6.2.4 Notes about setting access permissions (when using a directory server for user authentication)
This subsection provides notes about creating multiple access permission groups.
If you register a user into multiple different access permission groups and grant different access permission types (roles) to that user by means of these access permission groups, the highest role takes effect for that user. Therefore, special attention is required if you will be setting multiple access permission groups for the same Operational Content. The following shows an example:
![[Figure]](GRAPHICS/ZU060910.GIF)
User1 is assigned the role of user by access permission group A and the role of editor by access permission group B. If access permission groups A and B are both set for the same Operational Content, only the definition of access permission group B that contains the higher role takes effect. Therefore, User1 can use the Operational Content as a Content Editor.