Moodle
  1. Moodle
  2. MDL-20962

Users cannot login when accounts are created with strong password using csv upload

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 1.9.6
    • Fix Version/s: 1.9.7
    • Component/s: Authentication
    • Labels:
      None
    • Database:
      MySQL
    • Affected Branches:
      MOODLE_19_STABLE
    • Fixed Branches:
      MOODLE_19_STABLE

      Description

      to recreate:

      Create csv with users
      Passwords in file to conform with default password policy
      Upload to create new accounts.
      attempt to login in as new user.
      login fails

      Additional information:
      Create csv with users
      Passwords in file that does NOT conform with default password policy
      Upload to create new accounts.
      Attempt to login in as new user.
      Login succeeds - user prompted for new password.

        Gliffy Diagrams

          Activity

          Hide
          Frank Ralf added a comment -

          I think this is the same problem after today's update via CVS of my local development machine.

          I still can login as admin using my old password (which doesn't confirm to any password policy as this is only a local development installation after all) but are prompted to change my password again and again - to no avail (see screenshot)

          Show
          Frank Ralf added a comment - I think this is the same problem after today's update via CVS of my local development machine. I still can login as admin using my old password (which doesn't confirm to any password policy as this is only a local development installation after all) but are prompted to change my password again and again - to no avail (see screenshot)
          Hide
          Petr Skoda added a comment -

          confirming, the code logic is wrong

          Show
          Petr Skoda added a comment - confirming, the code logic is wrong
          Hide
          Petr Skoda added a comment -

          I have found a logic problem in the code, the first weak password was forcing change of all subsequent users in the file.
          the changing of passwords works fine for me, it might be a separate problem

          thanks for the report

          Show
          Petr Skoda added a comment - I have found a logic problem in the code, the first weak password was forcing change of all subsequent users in the file. the changing of passwords works fine for me, it might be a separate problem thanks for the report
          Hide
          Ray Lawrence added a comment -

          Petr,

          I started with the strong password.

          Show
          Ray Lawrence added a comment - Petr, I started with the strong password.
          Hide
          Petr Skoda added a comment -

          does it work fine for you now? if not, are you able to replicate the problem on another site?

          Show
          Petr Skoda added a comment - does it work fine for you now? if not, are you able to replicate the problem on another site?
          Hide
          Ray Lawrence added a comment -

          It works on updated site. Thanks.

          Show
          Ray Lawrence added a comment - It works on updated site. Thanks.
          Hide
          Frank Ralf added a comment -

          My problem seems to persist even after updating today to 1.9.7 (Build: 20091126).

          Which CVS branch is the most current one I should use for testing:
          19_BETA, 19_CLI, 19_MERGED, 19_STABLE, 19_WEEKLY?

          Can I disable the password policy somehow directly in the database?

          Show
          Frank Ralf added a comment - My problem seems to persist even after updating today to 1.9.7 (Build: 20091126). Which CVS branch is the most current one I should use for testing: 19_BETA, 19_CLI, 19_MERGED, 19_STABLE, 19_WEEKLY? Can I disable the password policy somehow directly in the database?
          Hide
          Petr Skoda added a comment -

          MOODLE_19_STABLE is the branch with last code, MOODLE_19_WEEKLY is the recommended tag for updating via CVS.
          You can force most setting by hardcoding values in config.php

          Show
          Petr Skoda added a comment - MOODLE_19_STABLE is the branch with last code, MOODLE_19_WEEKLY is the recommended tag for updating via CVS. You can force most setting by hardcoding values in config.php
          Hide
          Frank Ralf added a comment -

          I did a fresh install of Moodle 1.9.7 (Build: 20091126) with an empty database which worked alright.

          The only difference to 1.9.6 I noticed was the $CFG->passwordsaltmain = '3nKMDLHM^<7<z k^c65?TL-&P,.Hfd!6'; entry in config.php.

          And in 1.9.7 Password Policy is enforced by default. I checked manually that passwordpolicy was indeed set to 0 in the old database. I fiddled around a bit with those password settings but to no avail.

          My conclusion is that the code base is OK but there must be some permissions setting in the old database for the admin user which forces him to change his password again and again. But changing the password doesn't seem to work either, even when following the password policy rules. So he's stuck.

          Show
          Frank Ralf added a comment - I did a fresh install of Moodle 1.9.7 (Build: 20091126) with an empty database which worked alright. The only difference to 1.9.6 I noticed was the $CFG->passwordsaltmain = '3nKMDLHM^<7<z k^c65?TL-&P,.Hfd!6'; entry in config.php. And in 1.9.7 Password Policy is enforced by default. I checked manually that passwordpolicy was indeed set to 0 in the old database. I fiddled around a bit with those password settings but to no avail. My conclusion is that the code base is OK but there must be some permissions setting in the old database for the admin user which forces him to change his password again and again. But changing the password doesn't seem to work either, even when following the password policy rules. So he's stuck.

            People

            • Votes:
              1 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: