I am attempting to authenticate users through an external MySQL database and am experiencing problems with activating/deactivating my student accounts.
Here is the scenario:
1. I am using a table in my external database called mdl_current_users that contains a list of all students who should have active accounts in Moodle. (By "active" I mean that they are able to log in to Moodle.) I am using a cron job that runs auth_db_sync_users.php every 5 minutes to syncronize these accounts with Moodle.
2. I can add records to my mdl_current_users table and within 5 minutes, those accounts show up in Moodle. So far, so good.
3. I can remove records from my external mdl_current_users table and within 5 minutes, those users can no longer log in.
4. Here is where the problems begin. If I add a user to my mdl_current_users table that previously existed (i.e., the student is being "reactivated"), the syncronization does not seem to work. In fact, I get the following error:
Error inserting user <username>
In step 3 above, the auth_db_sync_users.php code appears to have the following effect on the user's record Moodle's mdl_users table:
a) the auth column is set to "nologin" (this is good)
b) the deleted column remains set at "0" (this is bad, it should be set to "1")
c) the password column is emptied (this is bad because it never gets set again)
Here are some of the problems that I see:
When a user is deactivated, Moodle should set the "deleted" column to "1" and NOT erase the password. Right now, the deleted column is not set to 1, so when I try to reactivate a user, the get_record() call on line auth.php:371 fails (because deleted = 0 in the mdl_user table) and control goes to the next elseif which produces an error (it can't insert a record that already exists).
I tried to manually bypass this by manually setting deleted = 1 for the particular user that I am trying to reactivate. But when I did this, I discovered that on line auth.php:374 there is a misspelled word: auth_dbreviveuser should be auth_dbreviveduser (there is a missing "d" after revive).
I fixed this minor bug, but also noticed that the user password does not get set and the auth column remains set to "nologin". The end result is that the user does not get reactivated and still can not log in to Moodle.
FYI, I'm running v. 1.8.4
Any thoughts anyone? Thanks in advance for your help...
Ken Herndon
Yes the LDAP plugin does something similar. If you delete a user they're locked out forever. I think that's a bug and on top of that you seem to be seing a second bug with the delete flagging. Are you sure that the internal password field is used? I would have thought that the plugin would always cause the user to be authenticated against the database.
One for the bug tracker maybe.
One for the bug tracker maybe.
Hello,
I have enabled external database authentication plugin. Along with that, I have : Manual accounts, No login, Email-based self-registration, LDAP server authentication plugin enabled.
Now when I log in with external database's user, I am getting an error : LDAP-module cannot connect to any servers: Server: 'ldap://...', Connection: 'Resource id #53', Bind result: ''
Can you please suggest me what to do next?
Yes, the internal password (i.e., the field in the mdl_user table) is used for authentication, not the one in the external database. The internal password field is cleared when I remove a user and the sync routine runs.
What I want to do is to suspend a user temporarily by removing their entry from my external database (then add them back later on when their account should be re-enabled). I can always PERMANENTLY delete someone by simply deleting their record from the mdl_user table. I can also manually modify the mdl_user table myself to set the auth, deleted, username, password, etc. fields as I please. But I thought it would be "cleaner" to use the Moodle-supplied external database and synchronization functions. Perhaps not?
I am a bit surprised to see this general behavior in the external database plugin... I would have thought that more people use this method (or LDAP at least) to maintain the list of current active user accounts in Moodle. If not this method, then what do most people use?
And if this is truly a bug (i.e., the behavior that I am seeing is not intentional) then where do I go from here. I'm new to the Moodle community.
Thanks for everyone's help.
Ken
What I want to do is to suspend a user temporarily by removing their entry from my external database (then add them back later on when their account should be re-enabled). I can always PERMANENTLY delete someone by simply deleting their record from the mdl_user table. I can also manually modify the mdl_user table myself to set the auth, deleted, username, password, etc. fields as I please. But I thought it would be "cleaner" to use the Moodle-supplied external database and synchronization functions. Perhaps not?
I am a bit surprised to see this general behavior in the external database plugin... I would have thought that more people use this method (or LDAP at least) to maintain the list of current active user accounts in Moodle. If not this method, then what do most people use?
And if this is truly a bug (i.e., the behavior that I am seeing is not intentional) then where do I go from here. I'm new to the Moodle community.
Thanks for everyone's help.
Ken
Hi, Ken,
Welcome to MoodleLand.
What's next? It sounds like you might want join the conversation about this at the tracker - http://tracker.moodle.org/browse/MDL-13563
That is the same link that Séverin posted above.
It is amazing how many bugs get squashed there!
Hope you enjoy Moodle.
-- Art
Thank you for the feedback. It also appears that bug 13363 is closely related. I will follow up in one of those discussions.
Regards,
Ken
Regards,
Ken
Hi
This is precisely the problem i'm having and i am using 1.9.8. Its obviously still not fixed!
I cannot reactivate a user whom is deactivated/suspended via db_auth. i get 'error inserting user blah'
i would appreciate any help on this. i'm using a mysql db too.
thanks.
This is precisely the problem i'm having and i am using 1.9.8. Its obviously still not fixed!
I cannot reactivate a user whom is deactivated/suspended via db_auth. i get 'error inserting user blah'
i would appreciate any help on this. i'm using a mysql db too.
thanks.
Hi to everyone
I have a problem with External Database Authentication, I setup all in the setup config page of external database in moodle.
But I try to log in with and username and password of the database and dont workfine.
Shows that the username or password are wrong. I saw the database and the username and password exist
thanks for all
best
Did you launch a cron?