I have enabled NT Authentication for TeamCity 3.0.1 (Enterprise) with the following changes in main-config.xml
<login-description>Welcome to TeamCity</login-description>
<guest-login allowed="false" guest-username="guest" />
<free-registration allowed="false" />
When trying to log in without specifying a domain, I get a login error as I should.
If I log in as a domain user I get logged on and a new account is created for me. The problem is that I can specify any domain and/or any username, I can still log on and create an account. The NTDomainLoginModule doesn't seem to do any authentication except matching domain\+username+. Because of this, we are unable to restrict who can log on to the system.
Also, if someone who have already registered and configured their account type in a wrong username/domain, they will get a new unconfigured account which can result in some confusion.
I have so far configured a new role with no permissions and set it as the default role for new user. At least in that way I can restrict consultants and other users from seeing projects they are not supposed to be able to view.
I have installed TeamCity 3.0.1 on a Windows 2003 Server. The server is a member of the domain.
The problem I am experiencing; is it something missing in my configuration, or is it a bug?
Message was edited by: