[Plugin: Active Directory Authentication Integration] User password not verified

I’m a little confused. Which users are able to login with any password? Are these the users that logged in successfully before, or are they the users that were denied the first time they tried to login with the wrong password?

Let me provide more details and explain the scenario. The plugin is configured to auth users through one AD server (no SSL). I enabled the “Automatically create new WP user” and “Auto update users…”. All other options are set to defaults.
When I navigate to the test.php page and try [email protected] and valid AD password the test is successful and user is created in WP. The same happens if I navigate to login page on my WP site (/wp-login.php). After successful login, user is forwarded to the user profile page. So up to this point all works as expected.

After log out, browser is forwarded back to the login screen. At this point I can enter the same AD user credentials “[email protected]” and whatever string as password (valid AD password works as well). User is authenticated and forwarded back to the profile page.

To make sure there is no cashed session of some sort, I tested with closing the browser, clearing cookies, resetting IIS.

Do you have any suggestions? Thank you for all help, Robert

After complete re-installation of whole environment there is no more problem. Authentication and registration of AD users works as expected. Not sure what the problem was, but I suspect i may have to do with the fact that I have been testing different authentication methods and there was a conflict with one of the plugins that have not deactivated properly.

Awesome. Thanks for the update. I was trying to see if I could replicate the issue, but I wasn’t having any luck. Glad you got it sorted.