I've seen many problems with passwords caused by the configuration, but I can't find my own problem, so I'll explain:
- I change a password on LDAP.
- I can log with the new password.
- I can log with the old password.
- I can't log with any other password.
It's been a month since I changed the password and it still lets me log in.
My configuration is:
Create user if not in Tiki? Yes
Create user if not in Auth? No
Just use Tiki auth for admin? Yes
I look for stored passwords on users_users table but it's all empty.
I can only think that when I use the new password, the authentication comes from LDAP. When I use the old password it's MySQL that logs me in. But where's the old password stored?