Hi,

Currently the HVR/LDP 6.1.0 product supports the integration/authentication of Active Directory users via Linux PAM integration, based on named users.

However it would be a great added value if authentication would be supported based on Active Directory group membership.  In HVR/LDP the admin should be able to add AD groups and define permissions for those groups.

The end user would be able, in case of the new feature, to login to the HVR/LDP admin console with his personal AD user/account and would receive the permissions based on his individual group membership and the group permission rights defined in HVR/LDP.

This feature would avoid each individual user to be added to each hub since we in most cases just want to grant the ReadExec privilege to the individual users. Instead, the new feature would give us the option to add a "AD_<hvrserver>_<hub>_readonly_group to each hub. Last, as soon as a user is a member of the corresponding group, he/she would be granted the privilege.

Kind regards,
Ivan