I'm setting up a Wordpress site that I need to get and store user info in LDAP. I have found a few plugins that will let me auth my users against LDAP and that is a start. What I need is new user registration to create the users in LDAP and password resets to update the passwords in LDAP as well.
The LDAP server is running OpenLDAP and LAM is installed, I know that there pro version does user provisioning but it doesn't let me redirect the people back to my WP install after they have created an account.
Ideally I would like to find a plugin for WP that would solve this but if I had to redirect users to my LDAP server for account creation that would be ok if at the end of the process I could send them back to the URL they came from.
Related
I have a Wordpress/WooCommerce installation using Wordpress itself for authentication. I want to switch to LDAP-based authentication (e.g. OpenLDAP). How can I migrate existing users with minimal intervention on their part?
Ideally they would simply continue using their pre-existing credentials for Wordpress and for any other resources using the same LDAP database.
In addition, new users created via WooCommerce purchases should be created as LDAP users.
(Existing plugins like Simple LDAP Login seem to handle creating Wordpress users for pre-existing LDAP credentials just fine. I'm looking for support in the other direction.)
I think you'll have to develop this task yourself. You could check tools like : https://lsc-project.org/start which will allow you to configure mapping and synchronising SQL database to LDAP directory and schedule the task regularly (or trigger it on new row in the DB)
Only point where you could have some problem would be the "keep their credentials". I don't know wordpress, but if the hashing and/or crypting mechanism of the passwords are not natively supported by OpenLDAP, you will have to hash the clear password of the user to store it with a mechanism compatible.
One way would be to tell every user that the password will be reset and that they will have to retype it (some custom landing page where you authenticate the user with his credentials on the wordpress DB and if successful write the password on the LDAP)
Another way would be to deploy some self service password with all account reset and a need to re-set them with a link send to their email (from the LDAP). There are tools like that, for example : https://ltb-project.org/documentation/self-service-password
Follow Esteban's advice I developed a solution as follows:
Wordpress interface
Install Simple LDAP Login
Install JWT Authentication for WP REST API
Users authenticate against LDAP, fall back on Wordpress
"Change password" sends them to new interface
New interface
User logs in via new interface
Users authenticate against LDAP, fall back on:
Authenticate against Wordpress via JWT. On success:
Create LDAP user (we have the password)
Delete Wordpress password hash (no longer needed, forces LDAP-based authentication in future)
Workflow
Existing users can sign in via Wordpress or the new interface. Once they use the new interface (to sign in or change their password), they are migrated to LDAP-based authentication.
New users are registered in LDAP. They can sign in via Wordpress or the new interface, both backed by LDAP.
Running Drupal 7 on DrupalVM. Had a successful installation, but when I visited my Drupal site, it requires a login and password. I couldn't find in the docs where the root admin login credentials are. Usually Drupal allows you to set this up, but not the case with DrupalVM (unless its in a config file and I overlooked it). Are there root login credentials or do you have to create an admin user (through your db) when first getting started with DrupalVM? Thanks.
Username and password: admin:admin https://github.com/geerlingguy/drupal-vm#3---configure-your-host-machine-to-access-the-vm
I want to implement a login section in wp such a way that can also logged-in me in the Codeigniter site with is a sub-directory in may site. These two site (WP|CI) runs paralleled. If one user logged-in in WP then automatically he will be logged-in in the CI portal to. Assuming same user name and same password used.
Any suggestion most welcome.
If they are on the same domain you can simply check for the needed cookies and confirm that data for a logged in user.
http://codex.wordpress.org/WordPress_Cookies
You can check this cookies trough the CI Cookie library or simply with checking the $_COOKIE var, but you still need to verify this info with the WordPress database.
I locked myself out of my Admin account on a client's site. I don't have access to the database because my client doesn't like to give that away, I need to upgrade my user account back into being an administrator. I've done it before, with something like wp_update_user() but I don't remember how & I can't find the online resource I used.
How can I upgrade my user account from being a user to being an administrator without knowing the ID of my account?
Thanks!
How to give an admin access to the users who have logged in using ldap username and password after authentication. And should we store this $_POST values in drupal database.
If you are using the ldap_integration module after an LDAP user logs in for the first time a full local Drupal user is created for them. Install http://drupal.org/project/adminrole which lets you assign your users, even LDAP users, into an "Admin Role". This module gives all available permissions to users in this role.