For directory users, determination of the default role is more complex:
- All external roles mapped to the directory user are enabled.
- If the directory user is not mapped to any roles, but mapped to a permanent database user, the default role for the mapped permanent user is enabled.
- If the directory user is not mapped to either database roles or users, the directory user has PUBLIC privileges.
- If you drop an external role while directory users are logged on, the logged on users with that role immediately lose the privileges granted to the role.