Wing FTP Software

Hello,

I have some issues with LDAP authentication.

I created a local user, and mapped it to a AD test group with LDAP.

Then I changed the group mapping to a LDAP group that already had a lot of members.

The test user on AD can login, but does not get the home dir I used for the local user (D:/FTP/FTPRoot), but only the one I created as default (D:/FTP/Dummy) for the WINGFTPServer domain in LDAP Authentication settings.

So I have a few questions about LDAP authentication.

Is there a way I can check if the correct LDAP groups are retreived and applied?

Is there a limit of groups that WINGFTP server accepts from an LDAP query, or a max number of LDAP groups that can be returned when an user logs in?

If a user is a member of multiple LDAP groups, and several are mapped to local users, are the permissions merged, or is only 1 localuser profile applied, and which one will that be? The first in the list, or the last one?

Is there a limit on the length of the Distinghuished Name of the LDAP group what WingFTP server supports?

Is it possible to map serveral LDAP group to a single local user, or do they both need to be unique?

The reason I ask is that we have a multi Windows A.D. domain structure, with a lot of groups, and some users are member of multiple groups.

OK, there is no string length limitation, and you can map several LDAP groups to a single local user, WingFTP will get all the memberof LDAP groups, and then check the LDAP group mapping string, find the first matched LDAP group, and return its mapped local user, so is it clear?

Hello,

what do you exactly mean with "first matched LDAP group"? Can you explain how this is done?

For example, if LDAP user "LDAP_User_A" belongs to two LDAP groups: "LDAP_Group_A" and "LDAP_Group_B".
And you also define the LDAP group mapping like this: The first matched LDAP group is "LDAP_Group_A", and it will use the attributes of the local user "LocalUser111", so is it clear?