LDAP directory service issues

Dear all,

we are using MWS and have sucesfully configured user authentication via LDAP (we are using Active Directory in the company).
However, there are 2 problems we are currently facing:

  1. Beside of LDAP user accounts, we have some system accounts too (mostly for developers). Some of these people have same user_id/pass in the system directory as the one they have in Active Directory. The search order of directory services is set to search first within the system directory and then in the AD. When these users with same user_id/pass try to log in, they get authenticated properly using the ACL defined for system directory user, but the LDAP authentication is triggered too! If they misstype their password couple times, they can even lock their AD account…
    Also it seems, that those 2 accounts share some config folder, if users logs into the system with the other account that was used first time after the installation, MWS throws following error:

(org.apache.jackrabbit.jcr2spi.LazyItemIterator:ERROR) [RID:2478] - failed to fetch item org.apache.jackrabbit.jcr2spi.hierarchy.Pro
pertyEntryImpl@479a6705, skipping…
javax.jcr.RepositoryException: [POP.003.0025] bob cannot view the content of Bob’s Root Folder.

Any idea of how to get rid of this behavior (except for using different user ids?:wink:

  1. Users from multiple domains within the company can enter the MWS portal. User ids are unique only within the domain, so it can happen, that we will face the problem in the future, that 2 users with the same user_id will need to enter it. MWS somehow “removes” the domain from user id. Is there any way how to include it into authentication?

Thank you all in advance,