diff --git a/domain-server/src/DomainServerSettingsManager.cpp b/domain-server/src/DomainServerSettingsManager.cpp
index 87803895a9..ff38af6ad9 100644
--- a/domain-server/src/DomainServerSettingsManager.cpp
+++ b/domain-server/src/DomainServerSettingsManager.cpp
@@ -242,7 +242,7 @@ void DomainServerSettingsManager::setupConfigMap(const QStringList& argumentList
             }
 
             QList<QHash<QString, NodePermissionsPointer>> permissionsSets;
-            permissionsSets << _standardAgentPermissions << _agentPermissions;
+            permissionsSets << _standardAgentPermissions.get() << _agentPermissions.get();
             foreach (auto permissionsSet, permissionsSets) {
                 foreach (QString userName, permissionsSet.keys()) {
                     if (onlyEditorsAreRezzers) {
@@ -268,7 +268,7 @@ void DomainServerSettingsManager::setupConfigMap(const QStringList& argumentList
 }
 
 void DomainServerSettingsManager::packPermissionsForMap(QString mapName,
-                                                        QHash<QString, NodePermissionsPointer> agentPermissions,
+                                                        NodePermissionsMap& agentPermissions,
                                                         QString keyPath) {
     // find (or create) the "security" section of the settings map
     QVariant* security = valueForKeyPath(_configMap.getUserConfig(), "security");
@@ -410,7 +410,7 @@ void DomainServerSettingsManager::unpackPermissions() {
     #ifdef WANT_DEBUG
     qDebug() << "--------------- permissions ---------------------";
     QList<QHash<QString, NodePermissionsPointer>> permissionsSets;
-    permissionsSets << _standardAgentPermissions << _agentPermissions << _groupPermissions;
+    permissionsSets << _standardAgentPermissions.get() << _agentPermissions.get() << _groupPermissions.get();
     foreach (auto permissionSet, permissionsSets) {
         QHashIterator<QString, NodePermissionsPointer> i(permissionSet);
         while (i.hasNext()) {
diff --git a/domain-server/src/DomainServerSettingsManager.h b/domain-server/src/DomainServerSettingsManager.h
index ca9973ba5d..a438e1160a 100644
--- a/domain-server/src/DomainServerSettingsManager.h
+++ b/domain-server/src/DomainServerSettingsManager.h
@@ -79,12 +79,11 @@ private:
     void requestMissingGroupIDs();
     void getGroupID(const QString& groupname);
 
-    void packPermissionsForMap(QString mapName, QHash<QString, NodePermissionsPointer> agentPermissions, QString keyPath);
+    void packPermissionsForMap(QString mapName, NodePermissionsMap& agentPermissions, QString keyPath);
     void packPermissions();
     void unpackPermissions();
-    QHash<QString, NodePermissionsPointer> _standardAgentPermissions; // anonymous, logged-in, localhost
-    QHash<QString, NodePermissionsPointer> _agentPermissions; // specific account-names
-    QHash<QString, NodePermissionsPointer> _groupPermissions; // groups
+    NodePermissionsMap _standardAgentPermissions; // anonymous, logged-in, localhost
+    NodePermissionsMap _agentPermissions; // specific account-names
 };
 
 #endif // hifi_DomainServerSettingsManager_h
diff --git a/libraries/networking/src/NodePermissions.h b/libraries/networking/src/NodePermissions.h
index 9c8f4ace44..b906ab6f12 100644
--- a/libraries/networking/src/NodePermissions.h
+++ b/libraries/networking/src/NodePermissions.h
@@ -24,13 +24,21 @@ using NodePermissionsPointer = std::shared_ptr<NodePermissions>;
 class NodePermissions {
 public:
     NodePermissions() { _id = QUuid::createUuid().toString(); }
-    NodePermissions(const QString& name) { _id = name; }
-    NodePermissions(QMap<QString, QVariant> perms);
+    NodePermissions(const QString& name) { _id = name.toLower(); }
+    NodePermissions(QMap<QString, QVariant> perms) {
+        _id = perms["permissions_id"].toString().toLower();
+        canConnectToDomain = perms["id_can_connect"].toBool();
+        canAdjustLocks = perms["id_can_adjust_locks"].toBool();
+        canRezPermanentEntities = perms["id_can_rez"].toBool();
+        canRezTemporaryEntities = perms["id_can_rez_tmp"].toBool();
+        canWriteToAssetServer = perms["id_can_write_to_asset_server"].toBool();
+        canConnectPastMaxCapacity = perms["id_can_connect_past_max_capacity"].toBool();
+    }
 
     QString getID() const { return _id; }
 
     // the _id member isn't authenticated and _username is.
-    void setUserName(QString userName) { _userName = userName; }
+    void setUserName(QString userName) { _userName = userName.toLower(); }
     QString getUserName() { return _userName; }
 
     void setGroupID(QUuid groupID) { _groupID = groupID; _groupIDSet = true; }
@@ -70,6 +78,23 @@ protected:
     QUuid _groupID;
 };
 
+
+// wrap QHash in a class that forces all keys to be lowercase
+class NodePermissionsMap {
+public:
+    NodePermissionsMap() { }
+    NodePermissionsPointer& operator[](const QString& key) { return _data[key.toLower()]; }
+    NodePermissionsPointer operator[](const QString& key) const { return _data.value(key.toLower()); }
+    bool contains(const QString& key) const { return _data.contains(key.toLower()); }
+    QList<QString> keys() const { return _data.keys(); }
+    QHash<QString, NodePermissionsPointer> get() { return _data; }
+    void clear() { _data.clear(); }
+
+private:
+    QHash<QString, NodePermissionsPointer> _data;
+};
+
+
 const NodePermissions DEFAULT_AGENT_PERMISSIONS;
 
 QDebug operator<<(QDebug debug, const NodePermissions& perms);