Using LDAP Authentication in mixed mode causes all links to user/password to be stripped for anonymous users making it impossible for non LDAP users to reset their password. Surely this is only supposed to happen when using "Only LDAP Authentication..." mode.

If I disable the LDAP Authentication module the reset password links come back.

I have temporarily solved it but adding links to mydomain/reset-password and then forwarding these on to user/password with the redirect module but it feels like a bodge and I still don't get the Forgot password tab on /user.

Comments

bgm’s picture

bgm CreditAttribution: bgm commented

I'm not sure if I'm reading this right, but it seems caused by the line identified below in the function ldap_authentication_show_reset_pwd() of ./ldap_authentication/ldap_authentication.module :

function ldap_authentication_show_reset_pwd($user = NULL) {

  // [....]

  if ($user->uid == 0) {
    // hide reset password for anonymous users if ldap only authentication and password updates are disabled, otherwise show
    if ($auth_conf->authenticationMode != LDAP_AUTHENTICATION_EXCLUSIVE) { // <------- HERE
      if ($auth_conf->passwordOption == LDAP_AUTHENTICATION_PASSWORD_FIELD_ALLOW) {
        return TRUE;
      }
      return FALSE;
    }
    return TRUE;
  }

The fix below solved the issue for me:

    if ($auth_conf->authenticationMode == LDAP_AUTHENTICATION_EXCLUSIVE) {
       // ...
    }

Disclaimer: I am not very familiar with the LDAP module, please do not blindly use this patch.

ZeiP’s picture

ZeiP CreditAttribution: ZeiP at Avoltus Oy commented
Status: Active » Closed (duplicate)

This is a duplicate of #2379233: Reset password access check not working correctly , which also contains a patch for the bug.