When using Cloudron user management non-cloudron users cannot reset password
-
@jdaviescoates as with any other app on Cloudron, it is not supported to change the usermanagement option later. We have thought of adding that, but it also creates various edge-cases to be dealt with and generally the demand for this was not very high in the past.
For the password reset issue, I so far suspect that this is an upstream bug or simply an unhandled case, but I still need to further debug the app for this, those app internals are not really our expertise of course.
@nebulon said in When using Cloudron user management non-cloudron users cannot reset password:
is not supported to change the usermanagement option later. We have thought of adding that, but it also creates various edge-cases to be dealt with and generally the demand for this was not very high in the past.
That's what I thought
I've seen lots of people hit issues due to this though, so I think there is probably a fair bit of demand.
So, sounds like I'm going to have to start again with https://safejust.space and lose the 237 followers @DoughnutEconomics already has on there
-
@jdaviescoates it is far from obvious, as we do not make any special changes besides enabling LDAP and set one other setting to disable external account creation, which apparently is not supported upstream or the setting has changed.
In our experience changing auth handlers, often has unexpected side-effects in apps, which are not easy to understand or pinpoint unless one is an expert of the app itself.
@nebulon said in When using Cloudron user management non-cloudron users cannot reset password:
we do not make any special changes besides enabling LDAP
OK, in which case, what I mean is evidently just enabling LDAP is what is causes this issue.
I wonder if there is anyway I can un-enable LDAP in an app initially installed with Cloudron user management enabled?
-
Just for good measure I've created an issue about this over on Mastodon too
-
@jdaviescoates it is far from obvious, as we do not make any special changes besides enabling LDAP and set one other setting to disable external account creation, which apparently is not supported upstream or the setting has changed.
In our experience changing auth handlers, often has unexpected side-effects in apps, which are not easy to understand or pinpoint unless one is an expert of the app itself.
@nebulon said in When using Cloudron user management non-cloudron users cannot reset password:
we do not make any special changes besides enabling LDAP and set one other setting to disable external account creation, which apparently is not supported upstream or the setting has changed.
There is definitely an option within Mastondon to close registrations. I can't remember for sure (would have to reinstall to double check), but I'm pretty sure even though I chose Cloudron user management registrations were open already.
-
@nebulon said in When using Cloudron user management non-cloudron users cannot reset password:
is not supported to change the usermanagement option later. We have thought of adding that, but it also creates various edge-cases to be dealt with and generally the demand for this was not very high in the past.
That's what I thought
I've seen lots of people hit issues due to this though, so I think there is probably a fair bit of demand.
So, sounds like I'm going to have to start again with https://safejust.space and lose the 237 followers @DoughnutEconomics already has on there
-
@jdaviescoates Sounds like I'm going to need to do the same thing, i.e. reinstall without integrated LDAP. Re: losing followers, wonder if you can migrate your account to another server, re-build your Mastodon app, then migrate back?
@ericyu00 said in When using Cloudron user management non-cloudron users cannot reset password:
wonder if you can migrate your account to another server, re-build your Mastodon app, then migrate back?
yeah, thanks, I'd thought about that too and may try it.. shall investigate...
-
@ericyu00 said in When using Cloudron user management non-cloudron users cannot reset password:
wonder if you can migrate your account to another server, re-build your Mastodon app, then migrate back?
yeah, thanks, I'd thought about that too and may try it.. shall investigate...
@jdaviescoates said in When using Cloudron user management non-cloudron users cannot reset password:
@ericyu00 said in When using Cloudron user management non-cloudron users cannot reset password:
wonder if you can migrate your account to another server, re-build your Mastodon app, then migrate back?
yeah, thanks, I'd thought about that too and may try it.. shall investigate...
Ah, I'm not sure that'd work because:
"There is also a very heavy cooldown period in which you cannot migrate again, so be very careful before using this option!"
From https://docs.joinmastodon.org/user/moving/
Frustratingly doesn't say how long that period is though.
