Title: wpandi's Replies | WordPress.org

---

# wpandi

  [  ](https://wordpress.org/support/users/wpandi/)

 *   [Profile](https://wordpress.org/support/users/wpandi/)
 *   [Topics Started](https://wordpress.org/support/users/wpandi/topics/)
 *   [Replies Created](https://wordpress.org/support/users/wpandi/replies/)
 *   [Reviews Written](https://wordpress.org/support/users/wpandi/reviews/)
 *   [Topics Replied To](https://wordpress.org/support/users/wpandi/replied-to/)
 *   [Engagements](https://wordpress.org/support/users/wpandi/engagements/)
 *   [Favorites](https://wordpress.org/support/users/wpandi/favorites/)

 Search replies:

## Forum Replies Created

Viewing 3 replies - 1 through 3 (of 3 total)

 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [[authLdap] Login not possible with new user](https://wordpress.org/support/topic/login-not-possible-with-new-user/)
 *  Thread Starter [wpandi](https://wordpress.org/support/users/wpandi/)
 * (@wpandi)
 * [5 years, 4 months ago](https://wordpress.org/support/topic/login-not-possible-with-new-user/#post-13987499)
 * Currently not but I will come back to you whenever that should be the case. 😉
 * Thanks a lot! 🙂
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [[authLdap] Login not possible with new user](https://wordpress.org/support/topic/login-not-possible-with-new-user/)
 *  Thread Starter [wpandi](https://wordpress.org/support/users/wpandi/)
 * (@wpandi)
 * [5 years, 4 months ago](https://wordpress.org/support/topic/login-not-possible-with-new-user/#post-13982884)
 * And you were right again!
 * I mixed the identification of existing users up, I matched the wrong fields. 
   After fixing this (setting the right “User-ID Attribute”) now the user is recognized
   as “old and existing” on repeated login and the rights revocation via removing
   the corresponding LDAP group works, too!
 * Thanks again for patiently pointing me to the right places!
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [[authLdap] Login not possible with new user](https://wordpress.org/support/topic/login-not-possible-with-new-user/)
 *  Thread Starter [wpandi](https://wordpress.org/support/users/wpandi/)
 * (@wpandi)
 * [5 years, 4 months ago](https://wordpress.org/support/topic/login-not-possible-with-new-user/#post-13981590)
 * Hi Andreas,
 * thanks for your quick reply and your support! I’m sorry to have bothered you 
   with this as it’s my mistake. Your comment “an issue with finding the new user”
   pointed me to the solution: some time in the past the underlying LDAP management
   obviously changed from setting the user supplied e-mail for a new user to “mail”
   and “mailPrimaryAddress” in the directory to setting it only to “mailPrimaryAddress”.
   But I had AuthLDAP configured to look into “mail”…
 * Digging into this with your hints I stumbled upon another thing: a user who has
   been an author but got this right revoked (and therefore is in no WordPress-related
   group in LDAP anymore) can still login (this is expected) but continues to have
   his old rights (which I did not expect, as I’ve set “LDAP Groups override role
   of existing users?” to yes). I expected the old right/group-membership to get
   deleted then, resetting the user to “subscriber”?! What is more, the user is 
   recognized as not having an entry in the WP-Database but the creation of said
   entry fails then as of course the entry is already there?
 *     ```
       [30-Jan-2021 09:04:49 UTC] [AuthLDAP] User 'existinguser1@mydomain.de' logging in
       [30-Jan-2021 09:04:49 UTC] [AuthLDAP] about to do LDAP authentication
       [30-Jan-2021 09:04:49 UTC] [AuthLDAP] connect to LDAP server
       [30-Jan-2021 09:04:49 UTC] [AuthLDAP] LDAP authentication successfull
       [30-Jan-2021 09:04:49 UTC] [AuthLDAP] Array
       (
           [administrator] => 5078
           [editor] => 5081
           [author] => 5079
           [contributor] => 5080
           [subscriber] => 5083
       )
   
       [30-Jan-2021 09:04:49 UTC] [AuthLDAP] Array
       (
           [administrator] => 5078
           [editor] => 5081
           [author] => 5079
           [contributor] => 5080
           [subscriber] => 5083
       )
   
       [30-Jan-2021 09:04:49 UTC] [AuthLDAP] Group Filter: "(&(objectClass=posixGroup)(uniqueMember=uid=existinguser1,ou=Users,ou=MyOrg,dc=int,dc=my-org,dc=de))"
       [30-Jan-2021 09:04:49 UTC] [AuthLDAP] Group Base: 
       [30-Jan-2021 09:04:49 UTC] [AuthLDAP] LDAP groups: []
       [30-Jan-2021 09:04:49 UTC] [AuthLDAP] Role from LDAP group: 
       [30-Jan-2021 09:04:49 UTC] [AuthLDAP] role from group mapping: 
       [30-Jan-2021 09:04:49 UTC] [AuthLDAP] no role yet, set default role
       [30-Jan-2021 09:04:49 UTC] [AuthLDAP] The LDAP user does not have an entry in the WP-Database, a new WP account will be created
       [30-Jan-2021 09:04:49 UTC] [AuthLDAP] Error creating user : Diese E-Mail-Adresse wird bereits verwendet!
       ```
   
 * What’s the best way to show the configuration of AuthLDAP here for you?
 * Thanks!
    -  This reply was modified 5 years, 4 months ago by [wpandi](https://wordpress.org/support/users/wpandi/).

Viewing 3 replies - 1 through 3 (of 3 total)