View what's in this topicCreating User Groups that Match LDAP Groups
Creating a user group to match existing LDAP groups is similar to creating regular groups on uStore. The main difference is that you need to name the new group following this naming convention: [Group Name Prefix].[domain controller group name].
When your store is configured to use LDAP authentication, to ensure that users who enter the store are provided the required permissions, you need to create new groups using the group name prefix that you defined when you set up the store. See LDAP authentication.
When a customer logs in to the store using LDAP credentials, uStore tries to match the user’s LDAP domain-controller groups to existing groups in uStore. Group names that are found on both uStore and the domain controller are associated with the logged in user.
For example, if John is a member of the following groups: NorthAmericaUsers, Accountant, and CarOwners, uStore tries to match the user John to these groups.
First, uStore tries to find a group named NorthAmericaUsers, if one exists, it maps John to this group. Next, uStore looks for a group named Accountant and then a group called CarOwners.
If the group name prefix is "ACME", uStore tries to match the user John to ACME.NorthAmericaUsers, then ACME.Accountant, and then ACME.CarOwners.
Note: When creating the LDAP matching groups on uStore, make sure that you use the exact group name prefix that you defined in the store setup.