My current dilemma is restricting user creation via LDAP. We have 500+ employees and only 150 of them need access to YouTrack. We have removed the create user function from the main page, but users can still log in with their LDAP credentials.
We then set the Query the same as we do for other programs we use with LDAP integration:
We also tried this Query that we found in the forums:
Here are the results:
If user1 is part of CN youtrack will create the account with email/fullname fields filled out.
If user2 is NOT part of CN youtrack will still create the account but email/fullname fields will be empty.
Conclusion: We would like to Deny access to users not in the CN group.