diff --git a/app/routers/auth.py b/app/routers/auth.py
index d08b4ee..e07f9a1 100644
--- a/app/routers/auth.py
+++ b/app/routers/auth.py
@@ -47,17 +47,17 @@ async def login(request: Request, username: str = Form(...), password: str = For
                 log_login_failed(db, request, username)
                 db.commit()
                 return err_template(result.get("msg") or "Authentification LDAP echouee")
-            # Cree l'user en local avec role par defaut
-            default_role = result.get("default_role", "operator")
+            # Cree l'user DESACTIVE + sans permissions. Admin doit l'activer + permissionner.
+            default_role = result.get("default_role", "viewer")
             db.execute(text("""
                 INSERT INTO users (username, email, full_name, role, is_active, auth_type, password_hash)
-                VALUES (:u, :e, :n, :r, true, 'ldap', '')
+                VALUES (:u, :e, :n, :r, false, 'ldap', '')
             """), {"u": username, "e": result.get("email", ""),
                    "n": result.get("name", username), "r": default_role})
             db.commit()
-            row = db.execute(text("SELECT id, username, password_hash, role, is_active, auth_type FROM users WHERE LOWER(username)=LOWER(:u)"),
-                             {"u": username}).fetchone()
-            ok = True
+            log_login_failed(db, request, username)  # trace de l'auto-creation
+            db.commit()
+            return err_template("Compte cree mais en attente d'activation par un administrateur")
         elif not row:
             log_login_failed(db, request, username)
             db.commit()