• Hello,
    I was trying to set up AuthLDAP to automatically assign the correct WordPress groups to certain LDAP groups. However, something must have gone wrong, as now everyone has been reduced to the role of Subscriber – even all admins. Admins are able to login to the wp-admin portal, but can only change basic settings such as the color appearance and their name. I am using Yunohost and wanted to assign some standard Yunohost groups such as admin to WordPress administrators, and some custom groups to Author or Editor.

    Is there any way to get access back or to fix this? And in addition, how could one prevent this from happening again in the future? I am quite certain I wrote down the correct groups in the AuthLDAP setup, so I am not sure what went wrong, or what I did wrong. I otherwise love the idea of this plugin, so I would love to get it to work ??
    I think this is related to this previous topic: LDAP Groups override role of existing users? | www.remarpro.com as I previously manually assigned roles to users made using LDAP.

    Thank you in advance,
    Sem

    • This topic was modified 5 months, 3 weeks ago by shasem.
Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Author heiglandreas

    (@heiglandreas)

    Hey Sem.

    Sorry for this inconvenience! This sounds rather drastic.

    To avoid such issues I recommend to always have an administration account that is only available locally. I am usually setting up my WorPress installations with a dedicated – local only – wordpressadmin user that will never be handled otherwise than locally to not loose admin-access like in your case. This is just a fallback account that is not for regular admin use but for such cases as you experienced.

    Secondly I would always test such settings in a staging environment to make sure that I am not breaking production

    But now that you have the situation you have:

    I would first decativate the plugin by manually renaming the folder authldap in the wp-contents/plugins directory. Adding a letter will suffice. That way the plugin is decativated and will for now not interfere with logins any more.

    Then You will need to manually edit the database to at least allow your own user admin access again: Find your user-id and in the usermeta table for the meta_key wp-capabilites set the meta_value to a:1:{s:13:"administrator";b:1;} for your user-id. That should allow your user-id to have admin access again.

    Then I’d create the aforementioned separate administration fallback user and test the settings in a staging environment before reenabling the plugin (renaming it back to authldap and activating it in the plugin list).

    Thread Starter shasem

    (@shasem)

    Hey, thanks a bunch for writing all this. It’s not currently an emergency to fix it (it’s a hobby website), so I’ll try in the near future to attempt to fix it with these suggestions. I’ll let you know what happens!

    Thread Starter shasem

    (@shasem)

    Hi, I’ve managed to fix it. Thanks for the help. However, I retried the same after to ensure I put in the correct group names, and even then I would lose admin access. I had a wordpress database dump ready, so I could instantly revert it.

    So I’m concluding I’m doing something wrong, but I just don’t know what. I have a group called “admins” that I’d like to map to Administrators, and another group called “cooks” that I want to map to Editors. But putting in those names just doesn’t work. Am I missing something?

    Anyway, maybe a suggestion that might prevent errors like mine: maybe it is possible to have a drop-down menu where you can choose groups you want to map, rather than a free form text input, so it is impossible to select something the plugin doesn’t recognise.

    Thanks again for your help, though!

Viewing 3 replies - 1 through 3 (of 3 total)
  • You must be logged in to reply to this topic.