Code for checking and blocking LDAP users to reset password.
/**
* Checks whether a user is LDAP user and restricts to reset password.
*
* @param bool $allow Whether the password can be reset.
* @param int $user_id The ID of the user.
* @return bool|WP_Error
*/
function ldap_restrict_password_reset( $allow, $user_id ) {
$user = get_user_by( 'id', $user_id );
if ( ! empty( $user ) ) {
$user_login = stripslashes( $user->data->user_login );
$user_email = stripslashes( $user->data->user_email );
// check if the user a LDAP user
if( $user_email === '[email protected]' ) {
return new WP_Error('no_password_reset', __('Password reset is not allowed for this LDAP user on this site.'));
}
}
return $allow;
}
/* Filters whether the user's password can be reset. */
add_filter( 'allow_password_reset', 'ldap_restrict_password_reset', 10, 2 );
Note: Please add code to get and check if the user is a LDAP user or not.
=========================================================
These are some of the hooks that you can use to stop sending email and show error message.
/**
* Fires before a new password is retrieved.
*
* @since 1.5.1
*
* @param string $user_login The user login name.
*/
do_action( 'retrieve_password', $user_login );
/**
* Filter whether to allow a password to be reset.
*
* @since 2.7.0
*
* @param bool true Whether to allow the password to be reset. Default true.
* @param int $user_data->ID The ID of the user attempting to reset a password.
*/
$allow = apply_filters( 'allow_password_reset', true, $user_data->ID );
if ( ! $allow )
return new WP_Error('no_password_reset', __('Password reset is not allowed for this user'));
else if ( is_wp_error($allow) )
return $allow;
Above is part of the code taken from wp-login.php file. http://wpseek.com/retrieve_password/