The company I work for operates an internal drupal websites that I built. Everyone authenticates using their Microsoft Active Directory user accounts. That means that Microsoft Active Directory handles their passwords and email addresses and a host of other things that Drupal would normally handle if we were just authenticating against the database. Therefore one item that I no longer want to display (as it has led to end user confusion…) is the “Request New Password” tab that appears on the user login page.
I will stop for a moment and give a plug for the “Login Toboggan” module on pretty much all of my drupal sites as it gives a lot of added bells and whistles when it comes to controlling the user sign-up and login process. I think the following method applies if you are just using Drupal’s default login method though. I wish Login Toboggan had the particular feature I am asking for right now… unfortunately it does not. Continuing on…
Okay, so there are plenty of “headache-some” ways to go about getting rid of the “Request New Password” form that involve such horrors (horrors for me as I am not a strong coder…) as PHP hook_form alter stuff and other scary terminology. I have built extremely basic custom PHP modules, but honestly that is, imho, a lot of work for a rather basic feature. So I tackled this problem via custom CSS.
CSS = Cascading Style Sheets – if you didn’t know that, you might need to leave this page and go do a few tutorials on modern website theming/styling and development. That isn’t a knock against you, I did quite a bit of drupal modification and web development without having a good handle on CSS… But it was a royal pain due to my ignorance of something that is fairly simple. Everyone of you who are developers that are reading this right now and shaking your head judgmentally at my hypocrisy due to my avoidance of really learning PHP well…. yes… I am sure the principle applies both ways… :)… I just haven’t invested a lot of time in PHP yet so I am sure I a currently shooting myself in the foot at present in that regard.
So, I am using the Corolla ATK sub-theme which has a place for custom CSS which is oh so useful. If your theme doesn’t have this, you will need to edit your CSS files directly but honestly that is still easier than putting together even a simple module in my opinion.
Add the following line to your CSS
And the tab disappears. The page is still there and anyone can visit it by manually typing it into their URL bar. But this effectively solves my (and probably most peoples) actual issue of not wanting end users messing with password resets on a regular basis. The method above us a little trick that is extremely handy in CSS, namely attribute targeting.
It works like this….
“a” – that is the html link tag.
“href” – an attribute for the “a” tag… in this case the URL the link is taking us to.
“/user/password” – the value of the attribute.
So we want to hide this SPECIFIC link using CSS. So we target. We say we want the CSS to apply to “a” tags and then we have , inside of which is the specific attribute that must be present for the CSS to be applied. Very useful little trick. For further treatment on this CSS topic you can check out http://css-tricks.com/attribute-selectors/
Okay… you are probably wanting to hide the password change fields on the User’s edit page as well? Very easy to do… Drop these lines into your CSS:
That will hide the password fields on the user edit page. The one thing I will caution you about is that you make a note of this somewhere as it hides these fields for everyone, including administrative users. So changing another user’s password will be troublesome. In my use-case, we are using Active Directory so Drupal isn’t actually managing user passwords at all so this solution works for me. Anyhow, thought I would throw a post up as when I researched this topic I found a lot of folks going about things the hard way and/or not going about it at all :).