Automatic account registration and LDAP + local users

I didn’'t see anything about this elsewhere in the forums…

Is there a way to automatically create a user’‘s account the first time they log in (after they successfully authenticate with the LDAP)? This way they don’'t have to go through the registration process with their client and input a potentially different password…

The scenario is this: I have Jive Messenger set up to authenticate using LDAP but not provide any user information from LDAP. For now, the standard database provides roster storage and all other user information. I’'m using Jive Messenger 2.3.0. I must go through the registration process with any password I choose and after which I can log in using my LDAP username/password… This seems awkward.

Also, when the account is created, I am then able to log in using BOTH my LDAP password and the password set in the database. Is there a way to disable this behavior to only allow LDAP credentials?

A slight clarification: the admin console only accepts LDAP credentials but the connection clients accept both LDAP credentials and those stored in the database.

Thanks.

Message was edited by:

kzantow

Well, I figured out an answer to 1/2 of my post: the DefaultUserProvider which uses the database allows password retrieval. If the LDAP authentication was failing, JM was attempting to match the password with the one being returned. I wrote a UserProvider wrapper for it which returns false when asked if it supportsPasswordRetrieval.

I also solved my other issue by adding the functionality in the UserProvider wrapper during loadUser() it check to see if the user exists. If the user doesn’'t exist, it creates a user entry. It appears to reliably only make it there after a successful authentication. Does this sound right?