I've been struggling with an LDAP implementation of 5.2.1 for a bit now (just check the forums 
) and I'm starting to wonder if I'm misunderstanding how an LDAP implementation is supposed to work. So here's the question - when you turn on LDAP authentication and a new user tries to sign in, which scenario below is correct (or is it a third option)?
1) If the user tries to sign in for the first time with their LDAP email and password, the system will check to see if that person exists in the LDAP environment, checks the password, and if it finds a match, check the local database, see if they have an account, and if they don't, create an account for them?
- or -
2) If the user tries to sign in for the first time, they have to use the "create an account" function, which will then check the LDAP environment to see if they're using a valid email/password, and if so, allow the account creation to continue?
Thanks...
) and I'm starting to wonder if I'm misunderstanding how an LDAP implementation is supposed to work. So here's the question - when you turn on LDAP authentication and a new user tries to sign in, which scenario below is correct (or is it a third option)?1) If the user tries to sign in for the first time with their LDAP email and password, the system will check to see if that person exists in the LDAP environment, checks the password, and if it finds a match, check the local database, see if they have an account, and if they don't, create an account for them?
- or -
2) If the user tries to sign in for the first time, they have to use the "create an account" function, which will then check the LDAP environment to see if they're using a valid email/password, and if so, allow the account creation to continue?
Thanks...