Base

New User Accounts

Activates the register as a new customer function on the login page. If set to no only administrators or agents can create new accounts manually.

Default setting: yes

Figure showing activated "New User Accounts" setting

Deactivation of above function does not deactivate automatic account creation! This means: If a user writes e.g. an email to Zammad and has no account yet, Zammad will automatically create the account. User accounts are a direct dependency of tickets and thus technically mandatory.

Lost Password

Activates the lost password function on the login page. If set to no only administrators may change the user’s password - users may update their own password if they’re still logged in and they have the required permission.

Default setting: yes

Figure showing activated "Lost Password" setting

Tip

With third party authentications - but especially LDAP - you may want to disable this function. Zammad will not change third party login passwords and instead set or change the local password!

Password Login

Activates the username & password login by default and if no third-party login is activated. Disabling password login on the Zammad login page only takes effect if you enable any Third-Party Applications.

See Third-Party Applications for supported third-party logins.

Default setting: yes

Figure showing de-activated "Password Login" setting

Hint

To help administrators to overcome “login issues”, Zammad automatically offers a password request for administrator users. This allows you to adjust Third-Party applications even if the login does no longer work!

Session Timeout

All settings below by default are set to 4 weeks. Session Timeout defines the life time of a users session. As soon as it’s reached, Zammad will automatically log off the session in question.

Zammad takes the highest value set assigned for the user based on the permissions.

  1. admin

  2. ticket.agent

  3. ticket.customer

  4. default (fallback if user doesn’t have above permissions set)

All settings act independently from each other allowing you to disable the timeouts for e.g. admins, but not agents.

Example
Let’s suppose you configured the following session timeouts
  • default: 3 weeks

  • admin: 2 weeks

  • ticket.agent: 4 weeks

  • ticket.customer: 1 week

This results in the following situations
  • a user with admin permission will have a timeout of 2 weeks

  • a user with admin and ticket.agent permissions will have a timeout of 2 weeks

  • a user with ticket.customer permission will have a timeout of 1 week

  • a user with neither admin, ticket.agent nor ticket.customer permissions will have a timeout of 3 weeks