LDAP login leaks information to all users


(using LDAP user and group backend app)

Lets say we have 3 users and 2 groups. Lets call the two groups A and B.

Lets say the three users are Mark, Ben and Nancy. Mark and Ben are on group A. Ben and Nancy are on group B

When Mark hovers on the user icon on the top right corner, the system should list only users in Mark’s group. That is, group A. Mark should not be able to see users on group B for security reason. The only person who should have access to both group in this case is Ben, who would see Mark and Nancy.

At the moment, all users are able to see all members in all the groups. Is there a way I can configure it to be more selective? I used these instructions.