• I’ve discovered that when using this plugin on a multisite network and with forced LDAP authentication turned on (“LDAP Exclusive” or “high security mode”) Super Admins can log in using their LDAP credentials or their WordPress password.

    Perhaps this was an intentional decision, or it is impossible to force LDAP on Super Admins, but in any case, I thought you should be aware and there should be a note on the plugin support page or in the plugin itself that makes this clear.

    https://www.ads-software.com/plugins/simple-ldap-login/

Viewing 1 replies (of 1 total)
  • Confirmed, for this reason i set a up a superstrong WordPress password for Super Admins… They’re still using LDAP, but local WP password set too and its possible to log in…

    Definitely it should be in plugin info page…

Viewing 1 replies (of 1 total)
  • The topic ‘Super Admins bypass LDAP authentication’ is closed to new replies.