Multisite Default Users

  • With the recent updates to WP 5.X, we’ve encountered a few more buggy scenarios. To figure this out, I’m hoping to understand how the plugin makes a few decisions.

    Right now, I have the plugin activated on a multisite install (network activated). This has worked great. However, I was using an ancient plugin to help with default accounts. Because a new users should be able to log into any of our sites and be given a specified user role. The problem was that they were being redirected to sites where they had already logged in (and away from this new site). It wouldn’t create a new user for them (with the appropriate role) on the new site.
    The plugin says that it will create the user with the lowest possible role, but how is that determined? If I create a new role, do you have a plugin recommendation for ensuring that it creates the account at the proper level? Thanks.

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author Paul Gilzow

    (@gilzow)

    I was using an ancient plugin to help with default accounts.

    Which plugin is that?

    The plugin uses the site option default_role when creating a new user that has successfully authenticated against ldap but didnt exist in the WordPress instance previously. In most scenarios, and especially in a multisite setup, that is going to subscriber.

    As for redirection, wpDirAuth doesn’t do any redirection; it just returns either a valid WP_User or WP_Error to the autheticate filter, or in older versions to a call to wp_authenticate.

    In a multisite, there is only one storage of users. So if a user already exists somewhere in the multisite, then if they authenticate, wpDirAuth isn’t going to add them to the “new” site since they aren’t really a new user. Once they are part of a multisite, if you want to add them to a new site, you would need to add them to at site as an existing user.

    Does that make sense?

    Thread Starter Demonhood

    (@demonhood)

    The old plugin – Multisite User Management.
    Made it easier to select default roles for users on our many many sites, all from one location.

    It does make sense. But here is what our expected behavior is (and what it has done in the past):
    1) User exists in the centralized multisite bucket of users.
    2) They attempt to log into a newly created site within that multisite (with a custom user role).
    3) The user is authenticated against the ldap, is redirected to the dashboard (or whatever appropriate page) on the new site.
    4) User account is created (it’s their first visit), with that new role, for the new site (appearing under Users).
    5) Profit?

    That’s all users have to do to register on our sites. We use the ldap authentication to ensure that they’re eligible (success = eligible).

    But lately, we’ve been seeing some users properly authenticate, but then the user gets logged into a site they’re already a user on, completely bypassing the new site they were ACTUALLY trying to log into (going straight from new-site.xyz/wp-admin to old-site.xyz). WordPress is deciding that they must have wanted to go to one of those existing sites instead. If they press the back button, sometimes they’re logged in (sometimes not). But the user is not created for the new site (as you could also see on the Network Users section).

    Weird huh.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Multisite Default Users’ is closed to new replies.