-
@jdaviescoates said in When using Cloudron user management non-cloudron users cannot reset password:
@ericyu00 said in When using Cloudron user management non-cloudron users cannot reset password:
wonder if you can migrate your account to another server, re-build your Mastodon app, then migrate back?
yeah, thanks, I'd thought about that too and may try it.. shall investigate...
Ah, I'm not sure that'd work because:
"There is also a very heavy cooldown period in which you cannot migrate again, so be very careful before using this option!"
From https://docs.joinmastodon.org/user/moving/
Frustratingly doesn't say how long that period is though.
@jdaviescoates Hmmm, yeah you're right, that's not ideal. Looks like some places indicate it's a 7-day cooldown period, so would not really work too well unless you want to stay in the new home for a week, then migrate back... Also indicates "Your toots will not be moved, due to technical limitations." - not sure if that's a blocker as well. Wonder if you can export your entire account, rebuild the Cloudron app, then restore the account with the new user management setting applied? I'm about to nuke and rebuild my app, but it was a fresh instance so not losing anything of value... Good luck mate!
-
This one took a bit of time to narrow. It seems there are two things: password recovery and confirmation instructions. The former works. The latter doesn't work after sign up. Maybe that's expected.
Notice there are two separate links below:
-
G girish referenced this topic on
-
@ericyu00 @jdaviescoates I left a note in the github issue. It seems that LDAP login (and other login methods like pam login) are incompatible with external registration.
I will put this in Cloudron's post install message as well.
-
@girish can you preselect the non-cloudron user management as default for these apps that people likely just click through to install and end up in trouble later?
@robi mm, I guess it depends on the use case. For our instance, we actually want user management. Don't want external users to register (under @cloudron.io namespace).
But I do agree. Ideally, we can put some subtext that provides the implications. Maybe upstream will fix the issue though and we don't need to anything as well.
-
Just tested this now. non-cloudron users are able to get email in my instance atleast. Testing it a bit more.
@girish said in When using Cloudron user management non-cloudron users cannot reset password:
Just tested this now. non-cloudron users are able to get email in my instance atleast.
yeah, as I said in the OP
"if you do use Cloudron user management external users can register, but they then they can't reset their password!"
-
This one took a bit of time to narrow. It seems there are two things: password recovery and confirmation instructions. The former works. The latter doesn't work after sign up. Maybe that's expected.
Notice there are two separate links below:
@girish said in When using Cloudron user management non-cloudron users cannot reset password:
Notice there are two separate links below
Not sure what you're referring to here?
-
@girish said in When using Cloudron user management non-cloudron users cannot reset password:
Notice there are two separate links below
Not sure what you're referring to here?
-
S subven referenced this topic on
-
J jdaviescoates referenced this topic on
-
@jdaviescoates There's "Forgot your password" and "Didn't receive confirmation instructions" . For me the former works but the latter doesn't.
For "Forgot your password", I get the email. But clicking on the link in the email doesn't work.
@girish hello!
Any updates regarding this issue? I setted up an instance and now we have more than 300 users, but without having the possibility to reset the password looks like we need close our server and re-setup it. It is a bad way for us...Do you have like an instruction on how to move users from the old instance (with Cloudrone user management) to the new one (with inapp Mastodon user management)?
-
I itbeard referenced this topic on
-
@girish said in Opening Up Registration:
Note that if you want to allow external users, it might be a good idea to install mastodon without Cloudron user management. That way the user handles of external users and the Cloudron usernames won't conflict.
Also, I've just discovered that if you do use Cloudron user management external users can register, but they then they can't reset their password!
When trying to reset their passwords users are just presented with this:
Is there anyway to resolve this?
How can I enable non-Cloudron user to be able reset their passwords? Or is it now impossible to do so given I chose Cloudron user management during installation?
I'm really hoping I wont have to throw my whole network away and start again from scratch? (but I'm guessing perhaps I will
)
