Allow login only to users in specific AD groups (white list)
Any user that knows the Octopus portal URL can log into Octopus, which will create them a user on the Octopus DB and add them to the "Everyone" group, create entries on the Audit log, etc.
Even though the user won't have any privileges out of the box, implementing a white list system to only allow people in specific AD groups to login would be something good.
Oh, and please allow 1 group for Admins, another for Users. Like how Atlassian Bamboo does that.
Yes please, definitely makes sense for us to be able to whitelist by group.
One problem in some other implementations is the group access isn't recursive.
e.g., "Octopus Admin (group)", has members "Developer (group)", which has member "Stephen (User)"
So please allow us to configure like this by recursing down all the group memberships until you find the Users
This would be a fantastic feature. Most applications that integrate with Active Directory or LDAP let you scope down to a specific OU or security group that a user must be a part of in order to have any access at all.