This page provides details of Crowd's behaviour when there is more than one directory mapped to an application.

Note: This information is relevant to only those configurations that have duplicate usernames across directories and multiple directories mapped to a single application. In most cases, you do not need to know Crowd's behaviour to the level described on this page.

In summary:

  • Operations on users execute on the first user found in the list of assigned directories for an application.
  • Operations on groups execute on all assigned permissible directories. This means that groups can have memberships in more than one directory.

The table below describes the behaviour of the individual operations.

Operation

Behaviour

findUserByName, findGroupByName

Finds the first user/group by matching the desired name in the ordered list of directories mapped to the application. The match is case insensitive.

authenticate

Authenticates against the user returned by findUserByName.

addUser

Adds the user to the first directory mapped to the application that has permission to add users.

addGroup

Adds the group to all directories mapped to the application that have permission to add groups.

updateUser, removeUser

Updates/removes the user returned by findUserByName. Only operates on one directory.

updateGroup, removeGroup

Updates/removes the group in all directories mapped to the application in which the group exists where the application has the permissions to update/remove the group.

searchUsers, searchGroups

Finds the users/groups matching the search criteria by searching all directories mapped to the application. Returns an amalgamated result.

findUserMembersOfGroup

Finds the user members of the specific group in all directories mapped to the application. Returns an amalgamated result.

findGroupMembershipsOfUser

Finds the group memberships of the specified user returned by findUserByName. Only operates on one directory.

isUserGroupMember

Determines if the user returned by findUserByName is a member of the group in the same directory as the user. Only operates on one directory.

addUserToGroup

Adds the user returned by findUserByName to the group in the same directory. If the group does not exist in the directory, it is created automatically. Only operates on one directory.

removeUserFromGroup

Removes the user returned by findUserByName from the group. Only operates on one directory.

RELATED TOPICS

Mapping a Directory to an Application
Specifying the Directory Order for an Application

  • No labels