Question: I have given Goliath access to multiple Active Directory Groups. If a user is in multiple of those groups, which groups privileges will Goliath give the user?
Please review the answer that aligns to your current version of Goliath:
- Goliath Version 12.1.0.X and newer: Goliath will validate against all groups defined in Goliath. Whichever group comes last alphabetically will be what the user authenticates as. For Example, if you give "Domain Admins" full rights and then "Test Users" read only and a user is a member in both groups, and both groups are defined in Goliath, since T comes after D, Goliath will check if the user is a member of "Test Users" last and therefore since the user is a member of the group it will sign the user in with the "Test User" rights.
- Goliath Version 12.0.2.X and older: Goliath will validate against the groups in alphabetical order. For Example, if you give "Domain Admins" full rights and then "Test Users" read only and a user is a member in both groups, since D comes before T, Goliath will check if the user is a member of Domain Admins first, if so then it will stop checking other groups and just sign the user in with the domain admin rights.