tabbsomat

Thank you Paul, I’d still be happy to get that feature. ??

Of course, once restricted to external authentication there’s no way to authenticate without having the external data source available – that is exactly my expected behavior.

On the other hand: WordPress Administrators chosing LDAP as Directory always should be able to find their ways to bypass WordPress and to fix potential issues with their directories.

Regarding the password hashes: Accidently created local users have valid hashes. As long issue 89 hasn’t been implemented I continue to run a regular job checking for changed hashes in the database and updating them to a unusable one.

Thanks again and have a nice day,
Thomas

• This reply was modified 4 years, 10 months ago by tabbsomat.

Thank you, Paul, for your quick response.
Our users authenticate with user name, only, omitting the domain part. I have concerns about the password hash stored in WordPress for users from the directory….

Besides of that: there’s always a risk that admin users create ordinary wordpress users accidently or intentionally. It is difficult do differentiate between these users and those from the directory. I want to have it clear: local users should be ignored.

I like the strict behavior of the simple ldap plugin in this case. Since that plugin has not been maintained for a while it has become incompatible to current versions of WP. Hence I have started to research for more recent ldap plugins. The Authorizer seems to fit best so far ??