we are using rancher LDAP getting information for group of the users by a group branch in LDAP (users are not set with "memberOf" in the inetOrgPerson there is only the menber attribute in the groupOfNames); RBACK organized to assign visibility to namespaces based on group of the logged user; user can login correctly, kubectl works (using rancher cli to get have the user login), but the Rancher UI seems to keep the session of the last user and the next one gets the "visibility" of the last logged user; RBACK still apply correctly since he cannot see anything, is like there is some cache in what rancher UI show to the logged user or like it messes with web sessions.