Reproduced in 7.13.2

Ldap user in read-only user directory still gets a reset password email. The change won't take as it's read-only, but it's confusing for users to see the option, get the email, and input a new password, when it's not something they are able to do.

Why this issue is closed is beyond me. It works as intended in Jira, why have different handling in Confluence?

Hi epyshnograev
I leave comment here since I've confirmed this was reproduced in v.6.15.6

entering "admin" generates an email from server, while entering "ldapuser" doesn't generate any email.

was different from my case. ldap user also generated an email,

and end up with an internal error.

Tested using OpenLDAP with read only setting. 

I've spinned up Confluence 6.13.0 and attached Readonly LDAP directory (screenshot below)

This directory contains single user "ldapuser". After syncing the directory I've compared Profile -> Settings windows for admin (internal user) and ldapuser (newly imported user). Please see below two screenshots where ldapuser doesn't have "Password" link on the left sidebar:

I've also checked behaviour of "Forgot password" link in the login screen. Please note, that it is impossible to disable this link because since the user is not logged in, we don't know the directory user belongs to. After clicking "Forgot password", there's a prompt when the user can enter the username.

I've checked, that entering "admin" generates an email from server, while entering "ldapuser" doesn't generate any email. Success screen for "ldapuser" contains "please contact admins if you haven't received an email", which makes sense. Please see screenshot below:

To summarize, both things

• reset password in profile
• forget password email

worked as expected. They were not available for user from readonly LDAP. I'm going to close the ticket again as "Not reproducible". In case I'm missing something, please write a comment with a scenario how I can reproduce the problem. I'll be happy to investigate this deeper and fix the problem if I have the scenario.

Thanks in advance.

Hi Ithai and Rudolf,

Thanks for taking your time to write your comments. I'm going to test this issue again on the latest Confluence version and check if it reproduces.

how can I disable it?

solved is cool, but HOW?

its not solved in

Your post is confusing me a bit to be honest ...

So you tested against an old stale version aka 6.3.4, that is already more then half a year old, and since it works there you just assume it works for all newer versions?

Regression is not something you are are aware off?

Looking at the posts here  I see people commenting past the 6.3.4 release date mark, so maybe just maybe they have newer versions?

Please re-open and at least test against latest version, to be absolutely sure it's gone.

Also I don't see a reference to the aforementioned issue: The 'Forgot Password' link on the login screen should also be made unavailable.

Has this been taken care off?

I am still trying to figure out why you did not just test against latest version from the get go ...

I.

Hi all,

I've tested this on Confluence 6.3.4 and this problem does not appear.
1. 'Password' link is not appearing in user profile
2. 'Forgot Password' link does not generate any email for the user from readonly LDAP

I'm closing the issue as not reproducible anymore

I got many tickets / email from users saying that they changed password but they cannot login. I need the same functionality as well.

I am curious if there's any update on this issue as well.

Any update on this issue?   As https://jira.atlassian.com/secure/ViewProfile.jspa?name=jstarbird aptly noted above, "(when) using an external Read Only user manager such as LDAP/Active Directory (Confluence) should automatically have all Change Pasword/Reset Password links disabled/hidden. Rather surprised this hasn't been fixed."