cant access mailwatch after AD password change

[dsheetz]

OK so we had our first user change their password in AD since we installed EFA. They said they tried numerous times and could not access the mailwatch page any more.

We need this to be reliable accounts were working with AD authentication when we first sett it up.

Ideas?

[shawniverson]

What version of eFa are you on? There's a bug in versions below 3.0.2.5 affecting LDAP/AD in MailWatch.

[dsheetz]

EFA-3.0.2.3

[shawniverson]

Here's the problem that was discovered, in case you want to patch it yourself instead of upgrading:

https://github.com/mailwatch/MailWatch/pull/958

[dsheetz]

I found the entry to change but not sure how to modify ...the post is unclear to me

could you be a little more specific as to what to change please?


do I just change myusername to mail? shown below:

(($result = ldap_authenticate($myusername, $mypassword)) !== null)
) {
$_SESSION['user_ldap'] = true;
- $myusername = safe_value($myusername); do I change to $myusername = safe_value$mail
+ $myusername = safe_value($result);
$mypassword = safe_value($mypassword);
} else {
$_SESSION['user_ldap'] = false;

[TheGr8Wonder]

You actually have the answer in your post.

Code to be changed:

Code: Select all

$myusername = safe_value($myusername);

Code to replace the above with:

Code: Select all

$myusername = safe_value($result);

The "-" means this line has been deleted/changed, and the "+" means this is what it was changed to.
(old)

Code: Select all

 - $myusername = safe_value($myusername); do I change to $myusername = safe_value$mail

(new)

Code: Select all

 + $myusername = safe_value($result);

[dsheetz]

got it, thanks YOU DA MAN!