[rt-users] Could the admin be blocked from setting passwords?

Thomas Sibley trs at bestpractical.com
Fri Jul 20 19:47:13 EDT 2012

On 07/20/2012 03:51 PM, Thierry Thelliez wrote:
> In some systems the admin can only reset the end user passwords.  They
> cannot know the passwords by setting it themselves.  In RT (3.8) if
> admins set the passwords, then they could log in as the user
> themselves.
> Is that possible to forbid that in RT?  I would like to avoid issues
> about who did what to a ticket.

Do your admins have Admin rights other than AdminUsers?  If so, then
they can run Perl code on the server, which means they have the ability
to impersonate users anyway.  You have to trust someone at some point.
If you can't trust your admins, maybe they shouldn't be admins...

To more directly answer your question, no, not out of the box.  It could
certainly be written as an extension.

More information about the rt-users mailing list