Trying to get a better understanding of roles & levels as a new to Ignition sysadmin on a fresh install of 8.3
Roles based on AD group membership associated with users as expected, using Classic auth in designer, system user source is AD.
Testing with 2 roles from AD groups: “Ignition Designer Login” and “Ignition Project Creator”
“Ignition Designer Login” is added to the “Designer Role(s)” list in Roles & Permissions
A new level “Ignition Project Creator” is added under Authenticated > Roles
That level is the only option selected in “Create Project Permission”
A user who does not have the “Ignition Designer Login” role assigned gets “Login failed” attempting to log in to Designer as expected.
The problem is a user who has “Ignition Designer Login” but not “Ignition Project Creator” is able to log in to Designer and create projects.