Base

New User Accounts

Activates the Register as a new customer function on the login page. If set to no, only administrators or agents can create new accounts manually.

Default: yes

Figure showing activated "New User Accounts" setting

Deactivation of above function does not deactivate automatic account creation! This means: If a user writes e.g. an email to Zammad and has no account yet, Zammad will automatically create the account. User accounts are a direct dependency of tickets and thus technically mandatory.

Lost Password

Activates the Forgot password? and You can request your password here. function on the login page. If set to no, only administrators may change the user’s password - users may update their own password if they’re still logged in and they have the required permission.

Default: yes

Figure showing activated "Lost Password" setting

Tip

With third party authentications - but especially LDAP - you may want to disable this function. Zammad will not change third party login passwords and instead set or change the local password!

Password Login

Username & password login is enabled by default. If you set it to no, make sure to configure a Third-Party Applications login. Otherwise, the login via username and password is still enabled. The login screen without username and password login can look like in the screenshot.

Default: yes

Figure showing de-activated "Password Login" setting

Hint

To help administrators to overcome login issues, Zammad automatically offers a password request for administrator users as you can see in the screenshot above. This allows you to adjust third-party applications, even if the login doesn’t work.

Session Timeout

All settings below by default are set to 4 weeks. Session Timeout defines the life time of a users session. As soon as it’s reached, Zammad will automatically log off the session in question.

Zammad takes the highest value assigned for the user based on the permissions.

  1. admin

  2. ticket.agent

  3. ticket.customer

  4. default (fallback if user doesn’t have above permissions set)

All settings act independently from each other allowing you to disable the timeouts for e.g. admins, but not agents.

Example

Let’s suppose you configured the following session timeouts:

  • Default: 3 weeks

  • Admin: 2 weeks

  • Ticket.agent: 4 weeks

  • Ticket.customer: 1 week

This results in the following situations:

  • A user with admin permission will have a timeout of 2 weeks

  • A user with admin and ticket.agent permissions will have a timeout of 2 weeks

  • A user with ticket.customer permission will have a timeout of 1 week

  • A user with neither admin, ticket.agent nor ticket.customer permissions will have a timeout of 3 weeks