I have been experimenting with verified accounts.
This let to the following situation:
- An account was created by the administrator
- The verification mail was sent
- The account got the unverified state
- The user never clicked the verify link
- The email verification was turned off.
- The user tries to login with his LDAP credentials and gets: "invalid username/password", but actual cause is that the (pre-existing account) account was never verified.
- Need to manually resend the user his welcome message from the administrator account.
- User verifies his account by clicking the link
- User can login with his credentials
This error message is not ideal, the user initially thought he had forgotten his password or locked his account.
Not sure if this is an LDAP auth module specific issue, or a more general problem.