dan_riv

This is definitely a problem using WP 4.4.2 and ADI plugin 1.1.8 on php 5.6.

I’m experiencing this too. Other tests using wp_mail work as expected. I noticed in ad-integration.php, it looked like there was an extra space at the end of get_bloginfo(‘admin_email ‘) but fixing this did not change anything.

I’m on a Windows Server 2012 system, and mail() is sent to a local SMTP service. Basic tests of mail() in a php page work, and tests of wp_mail work correctly outside the plugin.

I have tried both with and without the additional plugin WP Mail SMTP activated.

After more testing I see that first of all, I’m trying to authorize by AD group, and previously when I said I was disabling the test user, I was actually just removing them from the AD user group that I’m checking for.

However, when I disable the user in Active Directory (right-click, Disable user) and I login to WordPress I still get an incorrect PW error, and in the usermeta table the user’s adi_useraccountcontrol code is still stored as 66048. (Enabled, Password does not expire)

Could the plugin not be updating the user meta to Disabled because the user has already failed the AD group check?

I wonder if the combination of settings I’m using is less than ideal.

Thanks for the quick response mrasker! Looking at the entire usermeta table, there isn’t an entry for adi_user_disabled. (I only have two users right now, so it’s easy to just match up the user_id and take a look)

Documentation states “This flag is automatically set (or unset) by Bulk Import and its state may change on next run of Bulk Import.”

Is this flag only set by bulk import? I was hoping not to need that process.

I’m still getting things set up, but closer to a production ready state. I’m hoping repeated testing with the same user isn’t muddying the waters. Any help is greatly appreciated!

I’m experiencing this too. I have the plugin configured so that AD is checked every time a user logs in, and no data is writable back to AD. Everything seems to behave the way I would expect, but this column is not updated.

Automatic User Creation is enabled
Automatic User Update is enabled
Enable Local Password Change is disabled
Set Local PW on First Login is enabled, but I’ve tried both ways
Automatic Password Update is disabled, but I’ve tried both ways

My real issue is that when users are disabled in AD, they are locked out as intended but they are given what I think is a misleading error on the WP login page–incorrect password for this user. This is minor and may be the best fit that exists in WP. However, I think user doesn’t exist would be better.