django-python3-ldap icon indicating copy to clipboard operation
django-python3-ldap copied to clipboard

Published 20 hours ago verified publisher icon etianen

Authorization by old password

Open nickshmalik opened this issue 2 years ago • 2 comments

Hellow!

noticed the problem, tasted only on Microsoft Active Directory.

When changing the password, you can log in using the old and new password.

nickshmalik avatar Dec 28 '21 23:12 nickshmalik

@etianen Thank you so much for this amazing LDAP Package for Django and I would like to contribute to this project if time permits.

jjnanthakumar avatar Jan 04 '22 07:01 jjnanthakumar

@nickshmalik - Do you have both the LDAP backend and the normal model backend enabled in your settings.py? It's possible that you have the old password also set in the database, and if both authentication backends are enabled, it's allowing authentication by either method. Or your AD server is b0rked.

@jjnanthakumar - Thanks! Help is always welcome!

etianen avatar Jan 06 '22 21:01 etianen