The original requirement has been superseded by changes made to Alfresco Cloud which essentially prevent users signing up themselves; however there is one exception:
When a customer has an account and a user who is not currently a user initiates a password reset they are sent an email which contains a link to create an account.
- Click Forgot password?
- Enter an email address that is not currently a user of Cloud (note the @domain.com must be a registered network!).
- Receive an email
Result: the email address is sent a link which enables them to create themselves on their organisations Cloud account outside of any administrator control.
Expected result: users should not be able to create themselves accounts on customer networks via the forgotten password 'back door'.
And insert this replacement text: Either contact your administrator to be added as a user or Log In With A Different Email.
The automatic assignment of an user who signs up with an email address of the same network domain causes trouble for some customer.
Feature to restrict/control access to a Alfresco Cloud network on per user basis is requested, i.e an approval process to grant access
could be a solution.
[Steps to reproduce]:
No steps to produce. Use case - scenario:
1.) Customer has about 340 000 Employee across 30 countries. Each country is an independent organisation.
If for example the Belgium branch subscribes to Alfresco Cloud only employees of that particular branch should get access to the service.
2.) Actually and as per the case description:
Network admin observes an abuse of the service. Employees from other branches across the world had already an account in their Alfresco Cloud network and have been added automatically to. In fact, they shouldn't be added because customer has just signed up for 10 accounts and dedicated them to the Belgium branch.
User with an email address of the same network domain
[Analysis to date]:
Ways to solve this at the Admin level of a network - I can think of:
1) Set up a workflow to request validation from the Admin for each user
2) Set a network as "Restricted" in order to let the Administrator choose who should join this (This one could be great but would require more development)
3) Be able to disable an account
4) Be able to set a user as external user even if he has an email within the company