Author Topic: WordPress issue  (Read 791 times)

Offline IceGhost

  • (SOL) Navy Members
  • dedicated
  • ***
  • Posts: 554
  • Kudos: +35/-42
  • Everyone's Favorite Frozen Treat
    • View Profile
WordPress issue
« on: May 15, 2018, 06:18:38 pm »
Does anyone know anything about WordPress?  I'm a SharePoint admin at work, and I got this WordPress site dropped in my lap.  Only problem is that a new user authenticated to the site, but their user account isn't showing up in the user list no matter if I search by the userid or the user's name.  They can view and use the site just fine, so I don't understand what the hell is going on.


Offline Pyldrvr

  • Superman
  • Administrator
  • pro user
  • *****
  • Posts: 3040
  • Kudos: +126/-113
  • Superman
    • View Profile
    • The Gameslapper
Re: WordPress issue
« Reply #1 on: May 15, 2018, 07:28:29 pm »
I'm pretty decent with word press. I'd probably have to poke around a bit to figure out exactly what you are talking about or what the issue might be.

Offline IceGhost

  • (SOL) Navy Members
  • dedicated
  • ***
  • Posts: 554
  • Kudos: +35/-42
  • Everyone's Favorite Frozen Treat
    • View Profile
Re: WordPress issue
« Reply #2 on: May 15, 2018, 07:50:01 pm »
Unfortunately, it is a DoD site.  So even if I gave you the URL you would get a big, fat rejection page from the server.  But I can try my best to describe the situation.

So when a new user authenticates to the site using their smart card, the site is set up to pull the user's credentials from Active Directory and compare them to the certificates on the smart card for authentication.  If it is their first time visiting the site, the user's credentials are used to automatically create a new user account in WordPress.

However, I had a particular user log onto the site for the first time because I needed to upgrade their role on the site as a new admin.  I went to look for their account on the User panel in the WordPress management console, and for the life of me, I cannot find their WordPress user account.  Yet, this person is able to authenticate to the site and browse the site just fine as a regular user.  So I am a bit stumped.


Offline Rumblood

  • (SOL) Navy Members
  • not so noob
  • ***
  • Posts: 485
  • Kudos: +33/-53
    • View Profile
Re: WordPress issue
« Reply #3 on: May 15, 2018, 08:41:55 pm »
Are they connecting the test site url instead of the live one?

Offline IceGhost

  • (SOL) Navy Members
  • dedicated
  • ***
  • Posts: 554
  • Kudos: +35/-42
  • Everyone's Favorite Frozen Treat
    • View Profile
Re: WordPress issue
« Reply #4 on: May 16, 2018, 08:10:22 am »
Are they connecting the test site url instead of the live one?
I had them connect to both.


Offline Pyldrvr

  • Superman
  • Administrator
  • pro user
  • *****
  • Posts: 3040
  • Kudos: +126/-113
  • Superman
    • View Profile
    • The Gameslapper
Re: WordPress issue
« Reply #5 on: May 16, 2018, 09:37:10 am »
Is there two pages and you need to click on the 'page 2' link?  :blush:

Offline Bannta

  • (SOL) Navy Flowers
  • pro user
  • ***
  • Posts: 1793
  • Kudos: +85/-77
  • Got Sheep?
    • View Profile
Re: WordPress issue
« Reply #6 on: May 16, 2018, 10:05:26 am »
Unfortunately, it is a DoD site.  So even if I gave you the URL you would get a big, fat rejection page from the server.  But I can try my best to describe the situation.

So when a new user authenticates to the site using their smart card, the site is set up to pull the user's credentials from Active Directory and compare them to the certificates on the smart card for authentication.  If it is their first time visiting the site, the user's credentials are used to automatically create a new user account in WordPress.

However, I had a particular user log onto the site for the first time because I needed to upgrade their role on the site as a new admin.  I went to look for their account on the User panel in the WordPress management console, and for the life of me, I cannot find their WordPress user account.  Yet, this person is able to authenticate to the site and browse the site just fine as a regular user.  So I am a bit stumped.

Without being able to poke a stick at it without access....do any of these issues follow yours?

http://www.wpbeginner.com/wp-tutorials/how-to-fix-wordpress-login-page-refreshing-and-redirecting-issue/

https://stormpath.com/blog/secure-user-authentication-in-wordpress


"Strike me down with it! Give into your anger! With each passing moment, you make yourself more my servant....wait?! I was just kidd...." ~ Quote Darth Plagueis

Offline Twinky

  • (SOL) Navy Members
  • dedicated
  • ***
  • Posts: 618
  • Kudos: +20/-18
  • Yep.
    • View Profile
    • Steam Profile
Re: WordPress issue
« Reply #7 on: May 16, 2018, 10:21:06 am »
Try removing AD auth to see if they get blocked would also check event logs to catch the login info. Also, would have them check their profile when logged in to see what it looks like. Those would be my starting points.
I'll try anything once and do it again for fun.

Always out numbered. Never out gunned.
Twitch: TwinkyGTV
Twitter: @BigNopes
Steam: http://steamcommunity.com/id/bigtxn

Offline Rumblood

  • (SOL) Navy Members
  • not so noob
  • ***
  • Posts: 485
  • Kudos: +33/-53
    • View Profile
Re: WordPress issue
« Reply #8 on: May 16, 2018, 07:41:28 pm »
Unfortunately, it is a DoD site.  So even if I gave you the URL you would get a big, fat rejection page from the server.  But I can try my best to describe the situation.

So when a new user authenticates to the site using their smart card, the site is set up to pull the user's credentials from Active Directory and compare them to the certificates on the smart card for authentication.  If it is their first time visiting the site, the user's credentials are used to automatically create a new user account in WordPress.

