First off, I very much appreciate the effort to add LDAP authentication directly to the XOOPS core!

My site (2.0.12) currently uses the authentication hack to perform LDAP authentication. I've installed 2.2.1 on a test machine and have configured it to attach to my LDAP server.

Here's my problem, it looks as though I am authenticating, but since my corporate account hasn't technically been created on the new site, it am getting a login error (after successfully authenticating).

The authentication hack would automatically create the new account whenever a new corporate user gets successfully authenticated against the LDAP server. But XOOPS 2.2.1 seems to have dropped that from it's implementation. Is this correct?

If so, what about passwords? If a user registers at my site, but uses the corporate LDAP server to authenticate, what happens when the user changes the LDAP server's password? They won't have also updated their password on my site. Does that mean that they'll authenticate, but still can't log in?

Let me finish this note by stating that corporate users really don't care about their accounts on the network. Using a XOOPS site should be transparent to them since their account/password is already handled elsewhere. Is it possible to update the 2.2.1 code to change the LDAP behavior to 1) create/activate accounts automatically for LDAP authenticated users and to 2) ignore the current XOOPS password for LDAP authenticated users?

Thanks in advance, and thanks for the great work.