This page provides details of Crowd's behaviour when there is more than one directory mapped to an application.
Note: This information is relevant to only those configurations that have duplicate usernames across directories and multiple directories mapped to a single application. In most cases, you do not need to know Crowd's behaviour to the level described on this page.
In summary:
- Operations on users execute on the first user found in the list of assigned directories for an application.
- Operations on groups execute on all assigned permissible directories. This means that groups can have memberships in more than one directory.
The table below describes the behaviour of the individual operations.
Operation |
Behaviour |
|---|---|
findUserByName, findGroupByName |
Finds the first user/group by matching the desired name in the ordered list of directories mapped to the application. The match is case insensitive. |
authenticate |
Authenticates against the user returned by findUserByName. |
addUser |
Adds the user to the first directory mapped to the application that has permission to add users. |
addGroup |
Adds the group to all directories mapped to the application that have permission to add groups. |
updateUser, removeUser |
Updates/removes the user returned by findUserByName. Only operates on one directory. |
updateGroup, removeGroup |
Updates/removes the group in all directories mapped to the application in which the group exists where the application has the permissions to update/remove the group. |
searchUsers, searchGroups |
Finds the users/groups matching the search criteria by searching all directories mapped to the application. Returns an amalgamated result. |
findUserMembersOfGroup |
Finds the user members of the specific group in all directories mapped to the application. Returns an amalgamated result. |
findGroupMembershipsOfUser |
Finds the group memberships of the specified user returned by findUserByName. Only operates on one directory. |
isUserGroupMember |
Determines if the user returned by findUserByName is a member of the group in the same directory as the user. Only operates on one directory. |
addUserToGroup |
Adds the user returned by findUserByName to the group in the same directory. If the group does not exist in the directory, it is created automatically. Only operates on one directory. |
removeUserFromGroup |
Removes the user returned by findUserByName from the group. Only operates on one directory. |
RELATED TOPICS
Mapping a Directory to an Application
Specifying the Directory Order for an Application