(Originally posted on 8, January 2016)In our environment, we have enabled Single Sign-On with SAML. For the SSO provider (Okta) to push user accounts to Samanage, we have to enable the option Create users if they do not exist in Samanage. With this sort of configuration, only approved/registered users can use our portal. For that reason that there could be users from theoretically any domain, we are forced to keep the Allowed Domains list blank within Setup. Anonymous visitors cannot simply sign-up because they would fail authentication at the SSO level.
At its current state, unregistered users are able to submit tickets. Any person can send in an email to our support address - resulting in the creation of a ticket from an unregistered user. This action also creates an unwanted user account for the unknown user. Although they cannot authenticate to the portal itself, uninvited and unauthenticated users receive the automatic ticket creation reply emails and are subsequently able to reply to append notes on their unwarranted ticket. We cannot have this happen!
In short, organizations whom configure their environment to enable should not have to worry about this happening. It is a complete inefficiency to have our technicians receive tickets for unknown user accounts.
|What problem will this feature solve?:|