We have an internal site running with users registering and using passwords, but we want to switch to using LDAP against our corporate directory.
We've tested the ldap plugin, but it treats an ldap login as a new user, and it would be better if our users could keep their existing accounts and history, while switching from password login to LDAP login.
I've made a small patch to user.php which treats a new ldap login as belonging to an existing user if the ldap email matches the existing user email, but is this a sensible way? If I made a PR against 1.8 to support this behaviour as a non-default config option, would it be considered?
This user appears to have wanted the same thing: http://www.question2answer.org/qa/51868/active-external-user-when-question2answer-already-installed
The changes are in https://github.com/andrewmcguinness/question2answer/tree/acctlink18
There are three issues with it:
- It's not tested against 1.8 -- We're actually running 1.7.4 and it appears to work as intended there
- It doesn't distinguish different external user sources; it's good for LDAP, but anyone who logs in with a plugin that works the same way as the LDAP plugin, but who can control the email address on the source can effectively hijack anybody's account by setting their email address to match the victim in the external service and then logging in using that service and linking their login to the existing account.
- Both login methods will work for the merged account, which is OK, but there's no way to get rid of the password if you decide you don't want it any more. I imagine we will wipe them as a one-off at some point in the future once our users are used to using LDAP.