NT Authorisation fails in 3.0.1 - bug or incorrect configuration?

I have enabled NT Authentication for TeamCity 3.0.1 (Enterprise) with the following changes in main-config.xml

<auth-type>
<login-module />
<login-description>Welcome to TeamCity</login-description>
<guest-login allowed="false" guest-username="guest" />
<free-registration allowed="false" />
</auth-type>

When trying to log in without specifying a domain, I get a login error as I should.

If I log in as a domain user I get logged on and a new account is created for me. The problem is that I can specify any domain and/or any username, I can still log on and create an account. The NTDomainLoginModule doesn't seem to do any authentication except matching domain\+username+. Because of this, we are unable to restrict who can log on to the system.

Also, if someone who have already registered and configured their account type in a wrong username/domain, they will get a new unconfigured account which can result in some confusion.

I have so far configured a new role with no permissions and set it as the default role for new user. At least in that way I can restrict consultants and other users from seeing projects they are not supposed to be able to view.

I have installed TeamCity 3.0.1 on a Windows 2003 Server. The server is a member of the domain.

The problem I am experiencing; is it something missing in my configuration, or is it a bug?

Best regards
Bjørnar Sundsbø

Message was edited by:
Bjørnar Sundsbø

1 comment

See http://www.jetbrains.net/jira/browse/TW-4198 for further discussion of the issue.

--
Best regards,

Yegor Yarko
Project Manager
JetBrains, Inc
http://www.jetbrains.com
"Develop with pleasure!"

0

Please sign in to leave a comment.