Adding external (non-AD) users to AD-synced groups

Dear community

We are using Nextcloud (ver. 22) with external storage and LDAP.
Our internal users are snyced with the AD. The groups are also synced.

Now when adding a new user (external, not AD-synced), I cannot add them to one of the AD-synced groups. Goal is to add external users to AD-synced groups but without actually adding the users to the AD. I have a user that wants to create external users within his group and manage them.

Is there a way to “virtually” add the users to the AD-synced groups? I do not want to create the users in the AD (there is the possibility with the additional app “Write support for LDAP”). I also do not want to create separate groups as it comes with too much administrational effort.

An idea would be to create an additional group “SG_abc_EX” an add permission to the predefined structure so that the user can add external users and manage the external groups.

Do you have any experience with this use case? Do you have any ideas or optimization suggestions for me?

Thanks! :slight_smile: