http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=9165
--- Comment #14 from Martin Renvoize <[email protected]> --- Just thought I aught to clarify the relation between the followup here and bugs 12831 and 8148. Bug 8148 was added for security reasons and it's sole goal was to prevent users logging in with outdated LDAP passwords (Koha used to fallback on a local copy of the password should LDAP auth fail for ANY reason, and as such would allow for outdated passwords to till be used for login) Bug 12831 was added as bug 8148 had the unintended side effect of disabling all local only accounts. Unfortunately it's proven difficult to distinguish between LDAP failures due to incorrect passwords and any other ldap failure for the ldap configuration where no anonymous search user is specified. The followup here is designed to help alleviate the above issue by removing old synced passwrods upon an ldap users first login after the config preference is changed. It is by no means an instant fix, but it the best I could come up with. Therefore: Warning, switching this config option to prevent syncing of ldap passwords to local cache will not instantly take affect. If you wish to imediately benefit form this added security, my advise would be to manually clear all existing ldap users passwords from the database. -- You are receiving this mail because: You are watching all bug changes. _______________________________________________ Koha-bugs mailing list [email protected] http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
