Not easy to push through as the users will subscribe them selfs.
You should consider turning public registration off and adding them manually yourself in the user workspace.
Otherwise if you have scripting skills you can use the ‘RegisterUser’ console task to import all your users. For example:
./app/Console/cake passbolt register_user --username=ada@passbolt.com --first-name=ada --last-name=lovelace --role=user
Is it already possible to restrict to a domain name for the email addresses or similar?
Not at the moment, that’s been on the back of our mind. I created an issue there: