WordPress 3.0 compatibility June 22nd, 2010

AD Integration is in principle compatible to WordPress 3.0. However  there is a little problem with the changes made to wp_insert_user() in wp-includes/registration.php. Now WordPress prevents from creating users with email addresses that are in use by other users already in the database.

The current development version contains a workaround, so Automatic User Creation works as before. A new option will be introduced with the 0.9.9.9 release. Then you can decide how the behavior should be, when duplicate email addresses are found:

  1. The User will not be created (default, secure).
  2. The User will be created and you’ll have 2 or more users with the same email address (unsecure).
  3. The User gets a new, partially random email address (partially unsecure).

The new version 0.9.9.9 will be released soon. Use the development version until then.

3 Kommentare
Eduardo Ribeiro July 2nd, 2010

I’m using v.0.9.9.9.
When a user successfully logins and the account is set for the first time the plugin creates an account, but as far as I can see on the code the password is random.

i think the better way would be to use the password the user just typed in the login form. That way he would be able to login even if the AD server wasn’t available (I have that problem…).

Maybe an option on config: In case of LDAP server fail try to login with local credentials? [ ]Yes [ ] No

Eduardo Ribeiro July 2nd, 2010

I just finished reading the coments on the roadmap and there is this one:

Hi Vincent,
you are right there was an error with local passwords. The password stored in the WordPress database was always set to a random generated one, everytime you changed the local password. I fixed it in 0.9.9.4. You can download the updated version in a few minutes from wordpress.org.

In version 0.9.9.9 -> auto-install from wordpress.org the password is random generated…

admin July 19th, 2010

Hi Eduardo,

if the user already exists the local password is not changed.
If the user is newly created in the local database on first logon, a random password is created.

I have to think about setting the password to the one used on first logon. Perhaps there is security problem.

eMail-Benachrichtigung bei weiteren Kommentaren.
Auch möglich: Abo ohne Kommentar.

Antworten