However, I had a particular user log onto the site for the first time because I needed to upgrade their role on the site as a new admin.  I went to look for their account on the User panel in the WordPress management console, and for the life of me, I cannot find their WordPress user account.  Yet, this person is able to authenticate to the site and browse the site just fine as a regular user.  So I am a bit stumped.

Okay, maybe I'm rusty but if you are using Active Directory I wouldn't be setting up individual accounts. I would set up a user for an AD group, assign the rights to it, and assign the individual users to the AD group. Make one for regular users and admins. That way you aren't chasing down individual users for granting or removing permissions individually in other systems. You get a new employee you assign them to all of the AD groups of the person that they are replacing.

So in that case you wouldn't find them. To upgrade their role place them into the admin AD group.

Have you been able to track down a new user in the Wordpress tables before?

Offline IceGhost

  • (SOL) Navy Members
  • dedicated
  • ***
  • Posts: 554
  • Kudos: +35/-42
  • Everyone's Favorite Frozen Treat
    • View Profile
Re: WordPress issue
« Reply #9 on: May 17, 2018, 08:03:22 pm »
Unfortunately, it is a DoD site.  So even if I gave you the URL you would get a big, fat rejection page from the server.  But I can try my best to describe the situation.

So when a new user authenticates to the site using their smart card, the site is set up to pull the user's credentials from Active Directory and compare them to the certificates on the smart card for authentication.  If it is their first time visiting the site, the user's credentials are used to automatically create a new user account in WordPress.

However, I had a particular user log onto the site for the first time because I needed to upgrade their role on the site as a new admin.  I went to look for their account on the User panel in the WordPress management console, and for the life of me, I cannot find their WordPress user account.  Yet, this person is able to authenticate to the site and browse the site just fine as a regular user.  So I am a bit stumped.

Okay, maybe I'm rusty but if you are using Active Directory I wouldn't be setting up individual accounts. I would set up a user for an AD group, assign the rights to it, and assign the individual users to the AD group. Make one for regular users and admins. That way you aren't chasing down individual users for granting or removing permissions individually in other systems. You get a new employee you assign them to all of the AD groups of the person that they are replacing.

So in that case you wouldn't find them. To upgrade their role place them into the admin AD group.

Have you been able to track down a new user in the Wordpress tables before?

The integration with AD is just a WP plugin.  It doesn't carry over group policies or anything.  So basically when you log into this WP site for the first time, the plugin sees you are logging in with AD credentials and automatically makes a WP user account from it with a default role.  We see the user count growing, so we know user accounts are getting made, but this one user's account just doesn't show up in any user lists for some reason.


Offline IceGhost

  • (SOL) Navy Members
  • dedicated
  • ***
  • Posts: 554
  • Kudos: +35/-42
  • Everyone's Favorite Frozen Treat
    • View Profile
Re: WordPress issue
« Reply #10 on: May 22, 2018, 09:00:43 pm »
So in the end, I ended up manually creating the account.  Had the user log in using a username/password.  Then after they logged in with that, their smart card credentials started being cached on the site and they didn't have to log in with the username/password to get to the admin console.  I'm still not really clear why that worked, but at least it's taken care of for now.  :shrug:


Offline Pyldrvr

  • Superman
  • Administrator
  • pro user
  • *****
  • Posts: 3040
  • Kudos: +126/-113
  • Superman
    • View Profile
    • The Gameslapper
Re: WordPress issue
« Reply #11 on: May 23, 2018, 08:33:50 am »
So in the end, I ended up manually creating the account.  Had the user log in using a username/password.  Then after they logged in with that, their smart card credentials started being cached on the site and they didn't have to log in with the username/password to get to the admin console.  I'm still not really clear why that worked, but at least it's taken care of for now.  :shrug:
Computers are assholes.

Offline IceGhost

  • (SOL) Navy Members
  • dedicated
  • ***
  • Posts: 554
  • Kudos: +35/-42
  • Everyone's Favorite Frozen Treat
    • View Profile
Re: WordPress issue
« Reply #12 on: May 23, 2018, 08:10:23 pm »
So in the end, I ended up manually creating the account.  Had the user log in using a username/password.  Then after they logged in with that, their smart card credentials started being cached on the site and they didn't have to log in with the username/password to get to the admin console.  I'm still not really clear why that worked, but at least it's taken care of for now.  :shrug:
Computers are assholes.
Word


Offline Rumblood

  • (SOL) Navy Members
  • not so noob
  • ***
  • Posts: 485
  • Kudos: +33/-53
    • View Profile
Re: WordPress issue
« Reply #13 on: May 24, 2018, 08:03:11 am »
So in the end, I ended up manually creating the account.  Had the user log in using a username/password.  Then after they logged in with that, their smart card credentials started being cached on the site and they didn't have to log in with the username/password to get to the admin console.  I'm still not really clear why that worked, but at least it's taken care of for now.  :shrug:
Computers are assholes.
Word

 :The_Villagers:

Offline Bannta

  • (SOL) Navy Flowers
  • pro user
  • ***
  • Posts: 1793
  • Kudos: +85/-77
  • Got Sheep?
    • View Profile
Re: WordPress issue
« Reply #14 on: May 25, 2018, 07:07:22 am »
So in the end, I ended up manually creating the account.  Had the user log in using a username/password.  Then after they logged in with that, their smart card credentials started being cached on the site and they didn't have to log in with the username/password to get to the admin console.  I'm still not really clear why that worked, but at least it's taken care of for now.  :shrug:
Computers are assholes.

That's because they runoff of cat logical which is satanic by nature.


"Strike me down with it! Give into your anger! With each passing moment, you make yourself more my servant....wait?! I was just kidd...." ~ Quote Darth Plagueis