Description
My instance of RC imports users from dedicated group of Active Directory.
Users are mapped to guests or users according their membership in AD.
Manual registration is turned off.
Everything ok.
Then I set up RC to use Keycloak as custom OAuth and see that RC is registering users that were not imported from AD.
I’ve found settings in Accounts → Registration:
Registration with Authentication Services - is ignored for custom OAuth
Default Roles for Authentication Services - users, created with custom OAuth respect this setting.
So now I’ve set them to be created as guests. But I think that “Registration with Authentication Services” setting should be respected by custom OAuth. And may be it should be turned off by default.
Server Setup Information
- Version of Rocket.Chat Server: 3.9.7
- Operating System: Ubuntu 18
- Deployment Method: SNAP