In some systems the admin can only reset the end user passwords. They
cannot know the passwords by setting it themselves. In RT (3.8) if
admins set the passwords, then they could log in as the user
themselves.
Is that possible to forbid that in RT? I would like to avoid issues
about who did what to a ticket.
I realize that the user administration UI would have to be different
(default passwords, reset password button for the admin, ‘forgot
password’ feature for the end users,…).
Thanks,
Thierry
In some systems the admin can only reset the end user passwords. They
cannot know the passwords by setting it themselves. In RT (3.8) if
admins set the passwords, then they could log in as the user
themselves.
Is that possible to forbid that in RT? I would like to avoid issues
about who did what to a ticket.
Do your admins have Admin rights other than AdminUsers? If so, then
they can run Perl code on the server, which means they have the ability
to impersonate users anyway. You have to trust someone at some point.
If you can’t trust your admins, maybe they shouldn’t be admins…
To more directly answer your question, no, not out of the box. It could
certainly be written as an extension.