chrosey
commented
5 years ago this is due an security patch in typo3 core. we got the same problem for every new user.
Is there an possibility to overwrite default disabled state?
Closed jmcclane closed 5 years ago
chrosey
commented
5 years ago this is due an security patch in typo3 core. we got the same problem for every new user.
Is there an possibility to overwrite default disabled state?
pi-phi
commented
5 years ago That is caused by the last security update of TYPO3.
Since then all be_users records have the field disabled set to true by default.
As workaround you can modify the TCA of be_users.disabled:
in ext:mysiteconfig/Configuration/TCA/Overrides/be_users.php have a line:
$GLOBALS['TCA']['be_users']['columns']['disable']['config']['default'] = 0;the same would be possible for fe_users, but most auto creation of fe_users needs a disabled state for double opt in.
note: changes in ext_tables.sql have no effect.
As creating enabled users on the fly can be seen as security hole, but activating a lot of users which are handled in an AD could be very much work, it should be configurable whether new records are enabled or disabled. I would like to see a configuration in ig_ldap_sso_auth to enable *_users on automatic creation. (default might be: new users are disabled.)
xperseguers
commented
5 years ago Do you have a link to the security change in Core?
pi-phi
commented
5 years ago https://review.typo3.org/#/c/59521/ line 182
xperseguers
commented
5 years ago
Can anyone help me out on this? W/ a new empty be_user table all imported be_users are disabled.