users/groups permissions

[rpaal10]

Is there any possibility to block these options by default for users or groups?

Is it possible to configure it like this by default in the config.json file for non-administrator users?
Every time I add a user (either local or ldap), I have to manually assign those permissions on each user.

thanks

[simpsonetti]

you could use "newaccountsrights" to set the permissions.
maybe have a look in sample-config-advanced.json for some examples

[rpaal10]

Thans for your reply.
I have added : "newAccountsRights": [ "nonewgroups", "notools" ],

However, it only affects local accounts. It does not work with ldap accounts.
Do you know if there is any way to configure it the same way, but for ldap accounts?

[simpsonetti]

Put it in the right "authStrategies" and it should work. I'm using saml ... and there it works.

[rpaal10]

With "authStrategies" I see references to various services (twitter, google etc.. but not for ldap)

[rpaal10]

Does anyone know how to apply this to ldap users?

[simpsonetti]

Did u try it to set in global settings?

[rpaal10]

I have tried putting the function: "newAccountsRights": [ "nonewgroups", "notools" ] inside domains

However, this only works for local accounts, not those synchronized from ldap.

I have not tried the function: "authStrategies", because I thought it was necessary to use one of the services that appear in the example.
Is this the function you are referring to? Where do you tell me to put it?

Would you be so kind as to give me an example.
Thank you very much

[rpaal10]

@simpsonetti
Could you please help me?
I don't know what you were referring to.
I don't know where you are telling me to put it (in global settings)

[simpsonetti]

i have to answer you on tuesday, i haven't here my config.
but i'm using saml with this option, so i'm not using local accounts. do you have tried to mix up this setting in you ldap config?