Latest package with LDAP add-on
-
@Lonk I'll test this out again and let ya know soon.
UPDATE: I just tried and see that it works fine now. Initially it didn't after migration even during this latest test, however I updated the field again to be just username and not mail, and suddenly now it worked as expected where it'll only accept the username and not email address. No idea why that didn't work when I did it yesterday, but I either overlooked something before or maybe it didn't save properly, I dunno. Seems to be okay now though.
@d19dotca Glad you got it working as expected. I still want to appeal to the devs to allow email in LDAP, but we certainly don't want that to work when it shouldn't be working. Hopefully we'll get to add real LDAP email support to Wordpress (Developer) one day.
๏ธ -
@d19dotca Glad you got it working as expected. I still want to appeal to the devs to allow email in LDAP, but we certainly don't want that to work when it shouldn't be working. Hopefully we'll get to add real LDAP email support to Wordpress (Developer) one day.
๏ธ@Lonk Actually now I'm super confused. lol. I thought it was fine, but now I'm seeing it letting me login again with the old password, so I went to remove it, and I found out I can actually still sign in with both the old password (since it was in the database from the old managed wordpress) and even the email address. No idea why this suddenly changed again. Maybe my brain is fried, lol. I'm going to try again now and disable the AuthLDAP plugin entirely and see what's up.
-
@d19dotca Glad you got it working as expected. I still want to appeal to the devs to allow email in LDAP, but we certainly don't want that to work when it shouldn't be working. Hopefully we'll get to add real LDAP email support to Wordpress (Developer) one day.
๏ธ@Lonk Okay yes, I can confirm that it works even with the AuthLDAP plugin disabled, when I use my old credentials (i.e email address + password). This kind of makes sense too since it was a Managed WordPress instance so everything was local anyways and not using LDAP. But what makes no sense to me is if I've removed the password from the wp_users table for my user, why it still lets me in.
Any ideas?--
Dustin Dauncey
www.d19.ca -
@Lonk Okay yes, I can confirm that it works even with the AuthLDAP plugin disabled, when I use my old credentials (i.e email address + password). This kind of makes sense too since it was a Managed WordPress instance so everything was local anyways and not using LDAP. But what makes no sense to me is if I've removed the password from the wp_users table for my user, why it still lets me in.
Any ideas?@d19dotca That's really odd, you literally removed the password hash from the DB in your personal user and you still can login with the LDAP plugin disabled?
The only thing I can say for now is to make sure the password hash you deleted matches your actual
user_id. Like, just a little double check there. Because that is super bizarre. -
@d19dotca That's really odd, you literally removed the password hash from the DB in your personal user and you still can login with the LDAP plugin disabled?
The only thing I can say for now is to make sure the password hash you deleted matches your actual
user_id. Like, just a little double check there. Because that is super bizarre.@Lonk said in Latest package with LDAP add-on:
you literally removed the password hash from the DB in your personal user and you still can login with the LDAP plugin disabled?
Yeah, super strange right? Never seen this behaviour before. It shouldn't be possible.
There's nothing in the user_pass box, and I'm the only user account in this particular website so I couldn't have messed up which user account, haha. There's only one row in that table.
--
Dustin Dauncey
www.d19.ca -
@Lonk said in Latest package with LDAP add-on:
you literally removed the password hash from the DB in your personal user and you still can login with the LDAP plugin disabled?
Yeah, super strange right? Never seen this behaviour before. It shouldn't be possible.
There's nothing in the user_pass box, and I'm the only user account in this particular website so I couldn't have messed up which user account, haha. There's only one row in that table.
@d19dotca How about this - delete the plugin. Very rarely (but totally is a thing) there are plug-in...remnants. And also, you tried incorrect passwords and incorrect usernames right? Hmm, maybe try another user on the Cloudron LDAP that isnโt you before you fully delete the plug-in to see if itโs actually still using LDAP somehow.
