We are currently considering a switch from Rhodecode 1.6.0 to Kallithea 0.1.
I set up LDAP plugin. I went in Admin -> Permissions and set "External auth account activation" to "Manual activation of external account"
I log in with an Active Directory user that does not exist in the database yet and it goes to the main page. In Rhodecode 1.6.0 it would have stayed in the login page until an Administrator had activated the newly created account.
This could allow access to repositories to users in our company that have Active Directory accounts but are not allowed to see the code.
I set up default permissions to None, but it would be better to have users deactivated by default.
I tried the same scenario with an installation of kallithea using the latest changeset in default branch at the time of writing (bfc304687f1cb11b243f2bd157f7e782f50d196f).
Thank you very much for any help