Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Search
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Collapse
Brand Logo

Cloudron Forum

Apps | Demo | Docs | Install
  1. Cloudron Forum
  2. WordPress (Managed)
  3. After migration from Unmanaged to Managed, users can login with both LDAP and old local credentials for same user.

After migration from Unmanaged to Managed, users can login with both LDAP and old local credentials for same user.

Scheduled Pinned Locked Moved WordPress (Managed)
7 Posts 3 Posters 437 Views 3 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • d19dotcaD Offline
    d19dotcaD Offline
    d19dotca
    wrote on last edited by
    #1

    Hello,

    I have a project of migrating from Unmanaged to Managed (for various reasons) all the sites I manage on Cloudron. And unfortunately I have come across an odd behaviour. Thankfully it's a minimal impact because it's just my user on most of the sites, but I see this behaviour...

    When migrating using All-In-One WP Migration plugin, which moves the database, after completion I have to login with old credentials which is expected. After re-enabling the AuthLDAP plugin to link it back up with Cloudron and remove the local user login credentials, I find that I can login to the site with both my Cloudron credentials and the old WordPress credentials.

    Any ideas how I'd go about fixing this, essentially removing the old link / old password? I assume I need to modify some data in the database? Has anyone run into this yet?

    --
    Dustin Dauncey
    www.d19.ca

    1 Reply Last reply
    0
    • marcusquinnM Offline
      marcusquinnM Offline
      marcusquinn
      wrote on last edited by
      #2

      ARI Adminer is a quick way to inspect the DB from within the WP Admin if that helps:

      https://github.com/andrewcy86/ari-adminer

      I'd try disabling AuthLDAP, changing your WP L/P and the re-enabling the plugin, see if the issue remains.

      Readme suggests it's an either/or choice:

      https://github.com/heiglandreas/authLdap

      Not used before so only speculation but be interested in your results.

      Web Design https://www.evergreen.je
      Development https://brandlight.org
      Life https://marcusquinn.com

      d19dotcaD 1 Reply Last reply
      1
      • marcusquinnM marcusquinn

        ARI Adminer is a quick way to inspect the DB from within the WP Admin if that helps:

        https://github.com/andrewcy86/ari-adminer

        I'd try disabling AuthLDAP, changing your WP L/P and the re-enabling the plugin, see if the issue remains.

        Readme suggests it's an either/or choice:

        https://github.com/heiglandreas/authLdap

        Not used before so only speculation but be interested in your results.

        d19dotcaD Offline
        d19dotcaD Offline
        d19dotca
        wrote on last edited by
        #3

        @marcusquinn Nice tool, I'll check that out. Thanks Marcus. I'll probably be working on this later in the week.

        --
        Dustin Dauncey
        www.d19.ca

        1 Reply Last reply
        0
        • nebulonN Offline
          nebulonN Offline
          nebulon
          Staff
          wrote on last edited by
          #4

          That is indeed an interesting behavior. Just to add some clarification, our LDAP code matches by username, not some unique uuid, since that allows for easier migration, but presumably bites you here.

          d19dotcaD 1 Reply Last reply
          0
          • nebulonN nebulon

            That is indeed an interesting behavior. Just to add some clarification, our LDAP code matches by username, not some unique uuid, since that allows for easier migration, but presumably bites you here.

            d19dotcaD Offline
            d19dotcaD Offline
            d19dotca
            wrote on last edited by
            #5

            @nebulon Yeah I think it does, but that's okay I guess as this is a pretty fringe-scenario I suspect. I'm hoping it's as easy as me only needing to remove the local password from the user in the database which will force it to use the LDAP authentication. Fingers crossed. haha.

            --
            Dustin Dauncey
            www.d19.ca

            marcusquinnM 1 Reply Last reply
            0
            • d19dotcaD d19dotca

              @nebulon Yeah I think it does, but that's okay I guess as this is a pretty fringe-scenario I suspect. I'm hoping it's as easy as me only needing to remove the local password from the user in the database which will force it to use the LDAP authentication. Fingers crossed. haha.

              marcusquinnM Offline
              marcusquinnM Offline
              marcusquinn
              wrote on last edited by
              #6

              @d19dotca and check that doesn't then allow for blank-password logins 😄

              Web Design https://www.evergreen.je
              Development https://brandlight.org
              Life https://marcusquinn.com

              1 Reply Last reply
              0
              • d19dotcaD Offline
                d19dotcaD Offline
                d19dotca
                wrote on last edited by
                #7

                Update: It is thankfully as easy as removing the data from the users table in the user_pass column. 🙂

                Removing the value from the user_pass column on each user who you want to only authenticate using LDAP/Cloudron, will force that expected behaviour. If there is a password in the database, authentication will succeed with the local password OR the LDAP/Cloudron password, so removing that password will force it to rely only on LDAP/Cloudron authentication.

                --
                Dustin Dauncey
                www.d19.ca

                1 Reply Last reply
                2
                Reply
                • Reply as topic
                Log in to reply
                • Oldest to Newest
                • Newest to Oldest
                • Most Votes


                • Login

                • Don't have an account? Register

                • Login or register to search.
                • First post
                  Last post
                0
                • Categories
                • Recent
                • Tags
                • Popular
                • Bookmarks
                • Search