Subject Howto use Active Directory for authentication?
Author ainpoissee

I have been asked to use Active Directory for authorization of users of an app which uses Firebird. I'm total newbie when it comes to AD so I have some questions...

First, do I understand it right that in order to use AD the Firebird server must be installed onto the domain controller server? Or is it possible to use Linux as a DB server and still use AD for user authorization? Or some other win server than the DC server?

Second, user managment, how do you associate user with a role? I assume admin must issue
GRANT rolename TO SRV\usrname;
for each user and then when connecting this role is automatically used (ie no need to specify role when connecting when using AD to auth users). Is this correct? What happens when user has been granted multiple roles?

Third, how to use AD with UIB components. The README.trusted_authentication.txt says
"To use Windows trusted authentication, do not put user and password parameters in DPB/SPB."
I assume just leaving TUIBDatabase's Username and Password properties empty when connecting will trigger trusted authentication (assuming FB is configured to use AD)?

BTW using Firebird 2.5, app is writen in Delphi 2010.