02 September 2012, 21:00

Hi all,

I have been successfully using Mahara at my school for almost a year now. Wonderful software (and we have a huge uptake among the staff and students), however, I am starting to have an issue.

Accounts seem to be getting locked out. It seems, after a user enters an incorrect login/password combination, they will forever more receive the followng error message ...

I have tried resetting the passwords from within Mahara and even using a query directly in the SQL database. We are using LDAP to connect the login system with our Active Directories server. As I said, this has worked flawlessly until very recently. 

I have tried setting the user to not use LDAP, but rather rather Authenticate using "No Institution:Internal" - without success.

My Question ... 

Which field in the SQL database points to the user's number of login attempts ... I suspect this is not being reset - even after a password change - and the user's issues relate to exceeding the valid number of login attempts. I was going to reset this number but am unsure about which field and what the default value should be.

02 September 2012, 21:20

Ooops - forgot system Info

Mahara 1.5.1

MySQL 5.1.54

Ubuntu 11.04

Win 2003 Domain 

 

BTW : I've already tried this one ...

<?php
define('INTERNAL', 1);
define('PUBLIC', 1);
require('init.php');
require_once('auth/lib.php');
$user = get_record('usr', 'id', 123);
$user->password = 'changeme';
reset_password($user);

02 September 2012, 22:52

Hi Bernie,

It's a table field called 'logintries'. It just needs to be set to 0.

There is a cron task for this, which just sets everyone's logintries score to 0 when cron runs, so if this isn't happening automatically, it probably means either your cron isn't running, or something has happened to make the cron stop before it gets to this task. You should check what's up there.

Thanks,
Melissa

02 September 2012, 23:03

Yep, you are right. I reset the logintires to 0 and it all worked again. Also, cron isnt running, so I will look at that next. Thanks for the support.

02 September 2012, 22:54

Hi Bernie,

It sounds like you don't have cron set up. See the following to how to set it up. https://wiki.mahara.org/index.php/System_Administrator%27s_Guide/Cron_Job

As for which field stores the login count. The table is usr, and the field is logintries.

Cheers,

Hugh

22 June 2013, 11:23

New to Mahara and just setting it up and of course have locked out one of my accounts. I found this thread and 'No' I don't have CRON set up and yes I am able see my USR table but if I am reading the entry correctly in he logintries field, the setting is '0' already. Please see below:

Field
Type
Length/Values1
Collation
Attributes
Null
Default2
Extra
Comments

Am I mis-reading something?

TIA,

Jeff

22 June 2013, 11:26

Addendum...values for the above post:

Field | logintries

Type | TINYINT

Length/Values | 1

Null | notnull

Default | 0

25 June 2013, 0:06

As far as I'm aware, setting logintries to 0 should do it. Perhaps you set it for the wrong user? Try doing this.

UPDATE usr SET logintries=0

That will reset the logins for all users.

Cheers,
Aaron

25 June 2013, 1:32

Thank You Aaron. My inexperience working with SQL tables was tripping me up. I figured it out but I appreciate the reset all command below as I have a feeling I will need that ...at least until I get cron setup.

 

best, Jeff

26 March 2014, 8:24

To Jeff and to everyone who will read this forum at some point:

It is important you set up a cron task for Sahara, because many features require that a corn job is ran regularly.

It is one of the common mistakes that make the mails/messages being not delivered or users blocked when then have failed too many times to enter their password

Regards
dajan