-
Bug
-
Resolution: Duplicate
-
Low
-
None
-
3.6.1, 3.8.0
-
None
-
Linux RHEL6, x86_64 (3.6.1)
Fedora, x86)64 (3.8.0)
When using a delegated LDAP directory, users are able to change their display name and email address in the 'manage account' section.
There's no point to allowing this, and it just confuses people - the settings will be resynced when the user logs in again (STASH-2995).
This only happens with delegated LDAP directories, not 'regular' ones.
This is similar to STASH-2978 which fixed this issue for the password setting, but not the display name/email.
- duplicates
-
-
- Closed
-
- is related to
-
-
- Closed
-
- relates to
-
-
- Closed
-
[BSERV-7332] Delegated LDAP users should not be able to change email/display name when 'copy user on login' option is enabled
Bradley Baetz
added a comment - @npellow - I am using the 'copy user on login' option We shouldn't use the same solution to STASH-4514 here. The solution to STASH-4514 lets Crowd tell us "the user can't reset their password". The solution to this may be similar: ask Crowd if the user can update their name.
Crowd do not want to expose the directory structure to us (and I think that's good), so we can't just ask "is this a delegated LDAP directory?"
To be clear: Is this only an issue when the "Copy users on login" checkbox is checked for that Delegated LDAP Directory ?
Can we use the same functionality which was introduced as part of STASH-4514 to prevent users editing profile data which will be resynced from LDAP anyway?
We're incorporating the solution for this into
STASH-2995.