Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Search
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Collapse
Brand Logo

Cloudron Forum

Apps | Demo | Docs | Install
  1. Cloudron Forum
  2. WordPress (Managed)
  3. After migration from Unmanaged to Managed, users can login with both LDAP and old local credentials for same user.

After migration from Unmanaged to Managed, users can login with both LDAP and old local credentials for same user.

Scheduled Pinned Locked Moved WordPress (Managed)
7 Posts 3 Posters 393 Views 3 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • d19dotcaD Offline
      d19dotcaD Offline
      d19dotca
      wrote on last edited by
      #1

      Hello,

      I have a project of migrating from Unmanaged to Managed (for various reasons) all the sites I manage on Cloudron. And unfortunately I have come across an odd behaviour. Thankfully it's a minimal impact because it's just my user on most of the sites, but I see this behaviour...

      When migrating using All-In-One WP Migration plugin, which moves the database, after completion I have to login with old credentials which is expected. After re-enabling the AuthLDAP plugin to link it back up with Cloudron and remove the local user login credentials, I find that I can login to the site with both my Cloudron credentials and the old WordPress credentials.

      Any ideas how I'd go about fixing this, essentially removing the old link / old password? I assume I need to modify some data in the database? Has anyone run into this yet?

      --
      Dustin Dauncey
      www.d19.ca

      1 Reply Last reply
      0
      • marcusquinnM Offline
        marcusquinnM Offline
        marcusquinn
        wrote on last edited by
        #2

        ARI Adminer is a quick way to inspect the DB from within the WP Admin if that helps:

        https://github.com/andrewcy86/ari-adminer

        I'd try disabling AuthLDAP, changing your WP L/P and the re-enabling the plugin, see if the issue remains.

        Readme suggests it's an either/or choice:

        https://github.com/heiglandreas/authLdap

        Not used before so only speculation but be interested in your results.

        Web Design https://www.evergreen.je
        Development https://brandlight.org
        Life https://marcusquinn.com

        d19dotcaD 1 Reply Last reply
        1
        • marcusquinnM marcusquinn

          ARI Adminer is a quick way to inspect the DB from within the WP Admin if that helps:

          https://github.com/andrewcy86/ari-adminer

          I'd try disabling AuthLDAP, changing your WP L/P and the re-enabling the plugin, see if the issue remains.

          Readme suggests it's an either/or choice:

          https://github.com/heiglandreas/authLdap

          Not used before so only speculation but be interested in your results.

          d19dotcaD Offline
          d19dotcaD Offline
          d19dotca
          wrote on last edited by
          #3

          @marcusquinn Nice tool, I'll check that out. Thanks Marcus. I'll probably be working on this later in the week.

          --
          Dustin Dauncey
          www.d19.ca

          1 Reply Last reply
          0
          • nebulonN Offline
            nebulonN Offline
            nebulon
            Staff
            wrote on last edited by
            #4

            That is indeed an interesting behavior. Just to add some clarification, our LDAP code matches by username, not some unique uuid, since that allows for easier migration, but presumably bites you here.

            d19dotcaD 1 Reply Last reply
            0
            • nebulonN nebulon

              That is indeed an interesting behavior. Just to add some clarification, our LDAP code matches by username, not some unique uuid, since that allows for easier migration, but presumably bites you here.

              d19dotcaD Offline
              d19dotcaD Offline
              d19dotca
              wrote on last edited by
              #5

              @nebulon Yeah I think it does, but that's okay I guess as this is a pretty fringe-scenario I suspect. I'm hoping it's as easy as me only needing to remove the local password from the user in the database which will force it to use the LDAP authentication. Fingers crossed. haha.

              --
              Dustin Dauncey
              www.d19.ca

              marcusquinnM 1 Reply Last reply
              0
              • d19dotcaD d19dotca

                @nebulon Yeah I think it does, but that's okay I guess as this is a pretty fringe-scenario I suspect. I'm hoping it's as easy as me only needing to remove the local password from the user in the database which will force it to use the LDAP authentication. Fingers crossed. haha.

                marcusquinnM Offline
                marcusquinnM Offline
                marcusquinn
                wrote on last edited by
                #6

                @d19dotca and check that doesn't then allow for blank-password logins 😄

                Web Design https://www.evergreen.je
                Development https://brandlight.org
                Life https://marcusquinn.com

                1 Reply Last reply
                0
                • d19dotcaD Offline
                  d19dotcaD Offline
                  d19dotca
                  wrote on last edited by
                  #7

                  Update: It is thankfully as easy as removing the data from the users table in the user_pass column. 🙂

                  Removing the value from the user_pass column on each user who you want to only authenticate using LDAP/Cloudron, will force that expected behaviour. If there is a password in the database, authentication will succeed with the local password OR the LDAP/Cloudron password, so removing that password will force it to rely only on LDAP/Cloudron authentication.

                  --
                  Dustin Dauncey
                  www.d19.ca

                  1 Reply Last reply
                  2
                  Reply
                  • Reply as topic
                  Log in to reply
                  • Oldest to Newest
                  • Newest to Oldest
                  • Most Votes


                    • Login

                    • Don't have an account? Register

                    • Login or register to search.
                    • First post
                      Last post
                    0
                    • Categories
                    • Recent
                    • Tags
                    • Popular
                    • Bookmarks
                    • Search