si458
commented
4 months ago just looked into this.
the New Account button actually gets hidden IF certain things are not true
QV('UserNewAccountButton', ((features & 4) == 0) && (serverinfo.domainauth == false));
domainauth is actually (domain.auth == 'sspi') so ONLY windows auth and not LDAP
IF you are happy to give a patch a try and see what happens/anything breaks
meshuser.js line 550 starts with var serverinfo = {
change domainauth: (domain.auth == 'sspi')
to domainauth: ((domain.auth == 'sspi') || (domain.auth == 'ldap'))
then restart meshcentral and see if the button vanishes but also what other options vanish
as serverinfo.domainauth is used in 4 places on the default.handlebars
Describe your issue The purpose of a domain is to control user activity. There should be no ability to create conventional users.
In this case, it gives all appearances of being able to create a new user right up until the moment the user is added. Only then are we told this is not allowed.
In my case and I am sure in the case of other LDAP admins the fact that the button spawns a user UI is evidence that adding a user this way is allowed. So I begin researching how to prevent this. I could not find anything on the subject so came back to adding the user to see what rights and abilities it had. Only then did I get the pleasure of recognizing it was not going to let me add it ie; balloon note indicating it could not be added once submitted.
It would be instant feedback to instead provide a hover / rollover on the button that provides a balloon message indicating normal users cannot be added to a domain installation or something to that effect.
I have created a video to make the problem more clear:
https://www.youtube.com/watch?v=4EYl1uuXZDo
Screenshots
Server Software (please complete the following information):