LDAP-enabled users can change their password in backend - weird

[vmario89]

Hi, i recognized that users, which come from LDAP, are allowed to change their password in the backend. Indeed this works. Logging out and logging in again, the changed password is used, not the LDAP password anymore. That makes no sense. LDAP users always should use the synchronized LDAP password from the auth source. It seems that in current implementation the password hash is just copied once to the database and that's it. Instead we should disable the menu option for LDAP logged-in users completely

[vmario89]

btw it would be really helpful to see in the users list (/#/settings/user) which users are imported from LDAP and what users are locally based