User profile - edit email address - possible?

Infos:

  • Used Zammad version: 4.1.x
  • Used Zammad installation type: source
  • Operating system: Ubuntu 20.04 LTS
  • Browser + version:

Same question from 2019: Users changing thier Email addresses themselfs

Expected behavior:

  • User edit it’s profile data should be able to edit the email address

Actual behavior:

  • no email address is even shown in the profile data

Steps to reproduce the behavior:

  • edit user profile as normal user

There are some fields that can be enabled/disabled regarding user_preferences in role administration but there is no email field there.

Any hint/suggestion on how to change/add that option (which modules are relevant)?
Thanks!

That’s a feature request that didn’t get much love.

Users are not allowed to edit their email addresses.
Mostly because the need seems to be rather low (You’re the first that caused the question to appear on my desk).

Please also think of this:
If I change my email address to one of your big customer one (evne if it doesn’t exist) and that customer is provided with a sharing organization I’d potentially gain access to those tickets. That’s something you don’t want to have.

First of all, thanks for responding! :wink:

OK… I get your point… and I can agree… at least partially. (As there are multitude of options HOW Zammad can be used)

If the user is “self registering” and entering a “fake/malicious” email address (which is then used for login) and the mail domain is used to automatically “attach” the user to a customer… I see the problem, Yes.

On the other hand (my situation) if all users are pulled from an (centralized, company wide) LDAP database which holds lot of (external, customer) user accounts from different organizations (but just basic user data, no emails) and the mail is not actually used for login (and the users obviously do not have ldap access)…

After some thinking… maybe a “compromise” solution? Allow agents (with sufficient privileged) to edit the user details on-the-fly when entering a ticket?

For example… entering a ticket received by phone, you select the actual user (from ldap sync) but his/hers mail is empty… and currently there is no way to edit the users email there. You have to switch to “settings/users” to edit/enter the email address - which is cumbersome and also a security problem… as there is no specific privilege to edit just some user fields through settings.

Anyway… as this seems to be a “only my problem” I’m willing to “fix/adapt” this myself… I already found some points in the source where various attributes are listed… but would like to kindly ask for some “directions” on where/how to do that… as email is not treated as an attribute (as far as I can see) but is something more deeply “linked”.

The same goes for multi ldap source sync… but that can be solved as an additional plugin and I think I’ll solve that too.

Thanks!
BR

umm…
you surely did try to search for any customer and did try out the actions on the upper right?
Please help me to understand at which point the documentation miss leads and does confuse you (as per Admin Permissions — Zammad Admin Documentation documentation look for admin.user)

The user documentation may need rework too if it’s so confusing?
https://user-docs.zammad.org/en/latest/extras/customers.html


and here we go again.
https://admin-docs.zammad.org/en/latest/system/integrations/ldap.html

Fix your ldap content mate. It’s the golden grale for us - we expect it to be the most correct version of your user data. That’s not a Zammad issue but a administrational one.

OK…

First of all, I’m sorry for not reading the docs thoroughly enough (it’s indeed written there)…
I’t not so “obvious” on the UI but after RTFM and some clicking… SORRY, it seems the mail issue is “resolved”…

Regarding the rights… I checked, yes… but there is no specific option to select individual fields for edit rights assignment (at least I did not find them), anyway… as “edit customer” seems to work… it’s OK.

[quote=“mculibrk, post:3, topic:7750”]

I saw and played with the LDAP Sync options… no issues there.
The “problem” is the LDAP is not “user” nor “agent” editable and is basically used for authorizations to various services - so just “login” - and we (agents, customers) cannot edit it directly.
So we do not sync the email field (as it’s not relevant) and edit it only in Zammad (as it copies all users to local DB)

As we’re mentioning LDAP… do you know if the bitfield search is somehow supported in Zammad?
I tried various syntax but the LDAP module insists it’s “invalid syntax” (to avoid syncing disabled users) - but I should probably post a new topic for this.

Again I’m sorry for wasting your (and others) time by not thoroughly read the DOCs

Thanks and best regards

Sorry… :wink:

I’was “confused” and did not “find” the user-edit mail because… I was looking for that option during the ticket creation.
A customer calls, I open a ticket on his/hers behalf (user is pulled from ldap, all ok, but there is no email yet) - at this time there is no option to edit the customers email
As the customer should get the email after I “confirm” the ticket - but as the user info cannot be edited, the mail is not sent - so the user newer get’s the “notification mail” for the new ticket.

After creating the ticket yes, i can edit the user details (email, which I did not found earlier because really I did not even look as the ticket is already created and the mail “sent”) and edit/change the email address… but the user will not get his/hers “ticket opening mail”

Sorry for bothering again…

Regards

SORRY again

After (a lot) of clicking I found how to edit the customer data before confirming/opening the ticket.

It seems I owe a bear or something… :blush:

Regards

I’m afraid that won’t work as you’d expect.
Zammad removes the email address as soon as it’s synching again. So in my opinion that’s not what you want. If your customers are not living inside your LDAP then this won’t be an issue. Zammad only does reset attributes of users that are originating from LDAP.

If I understand correctly Zammad should, yes - however, I’m not understanding the syntax part.
I believe you’re talking about this kind of stuff? How to Query Individual Properties of the "userAccountControl" Active Directory User property using LDAP | Microsoft Learn

If you can’t solve it by using user or group filters natively I’m afraid you can’t use your approach.

Hi!
Thanks for the feedback!

In the meantime… I found how to “solve” the email issue I had. It takes some clicking but at least it can be done.
I disabled syncing the email attribute from LDAP as it’s useless anyway.
So it’s possible to actually manually edit the email address of the user (in the Zammad DB) by editing the user “in-place” during ticket creation. It takes a few extra clicks… but it works.

Yes… that’s the official “explanation/instructions” for searching on object bit field attributes.
This part is still itching me… the thing is I cannot use “group membership” as I would like to act on “user account status” - primarily disabledAccount flag. Disabled accounts are not held in a separate group, at least not automatically.

M$ ADS allows to search for bitfields by the syntax explained in the link - but did not find a way to enter such a “construct” in Zammad. All the variants I tried resulted in “invalid syntax” reported by Zammad.

Now, that I’m thinking about it again… maybe it could be achieved by using “dynamic ad queries”… you create an “leaf/OU” in AD which will is effectively just a ldap query, so the objects listed should be the result of the query…
I have to try this… it could work.

Thanks!

The user filter in Zammad would be the exact place to run these kind of queries.
Above mentioned link of me contains a fitting query part that you can use.

This topic was automatically closed 120 days after the last reply. New replies are no longer allowed.