View Issue Details

IDProjectCategoryView StatusLast Update
0013690mantisbtldappublic2014-09-23 18:05
ReporterVeMag Assigned Todregad  
PrioritynormalSeveritymajorReproducibilityalways
Status closedResolutionfixed 
Product Version1.2.8 
Target Version1.2.9Fixed in Version1.2.9 
Summary0013690: When using LDAP, administrator can't reset "failed_login_count" any more
Description

using LDAP and $g_max_failed_login_count=ON;

Before, when user failed to login 3 times, he had to call administrator:
the administrator could use "reset password" button to reset the password (it was empty anyway) AND RESET FAILED_LOGIN_COUNT...

Now, he has to use SQL on the database...

That's since fix of the issue 0012998, had been better just change button text, not hide it.

TagsNo tags attached.

Relationships

related to 0012998 closeddhx Reset Button with HTTP_AUTH authentication 
related to 0015721 closedgrangeway Functionality to consider porting to master-2.0.x 

Activities

dregad

dregad

2011-12-19 09:49

developer   ~0030658

As a workaround, you could override the auth_can_change_password() custom function so that it returns true for LDAP.

I agree that we should offer the admin an option to "Unlock the account", even in case Mantis can't reset the password.

dregad

dregad

2011-12-19 16:49

developer   ~0030663

Can you test this?
https://github.com/dregad/mantisbt/commit/cc6198207f896094252631947c456a192c74d97d

VeMag

VeMag

2011-12-20 06:10

reporter   ~0030666

Great job ! it work's perfectly, good idea to hide/show the button, so the administor know the account was lock in mantis not in LDAP.

Thanks a lot !

French traductions :
$s_account_unlock_button = 'Débloquer le compte';
$s_account_unlock_msg = 'Le compte a été débloqué.';

dregad

dregad

2011-12-23 19:44

developer   ~0030680

Merci pour la traduction :-)

I was also wondering if it would not be useful to show locked accounts on the user list page.

dhx

dhx

2012-01-15 00:39

reporter   ~0030909

dregad, it appears as if you're calling user_reset_password($p_user_id) twice in manage_user_reset.php?

dregad

dregad

2012-01-16 06:33

developer   ~0030913

Thanks for feedback, I'll have a look

dregad

dregad

2012-01-21 18:33

developer   ~0030987

I removed the extra call, thanks for catching this oversight.

grangeway

grangeway

2013-04-05 17:57

reporter   ~0036315

Marking as 'acknowledged' not resolved/closed to track that change gets ported to master-2.0.x branch

Related Changesets

MantisBT: master-1.2.x cc619820

2011-12-19 04:29

dregad


Details Diff
Add Account Unlock button to manage_user_edit_page.php

The button is displayed when it is not possible to reset the user's
password as defined by custom function auth_can_change_password(),
$g_max_failed_login_count > 0 and the user's failed login count is
higher than this threshold.

Prior to this, in the case where it is not possible to reset a user's
password and $g_max_failed_login_count > 0, the administrator's only
way to reset the failed login count was direct SQL update. This was
introduced by commit 3eaa71f7711be41610fedb2d53506483261d8351.

Fixes 0013690
Affected Issues
0013690
mod - lang/strings_english.txt Diff File
mod - manage_user_edit_page.php Diff File
mod - manage_user_reset.php Diff File

MantisBT: master 42e29db3

2011-12-31 09:34

dregad


Details Diff
Add Account Unlock button to manage_user_edit_page.php

The button is displayed when it is not possible to reset the user's
password as defined by custom function auth_can_change_password(),
$g_max_failed_login_count > 0 and the user's failed login count is
higher than this threshold.

Prior to this, in the case where it is not possible to reset a user's
password and $g_max_failed_login_count > 0, the administrator's only
way to reset the failed login count was direct SQL update. This was
introduced by commit aa48e0c7547cd0edc4df95ff28f67d6f7b3d36a5.

Fixes 0013690
Affected Issues
0013690
mod - lang/strings_english.txt Diff File
mod - manage_user_edit_page.php Diff File
mod - manage_user_reset.php Diff File