Log LDAP edits performed via Drupal website, or remove the functionality

[strk]

I found out LDAP database can be also edited via Drupal, from URLs like: ​https://www.osgeo.org/user/409/edit/ldap_user_data (where 409 correspond to my own username).

For simplicity we might want to disable that form and have users sent to the LDAP editing form: ​https://www.osgeo.org/cgi-bin/auth/ldap_edit_user.py

Or, at least, we should have the Drupal mediated editing form also log edits, like the ldap-specific form linked above does since a few weeks.

For additional info: I noticed the Drupal form allows setting a "First Name" (givenName in LDAP database) whereas the ldap_edit_user.py script does not allow that (in case we want to add that).

[rduivenvoorde]

Yep, not working... If I go to

​https://www.osgeo.org/user/91/edit

to (I thought being able to change my password after a password reset), you cannot even reset it there, as you get this image: ​https://duif.net/osgeo.png

Then trying to to click in the red-warning-bar link 'Have you forgotten your password' sents you to

​https://www.osgeo.org/user/password

which shows 'Access Denied'

This link should either be:

​https://www.osgeo.org/cgi-bin/auth/ldap_edit_user.py

where I CAN succesfully change my password, OR this fields there should just be hidden/replace by the ldap_edit_user.py link...

[strk]

Richard can you try again now ? I tried and I was able to change the password (only the change is not logged).

Also now I've tweaked the text you get when requesting a new password (new account). From "Disabled by administrators" to "Go to <link> to register new account"

[robe]

I'm closing these since all these have been redirected to id.osgeo.org which I think is logged.