Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Collapse

Cloudron Forum

Apps | Demo | Docs | Install

How does a user reset their password when their email access is also through LDAP?

Scheduled Pinned Locked Moved Support
10 Posts 3 Posters 388 Views
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • marcusquinnM Offline
    marcusquinnM Offline
    marcusquinn
    wrote on last edited by marcusquinn
    #1

    OK, so Users only have access to email through a webmail client that uses Cloudron LDAP to login.

    They have forgotten their password.

    How do they reset it if they can't login to webmail because they forgot their password?

    🙃

    We're not here for a long time - but we are here for a good time :)
    Jersey/UK
    Work & Ecommerce Advice: https://brandlight.org
    Personal & Software Tips: https://marcusquinn.com

    girishG 1 Reply Last reply
    0
  • girishG Do not disturb
    girishG Do not disturb
    girish Staff
    replied to marcusquinn on last edited by
    #2

    @marcusquinn the are two email address on Cloudron - the primary email (exposed to apps) and the fallback email (sent for password reset). The fallback email is not supposed to be hosted on Cloudron. This is a bit hard to "impose" because at any time that fallback email address can become hosted on Cloudron... What can we do to prevent this?

    marcusquinnM 1 Reply Last reply
    1
  • girishG Do not disturb
    girishG Do not disturb
    girish Staff
    wrote on last edited by
    #3

    Looking into the flow a bit:

    • When a user is created (by the admin), it just says "Email". What we do is to set the primary and the fallback email to this email address.

    • Then, when a user signs up, he is not asked for any email. He has to know to go to Profile page and change it. Not ideal.

    I think we should fix the flow to ask the admin for both the emails. And also warning them if fallback email is hosted on Cloudron. If fallback email is left blank, we should ask the user when they sign up.

    marcusquinnM 1 Reply Last reply
    2
  • marcusquinnM Offline
    marcusquinnM Offline
    marcusquinn
    replied to girish on last edited by
    #4

    @girish I don't think any of our users have fallback email addresses. The workaround for now has been to text them a reset link.

    I guess that lends itself to a SMS reset capability but then I can see that being complicated in finding providers for all country needs.

    We're managing, it's just a situation that relies upon a System Admin being available to assist.

    Perhaps there's another way somehow with registering a mobile app and push notifications?

    We're not here for a long time - but we are here for a good time :)
    Jersey/UK
    Work & Ecommerce Advice: https://brandlight.org
    Personal & Software Tips: https://marcusquinn.com

    girishG 2 Replies Last reply
    0
  • girishG Do not disturb
    girishG Do not disturb
    girish Staff
    replied to marcusquinn on last edited by
    #5

    @marcusquinn I think this is a bug in our flow, will get this fixed.

    1 Reply Last reply
    2
  • marcusquinnM Offline
    marcusquinnM Offline
    marcusquinn
    replied to girish on last edited by
    #6

    @girish Sounds reasonable. It's not urgent, just something I found that happens often enough to consider if there's a way to make these things self-service without needing a System Admin to be available.

    We're not here for a long time - but we are here for a good time :)
    Jersey/UK
    Work & Ecommerce Advice: https://brandlight.org
    Personal & Software Tips: https://marcusquinn.com

    1 Reply Last reply
    0
  • girishG Do not disturb
    girishG Do not disturb
    girish Staff
    replied to marcusquinn on last edited by
    #7

    @marcusquinn Also, the fallback email is in the Profile view of the user . But of course, it's impossible for a normal user or even admin to know all what I said....

    marcusquinnM 1 Reply Last reply
    1
  • marcusquinnM Offline
    marcusquinnM Offline
    marcusquinn
    replied to girish on last edited by
    #8

    @girish On the flip-side, personal email addresses can arguably be weaker than work ones, as people tend to use them for many years without any password policies, and there's plenty of online services to lookup exposed passwords by a person's email address.

    We're not here for a long time - but we are here for a good time :)
    Jersey/UK
    Work & Ecommerce Advice: https://brandlight.org
    Personal & Software Tips: https://marcusquinn.com

    1 Reply Last reply
    0
  • marcusquinnM Offline
    marcusquinnM Offline
    marcusquinn
    wrote on last edited by
    #9

    If I think to all the big players, I think there's a good reason they use mobile numbers for 2FA and resets, people guard their phones more carefully than their credentials.

    We're not here for a long time - but we are here for a good time :)
    Jersey/UK
    Work & Ecommerce Advice: https://brandlight.org
    Personal & Software Tips: https://marcusquinn.com

    mehdiM 1 Reply Last reply
    0
  • mehdiM Offline
    mehdiM Offline
    mehdi App Dev
    replied to marcusquinn on last edited by
    #10

    @marcusquinn Actually, SIM Swapping is pretty common. I would not suggest having a phone number as a single-point-of-failure for anything remotely critical.

    1 Reply Last reply
    2

  • Login

  • Don't have an account? Register

  • Login or register to search.
  • First post
    Last post
0
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Login

  • Don't have an account? Register

  • Login or register to search.