|
|
|
When the LDAP_APPLICATION_ID option is used, FairCom DB checks the ISAM and SQL group membership (if those configurations enabled) after authenticating the application ID and before authenticating the user ID. This is done because the user ID might not have been assigned the permissions needed to check group membership. LDAP_GROUP_CHECK is performed in the context of the LDAP application ID. This is consistent with what is done for the LDAP_ISAM_ALLOWED_GROUP and LDAP_SQL_ALLOWED_GROUP options.
When LDAP_APPLICATION_ID is not specified the current user ID is used for lookup.
See also:
