcube über ldap


habe roundcube auf einem extra 16.04 virtualisiert und wollte das Adressbuch per ldap auslesen.

Funktioniert alles gut, alle Benutzer und auch die Gruppen werden angezeigt aber die Gruppen sind leider leer.

Hat da jemand eine Idee? Mit folgender habe ich es versucht:

$config['ldap_public']['ldap'] = array(
  'name'          => 'Adressbuch',
  'hosts'         => array(''),
  'port'          => 389,
  'use_tls'       => false,
  'ldap_version'  => 3,       // using LDAPv3
  'writable'      => false,
  'network_timeout' => 10,    // The timeout (in seconds) for connect + bind arrempts. This is only supported in PHP >= 5.3.0 with OpenLDAP 2.x
  'user_specific' => false,   // If true the base_dn, bind_dn and bind_pass default to the users IMAP login.
  'base_dn'       => 'ou=accounts,dc=,dc=,dc=,dc=schule-bw,dc=de',
  'filter'        => '(&(mail=*)(|(&(objectClass=posixAccount)(!(cn=ExamAccount)))(objectClass=posixGroup)))',
  'search_filter'  => '(&(objectClass=posixAccount)(!(cn=ExamAccount)))',   // e.g. '(&(objectClass=posixAccount)(uid=%u))'
  'groups'            => array(
        'base_dn'         => 'ou=groups,dc=, dc=, dc=, dc=schule-bw,dc=de',     // in this Howto, the same base_dn as for the contacts is used
        'scope'     => 'sub',
        'filter'          => '(objectClass=posixGroup)',
        'object_classes'  => array("top","posixGroup"), 
        'member_attr'   => 'memberUid',  // Name of the default member attribute, e.g. uniqueMember
        'name_attr'         => 'cn',       // Attribute to be used as group name
        'member_filter'     =>  '(objectClass=*)',  // Optional filter to use when querying for group members
        'class_member_attr' => array(      // Mapping of group object class to member attribute used in these objects
             'groupofnames'       => 'memberUid',
             'groupofuniquenames' => 'memberUid',

  'fieldmap' => array(
    'name'        => 'cn',
    'surname'     => 'sn',
    'firstname'   => 'givenName',
    'email'       => 'mail',
    'notes'        => 'description',
  'sort'           => 'cn',         // The field to sort the listing by.
  'scope'          => 'sub',        // search mode: sub|base|list
  'fuzzy_search'   => true,         // server allows wildcard search
  'vlv'            => false,        // Enable Virtual List View to more efficiently fetch paginated data (if server supports it)
  'vlv_search'     => false,        // Use Virtual List View functions for autocompletion searches (if server supports it)
  'config_root_dn' => 'cn=config',  // Root DN to search config entries (e.g. vlv indexes)
  'sizelimit'      => '0',          // Enables you to limit the count of entries fetched. Setting this to 0 means no limit.
  'timelimit'      => '0',          // Sets the number of seconds how long is spend on the search. Setting this to 0 means no limit.
  'referrals'      => false,        // Sets the LDAP_OPT_REFERRALS option. Mostly used in multi-domain Active Directory setups
  'dereference'    => 0,            // Sets the LDAP_OPT_DEREF option. One of: LDAP_DEREF_NEVER, LDAP_DEREF_SEARCHING, LDAP_DEREF_FINDING, LDAP_DEREF_ALWAYS
                                    // Used where addressbook contains aliases to objects elsewhere in the LDAP tree.