Thread:Extension talk:LDAP Authentication/Multiple group member ship/reply

be aware that each logged in user are in the group user and inherit all permission from this group.

I was not able to remove a permission by setting e.q.:

I was able to define different groups first after I've changed the default settings of the user group (removed all permissions except the read permission) and assigned additional permission to the new groups like:

Is that a bug or is it really as it should be?