We recommend reviewing what is submitted before posting, in case your idea has already been submitted by another community member. If it has been submitted, vote for that existing feature request (by clicking the up arrow) to increase its opportunity of being added to Cireson solutions.
For more information around feature requests in the Cireson Community click here.
Allow LDAP filter for users not allowed to reset passwords
Many organizations have service accounts of different names, locations, types etc. and they may not all be a member of a security group.
To allow for multiple rules, it would be a good feature to be able to provide an LDAP query that filters out all accounts of a given type, naming convention, group membership etc. that would not be limited to a specific AD Group.
This could be provided in one of two ways:
- An LDAP query to list all accounts that are ALLOWED to reset their passwords. (Opt In option)
- An LDAP query to list all accounts that are DISALLOWED to reset their passwords. (Opt Out option)