Locked out: Authentication denied by Next Active Directory Integration Brute For

  • I am currently locked out of my site by Next ADi.

    All attempts to login result in:

    Authentication denied by Next Active Directory Integration Brute Force Protection.

    Even when logging in with a local (non AD) account.

    Thanks for any help offered.

Viewing 2 replies - 1 through 2 (of 2 total)

  • I am currently reproducing the problem.

    If it is urgent, you can delete the “next-active-directory-integration” folder from …/wp-content/plugins via (s)ftp. This will remove the plugin from WordPress and keep the plugin data in the database.

    I can confirm that this is a bug.

    Each login with an non-ADI-user (expect for the first user, who created the wordpress instance) counts as a login without the right password.

    After the 3th login of an non-ADI-user, the “Brute Force Protection” will prevent further logins.

    To reset every blocked user, delete every entry starting with “next_ad_int_fl_” inside the database table wp_sitemeta (for MultiSite installations) or wp_options (for normal SingleSite installations)

    Or delete the entries for your account:
    next_ad_int_fl_la__[sha1(“your username”)]
    next_ad_int_fl_bt__[sha1(“your username”)]

    For the user “aaaa”, the entries look like:
    next_ad_int_fl_la__70c881d4a26984ddce795f6f71817c9cf4480e79
    next_ad_int_fl_bt__70c881d4a26984ddce795f6f71817c9cf4480e79

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Locked out: Authentication denied by Next Active Directory Integration Brute For’ is closed to new replies.