I watched yesterday's webcast about LDAP integration. Due to some audio problems and limited time I wasn't able to get an exact answer for my question.
Let's say I integrate DevTest with the existing LDAP. In the LDAP I create groups that map to the DevTest roles and I put the LDAP users into the corresponding LDAP groups.
With this setup every LDAP user is in the appropriate LDAP group. And every LDAP group is mapped to a DevTest role. And every DevTest role has appropriate DevTest permissions.
So, I do NOT want to give inidividual permissions in DevTest to single users because this would scatter permission definitions in LDAP and DevTest.
I understood in the webcast that I nevertheless need to add the users (by activating "autoAddUsers" or by creating them). Is this correct? Because with the setup described I actually don't need the users in DevTest. Authentication and authorisation is done on group level.
Thanks for clarifying
You do not need to use the autoAddUsers because your LDAP users are mapped to LDAP groups that you have assigned DevTest roles to.