Unable to modify group membership

[sniper9191]

I am connecting LAM to Active Directory. In AD, I am the "manager" of a group (ABC), with "manager can update membership list" setting enabled.

However, when I try to add members to ABC group via LAM, it gives me the following error - Was unable to modify attributes of DN...... LDAP error, server says: Insufficiant access - 00002098: SecErr: DSID-031514A0, problem 4003 (INSUFF_ACCESS_RIGHTS)

Yet, if I try to add members via PowerShell (Add-ADGroupMember), it works just fine.

If I grant myself full access over the ABC group, I am able to add members via LAM.

1. What specific permission is required by LAM to add members to a group in AD? (as manager of the group, I already have "write members" permissions but it didn't work)
2. Is LAM somehow doing it "wrongly" such that the "correct" permissions didn't work?

[gruberroland]

Please set LAM's log level to "Debug": https://www.ldap-account-manager.org/static/doc/manual/ch03.html#conf_logging

You should see now the LDAP attributes that are changed. Maybe more than just the membership is updated.