Hi,

We've got Foreman backed by our LDAP server for authentication. Users who log in for the first time automatically get a Foreman account. We have two roles: Administrator and RO (Read Only - may be an idea to ship by default as well?). In practice this means that besides our three admins, all users will have to get the RO role. For that purpose it would be great if Foreman provided some sort of option to specify a 'default role' that allows foreman to assign that particular role to all users that log in for the first time using their LDAP account.

Fyi, currently, we have our users log in first. There they're shown that they do not have any rights. Then they have to contact an admin, who can in turn assign the RO role to that user. Although it works, it's a little cumbersome, and I think it would for many be a great feature to have.

Thank you for foreman and the efforts put into it.

Dolf
-- Freeaqingme