-
@d19dotca How about this - delete the plugin. Very rarely (but totally is a thing) there are plug-in...remnants. And also, you tried incorrect passwords and incorrect usernames right? Hmm, maybe try another user on the Cloudron LDAP that isnโt you before you fully delete the plug-in to see if itโs actually still using LDAP somehow.
@Lonk Yeah I did, the incorrect usernames and passwords behave as expected -- they won't login. I've completely deleted the plugin and it still loads up the old credentials. It's definitely not doing LDAP because the password from before when it was Managed (since it didn't have LDAP) is completely different password. I have no idea how this is working this way. lol.
--
Dustin Dauncey
www.d19.ca -
@Lonk Yeah I did, the incorrect usernames and passwords behave as expected -- they won't login. I've completely deleted the plugin and it still loads up the old credentials. It's definitely not doing LDAP because the password from before when it was Managed (since it didn't have LDAP) is completely different password. I have no idea how this is working this way. lol.
-
@d19dotca One last idea, check
wp-config.php, is it pointing to the databasenameyou edited? -
@Lonk Good idea! Just checked though and yes indeed it's pointing to the right database, confirmed by comparing the value in wp-config with the value of
show databases;in MySQL terminal. -
@Lonk Ah I did that before, but just tried again in case and still no-dice, it still loads fine with old credentials. I've never run into this issue before. I've seen it the opposite where two passwords would work (i.e. the one from managed and then the one with LDAP on Managed when I went from Unmanaged to Managed once), but that was solved by simply removing the password from the database. This time it's almost the opposite where it'll take the old credentials, not the new ones (if AuthLDAP is disabled anyways which is expected), even though the old credentials don't appear to be stored anywhere.
--
Dustin Dauncey
www.d19.ca -
@Lonk Ah I did that before, but just tried again in case and still no-dice, it still loads fine with old credentials. I've never run into this issue before. I've seen it the opposite where two passwords would work (i.e. the one from managed and then the one with LDAP on Managed when I went from Unmanaged to Managed once), but that was solved by simply removing the password from the database. This time it's almost the opposite where it'll take the old credentials, not the new ones (if AuthLDAP is disabled anyways which is expected), even though the old credentials don't appear to be stored anywhere.
-
@d19dotca Alright, throwing spaghetti at the wall now.
Clone the installation and try to login in THAT installation. -
@d19dotca Alright, throwing spaghetti at the wall now.
Clone the installation and try to login in THAT installation. -
@d19dotca Alright, throwing spaghetti at the wall now.
Clone the installation and try to login in THAT installation. -
@d19dotca Alright, throwing spaghetti at the wall now.
Clone the installation and try to login in THAT installation.@Lonk Okay I think I may have fixed it, but I'm not certain I trust it. So what I did was generate a new password in the database directly with MD5, then saved that. Then tried and couldn't login again via a private window (so I could still remain logged in elsewhere), then I removed the password again from the database, wondering if that'd let me login with the old password still again, and now it seems to be working as expected when there's no password in there that it will forbid that user from logging in locally. So it seems good now... but not sure how much I trust this, lol. Will keep testing, but I think this may be finally working the way I expect it to, via LDAP Auth only.
--
Dustin Dauncey
www.d19.ca -
@Lonk Okay I think I may have fixed it, but I'm not certain I trust it. So what I did was generate a new password in the database directly with MD5, then saved that. Then tried and couldn't login again via a private window (so I could still remain logged in elsewhere), then I removed the password again from the database, wondering if that'd let me login with the old password still again, and now it seems to be working as expected when there's no password in there that it will forbid that user from logging in locally. So it seems good now... but not sure how much I trust this, lol. Will keep testing, but I think this may be finally working the way I expect it to, via LDAP Auth only.
@d19dotca Wordpress is my favorite and Cloudron is my new development passion so Iโm happy to troubleshoot WP stuff to find edge cases that Cloudron may need to account for.
I am very for making WP the best it can be on Cloudron.
๏ธIโm happy Iโve been able to help troubleshoot with you!
I'm completely out of ideas. I can't explain this, haha.