When synching only from LDAP to Drupal, not importing the passwords from LDAP, and allowing only LDAP login, I was confused about what password Drupal stored in the Drupal 'users' table (closed this: https://drupal.org/node/2030867#comment-7607875). It turns out that a 20 character random password is generated for the account on line 1213 of LdapUserConf.class.php. This patch improves the UI on this topic by providing an option on /admin/config/people/ldap/user to disable the password field at /admin/people/create and by explicitly mentioning that a random password will be generated in this scenario. It also logs a watchdog entry to confirm that a random password was generated when a new user account is created.

CommentFileSizeAuthor
#1 ldap-password-ui-2033195-1.patch4.93 KBShaunDychko
Support from Acquia helps fund testing for Drupal Acquia logo

Comments

ShaunDychko’s picture

ShaunDychko CreditAttribution: ShaunDychko commented
Status: Active » Needs review
FileSize
ldap-password-ui-2033195-1.patch4.93 KB
ShaunDychko’s picture

ShaunDychko CreditAttribution: ShaunDychko commented
Title: Patch - improve UI with regards to passwords for admin created accounts when synching only LDAP to Drupal » Improve UI by disabling password field at /admin/people/create when using only LDAP login
johnbarclay’s picture

johnbarclay CreditAttribution: johnbarclay commented
Title: Improve UI by disabling password field at /admin/people/create when using only LDAP login » Ldap Authentication: Improve UI by disabling password field at /admin/people/create when using only LDAP login

this is committed. please keep reviewing.

grahl’s picture

grahl
he/him
Location Zürich
CreditAttribution: grahl as a volunteer commented
Issue summary: View changes
Status: Needs review » Closed (outdated)