In Bosch VMS it is possible to assign an LDAP user group to a Bosch VMS user group.
This article describes why it is important to not assign the same LDAP user group to multiple Bosch VMS user groups.

Related Products
 

Bosch VMS

Behavior

When logging on to Bosch VMS Operator Client as LDAP user, the granted user permissions and user rights are not as expected.

Step-by-step guide

Examples:
- When logging on as LDAP user, the permissions and rights of user group "A" are granted although the permissions and rights for user group "B" were expected.
- When logging on as LDAP user, the permissions and rights of Enterprise group "A" are granted although the permissions and rights for user group "B" were expected.

Make sure that every Bosch VMS user group has an exclusively dedicated LDAP user group to avoid that unexpected user permissions and rights are granted.
 

Notes

Unexpected user permissions and user rights for LDAP users are most probably caused by invalid Bosch VMS user group settings. When setting the same LDAP user group for two different Bosch VMS user groups "A" and "B", the LDAP user will get the permissions and rights of one of the user groups, for example user group "A".
This result might be unexpected if the expected behavior was that the logged on LDAP user gets the permissions and rights of user group "B".

Note: When setting the same LDAP user group for a local Bosch VMS user group "A" and an Enterprise user group "B", the granted user permissions and user rights will always be the user permissions and user rights of Enterprise user group "B".
In this case, the user permissions and user rights of user group "A" will never apply when logging on as LDAP user.

• Associating an LDAP group (page 115)
• How to configure BVMS to connect to an LDAP and use it as a base for user authentication?