Caution: settings in multiple tables, debug exposes password

Good morning all –

Just a note of caution about a couple things I noticed yesterday:

The plugin can in some cases store configuration information in more than one table, leading to some head scratching when things don’t work. I was updating the user/password/Domain controller information in the Active Directory Settings interface, but things just didn’t work. Changes never seemed to take effect even though they appeared to. Combing through the database, I found that there were settings stored in both the _sitemeta table and the _options table. The settings interface was showing what was entered in the _sitemeta table, but the settings in the _options table was taking precedence. After deleting the information from _options leaving them in _sitemeta, all was good.

Also, when troubleshooting the above problem, I enabled debugging output per the documentation. Just a warning that this ends up exposing the username and password of the AD account you’re using to authenticate with to your domain controllers. If you enable debugging, you can assume that your active directory username/password has been compromised, and should be changed immediately.

– Brent

https://www.ads-software.com/extend/plugins/active-directory-authentication-integration/