If a user is disabled in your Active Directory, it should be deactivated in the licensing too.
The standard state is now deactivated for synced accounts.
Maybe we can change this throw a Setting for a standard state.
The codes comes from this site:
http://www.netvision.com/ad_useraccountcontrol.php
This fixes a bug where the field was (correctly) disabled if the editing user isn’t a superadmin, but because the field was disabled, it would clear the permission groups.
* refactor to clean up LDAP login, and make the login method easier to handle.
* Login refactor cleanup
* Google 2FA package
* Adds Google Authenticator two-factor
* Removed unused blade
* Added optin setting in profile
* Removed dumb comments
* Made lock_passwords check more consistent
* Additional two factor strings
* Lock passwords check
* Display feature disabled text if in demo mode
* Two factor admin reset options
* Translation strings
* Early layout work on a cleaner permissions interface
* Cleanup layout. Make new permissions view work. Still needs some css and javascript improvements. Also need to do the same thing to the group view.
* Improve styling, add javascript to toggle an entire group of permissions if choosing the permission on the header row. Would be nice to add collapsing of sections in the future.
* Toggle viewing sections.
* Special case places where we only have one item in a group to only display the item once.
* Filter getCreate the same way.
* commit temporal
* final translation commit -- added email translations
* final translation commit -- removed file for spanish translations
* final translation commit -- removed file for spanish translations
* added missing translations
* method overrided and config files back to default
* config files back to default
* config files back to default
* Save progress
* Create a new action_log table to replace asset_log. Use Polymorphism to generalize class and targets. Port everything I can find to use it. Add a migration to port the asset_logs table to action_logs.
* Allow accepted_id to be nullable.
* Comment out the thread_id migration, because it b0rks on a new database with the move. I'm unsure if the thread_id does anything...It doesn't seem to be used
* Clean up all old methods from Actionlog model. Port everything to use new cleaner interface.
* Port the actionlog factory to fix travis.
* Adjust code to work on php5. Also fix lurking adminlog call.
* Remove weird code
* Port the pave command. Also fix dangling adminlog
LDAP no longer fails completely when the connection settings are wrong, or when app key is messed up. Rather than auth as the admin user and search, we auth as the user themselves. Admin auth is only for LDAP sync now.
This should mean much fewer problems with donked LDAP settings and login.
