diff --git a/kallithea/lib/auth_modules/__init__.py b/kallithea/lib/auth_modules/__init__.py
--- a/kallithea/lib/auth_modules/__init__.py
+++ b/kallithea/lib/auth_modules/__init__.py
@@ -55,8 +55,6 @@ class KallitheaAuthPluginBase(object):
         "extern_name": "name in external source of record",
         "admin": 'True|False defines if user should be Kallithea admin',
         "active": 'True|False defines active state of user in Kallithea',
-        "active_from_extern": "True|False|None, active state from the external auth, "
-                              "None means use value from the auth plugin"
     }
 
     @property
@@ -257,18 +255,6 @@ class KallitheaExternalAuthPlugin(Kallit
         user_data = super(KallitheaExternalAuthPlugin, self)._authenticate(
             userobj, username, passwd, settings, **kwargs)
         if user_data is not None:
-            # maybe plugin will clean the username ?
-            # we should use the return value
-            username = user_data['username']
-            # if user is not active from our extern type we should fail to auth
-            # this can prevent from creating users in Kallithea when using
-            # external authentication, but if it's inactive user we shouldn't
-            # create that user anyway
-            if user_data['active_from_extern'] is False:
-                log.warning("User %s authenticated against %s, but is inactive",
-                            username, self.__module__)
-                return None
-
             if self.use_fake_password():
                 # Randomize the PW because we don't need it, but don't want
                 # them blank either
@@ -277,7 +263,7 @@ class KallitheaExternalAuthPlugin(Kallit
             log.debug('Updating or creating user info from %s plugin',
                       self.name)
             user = UserModel().create_or_update(
-                username=username,
+                username=user_data['username'],
                 password=passwd,
                 email=user_data["email"],
                 firstname=user_data["firstname"],
diff --git a/kallithea/lib/auth_modules/auth_container.py b/kallithea/lib/auth_modules/auth_container.py
--- a/kallithea/lib/auth_modules/auth_container.py
+++ b/kallithea/lib/auth_modules/auth_container.py
@@ -208,7 +208,6 @@ class KallitheaAuthPlugin(auth_modules.K
             'email': email or '',
             'admin': admin or False,
             'active': active,
-            'active_from_extern': True,
             'extern_name': username,
         }
 
diff --git a/kallithea/lib/auth_modules/auth_crowd.py b/kallithea/lib/auth_modules/auth_crowd.py
--- a/kallithea/lib/auth_modules/auth_crowd.py
+++ b/kallithea/lib/auth_modules/auth_crowd.py
@@ -218,6 +218,11 @@ class KallitheaAuthPlugin(auth_modules.K
         crowd_user = server.user_auth(username, password)
         log.debug("Crowd returned: \n%s", formatted_json(crowd_user))
         if not crowd_user["status"]:
+            log.error('Crowd authentication as %s returned no status', username)
+            return None
+
+        if not crowd_user.get('active'):
+            log.error('Crowd authentication as %s returned in-active user', username)
             return None
 
         res = server.user_groups(crowd_user["name"])
@@ -239,7 +244,6 @@ class KallitheaAuthPlugin(auth_modules.K
             'email': crowd_user["email"] or email,
             'admin': admin,
             'active': active,
-            'active_from_extern': crowd_user.get('active'), # ???
             'extern_name': crowd_user["name"],
         }
 
diff --git a/kallithea/lib/auth_modules/auth_internal.py b/kallithea/lib/auth_modules/auth_internal.py
--- a/kallithea/lib/auth_modules/auth_internal.py
+++ b/kallithea/lib/auth_modules/auth_internal.py
@@ -79,7 +79,6 @@ class KallitheaAuthPlugin(auth_modules.K
             "email": userobj.email,
             "admin": userobj.admin,
             "active": userobj.active,
-            "active_from_extern": userobj.active,
             "extern_name": userobj.user_id,
         }
 
diff --git a/kallithea/lib/auth_modules/auth_ldap.py b/kallithea/lib/auth_modules/auth_ldap.py
--- a/kallithea/lib/auth_modules/auth_ldap.py
+++ b/kallithea/lib/auth_modules/auth_ldap.py
@@ -352,7 +352,6 @@ class KallitheaAuthPlugin(auth_modules.K
                 'email': get_ldap_attr('attr_email') or email,
                 'admin': admin,
                 'active': active,
-                "active_from_extern": None,
                 'extern_name': user_dn,
             }
             log.info('user %s authenticated correctly', user_data['username'])
diff --git a/kallithea/lib/auth_modules/auth_pam.py b/kallithea/lib/auth_modules/auth_pam.py
--- a/kallithea/lib/auth_modules/auth_pam.py
+++ b/kallithea/lib/auth_modules/auth_pam.py
@@ -128,7 +128,6 @@ class KallitheaAuthPlugin(auth_modules.K
             'email': email,
             'admin': admin,
             'active': active,
-            "active_from_extern": None,
             'extern_name': username,
         }