fix(graph): Don't use hardcoded groupOfNames in group creation

3l0w · 3l0w · commit 97fe65dcc6ff · 2025-11-02T15:09:49.000+01:00
diff --git a/services/graph/pkg/identity/ldap_group.go b/services/graph/pkg/identity/ldap_group.go
@@ -436,7 +436,7 @@ func (i *LDAP) getGroupCreateLDAPDN(group libregraph.Group) string {
 func (i *LDAP) groupToLDAPAttrValues(group libregraph.Group) (map[string][]string, error) {
 	attrs := map[string][]string{
 		i.groupAttributeMap.name: {group.GetDisplayName()},
-		"objectClass":            {"groupOfNames", "top"},
+		"objectClass":            {i.groupObjectClass, "top"},
 		// This is a crutch to allow groups without members for LDAP servers
 		// that apply strict Schema checking. The RFCs define "member/uniqueMember"
 		// as required attribute for groupOfNames/groupOfUniqueNames. So we
