This document serves as a troubleshooting reference for administrators managing Attribute-Based Access Control (ABAC).
I accidentally removed all users from a room after setting a room attribute. What should I do?
If users were unintentionally removed from a room after updating a room attribute, the attribute configuration may be incorrect.
Resolution:
Remove the incorrect attribute from the room or update it with the correct value.
Re-invite users to the room using the
/v1/groups.inviteAPI endpoint.
Why isn’t a user attribute appearing in Admin → Users → User Info?
Missing user attributes are typically caused by mapping or synchronization issues.
Resolution:
Verify that attribute mappings are correctly configured in LDAP.
Check whether the background synchronization process is running successfully.
Trigger a manual synchronization by calling the
/v1/abac/users/syncendpoint to force an attribute update.
A user was unexpectedly removed from a room after I changed a room attribute. Why did this happen?
This usually occurs when there is a mismatch between LDAP attribute mappings and the room configuration.
Resolution:
Confirm that LDAP mappings are properly configured. Remember that attribute values are case-sensitive.
In Admin → Users → User Info, verify that the capitalization and spelling of both user and room attributes match exactly.
Why didn’t my ABAC changes apply after I ran LDAP Sync Now?
The standard LDAP Sync Now action does not trigger an ABAC sync. If you changed LDAP attributes used by ABAC, run an ABAC sync or call /api/v1/abac/users/sync to refresh ABAC attributes and update room membership. Also verify that the relevant attributes are included in the ABAC attribute mapping.
Why can't I see one of the ABAC admin tabs (Settings, Room Attributes, Rooms, or Logs)?
Each ABAC admin tab is gated by its own permission. If a tab is missing, your role does not have the matching permission assigned.
Resolution:
Confirm your role has Manage ABAC configuration to see the ABAC admin area at all.
Confirm your role has the per-tab permission for the tab you need: Manage ABAC settings, Manage ABAC room attributes, Manage ABAC rooms, or View ABAC audit log.
Permissions can be reviewed and assigned at Manage → Workspace → Permissions by admins.
Why can't I edit the topic, announcement, or description of a room?
The room is ABAC-managed, and those fields are intentionally disabled in the room information edit view to prevent conflicts with ABAC policy enforcement.
Resolution:
Remove the ABAC attributes from the room at Manage → Workspace → ABAC → Rooms, then edit the fields as normal.