Registered Members Can't Login

classic Classic list List threaded Threaded
23 messages Options
12
Reply | Threaded
Open this post in threaded view
|

Registered Members Can't Login

TheMagazineCollector
What am I doing wrong with my users’ member registration, verification, and login?

I solicit members for my Nabble Forum through direct e-mail marketing. Interested user-prospects complete my sign up form with Username, E-mail address, Password, and they fill in answers to certain vetting questions.

I then register them with Nabble, and I send an e-mail alerting them to respond to Nabble’s account verification request. I include a screenshot of Nabble’s Registration Confirmation, showing them the click on “Continue,” and I even tell them what verbiage to write in the Request Access box on the Authorized Users Only screen.

Reports back to me from members include:
Some get the Nabble verification e-mails, and some say they didn’t.
Some click on Nabble’s verification URL and get a screen that doesn’t display the “Continue” prompt.
Some tell me that they did enter information nto the Request Access form

On my end as the site administrator, I have not received one Nabble Request Access notification from a pool of over 20 registered users, no matter whether any of them did, didn’t, or couldn’t do the Nabble two-step e-mail verification.

Once I have pre-registered each of the users with Nabble, thereafter I have no ability to help them except to use the list Nabble generates as Authenticated users (Options > Users > Manage Users & Groups > Authenticated) to tell me who are now “of record” with Nabble. But I already know that, since I registered them.

Note that, since I have not received any user Request Access notifications whatsoever regarding my 20+ registered users, I do not have a reliable resource that indicates whether a specific user has, or has not, verified his/her e-mail address with Nabble.

I have entered all of my users into my Members list. That didn’t solve anything. Even though I have been able to login to some of my members’ Nabble accounts, none of them apparently can.

I simply do not know whether anyone on the Nabble’s Authenticated list, or my Members list has taken any further action, especially if they have (or not) responded to Nabble’s address-verification e-mail. I am helpless without any information from Nabble on user status upon which I can reliably act. Short of pestering people I’ve already registered, I have no way of knowing anything, especially who has, or hasn’t, already verified their e-mail address. If I could know that critical piece of information, I could then perhaps deal with doing something knowledgeably.

My drop-out rate of frustrated members is fast approaching 100%.

I have prepared a more-full written explanation for Nabble of what is (or isn’t) happening, along with some of my thoughts on solutions that could make a difference.

Regards,
TheMagazineCollector
Reply | Threaded
Open this post in threaded view
|

Re: Registered Members Can't Login

mywaytoo
I'm still pretty new to Nabble, so can only add my ideas which may/may not be helpful...

Have you set up Permissions... Outermost layer of Nabble > Options > Users > Change Permissions, and look at Manage Users and Groups too...

As you are using email, which I have no experience of yet, check in... Users > Manage Subscribers > Add Subscribers > Invite Subscribers...

Hope this might be helpful...
Anne
Reply | Threaded
Open this post in threaded view
|

Re: Registered Members Can't Login

TheMagazineCollector
Anne,

Thanks for the feedback.  Yes, I have set my Permissions for “Members,” except for activities that I have reserved for Administrator. Further, my members are not Subscribers who simply want an RSS feed. As I understand it, Subscribers cannot post, comment, or reply. Inviting them is not the same as registering my pre-qualified users whom I have pre-registered.

My issue is one of knowing more about what my pre-registered users have or haven’t done once Nabble sends out its address-verification e-mail to each of them. Perhaps the following sequence of events in getting a user from the Registration form, to actually becoming a member who is capable of logging in, might shed some light:

1.   User (or Administrator) fills out Nabble Registration form…Authenticated list informs Administrator
2a.  Nabble sends user e-mail address verification…Administrator assumes it happened
2b.  User receives e-mail address verification…Administrator and Nabble assume it happened
2c.  User did not receive e-mail address verification… Nabble knows it (bounced e-mail) but does nothing, such as removing bad e-mail address from Authenticated list… Administrator doesn’t know
2d.  User received, but does not click on e-mail address verification URL…Administrator doesn’t know
2e.  User clicks on e-mail address verification URL…Administrator doesn’t know
3a.  User has clicked on address verification and is automatically taken to Nabble’s Your Registered webpage…Administrator doesn’t know
3b.  On Nabble’s Your Registered webpage, user fails to use Request Access form…Administrator doesn’t know
3c.  On Nabble’s Your Registered webpage, user completes Request Access form…Administrator doesn’t know yet
4a.  Only once 3c occurs does Administrator receive Nabble’s Request Access for approval e-mail.

As the above list shows, an Administrator is blind to what’s happening to a prospective user in steps 2b, 2c, 2d, 2e, 3a, and 3b. The Administrator has no way of monitoring progress (or delays/failures) through the most important user actions. Therefore, the Administrator cannot meaningfully communicate with a prospective member about what actions they still have to take.

The Authenticated list Nabble provides me is not meaningful, because it just tells me who has filled out the registration form (step 1 in my list). What I think I need is some Nabble mechanism that would give me feedback on those-already-registered (on the Authenticated list) who have – or haven’t yet – performed steps 2b, 2c, 2d, 2e, 3a, and 3b.

For example, I’d been in Administrator heaven if Nabble generated another list in the Manage Users & Groups (let’s call it a “Verified” list) that represents those users who have completed step 2e or 3a in my above list. As an alternative to such a Verified list could be a simple e-mail Nabble automatically sends me.

This point in the process (2e/3a) is important, because the user sees a report on Nabble’s website that he/she is registered, and assumes that they are finished and can login and use my forum. I actually don’t see any reason for this extra step of having a prospective member complete Nabble’s Request Access form. Here’s why not:

1.  Apparently, if an e-mail-verified user doesn’t fill out the Request Access form, Nabble’s default is to do nothing. No notification to the Administrator is provided, therefore, the Administrator can neither intervene with the user to solicit an answer, nor tell Nabble it’s okay to accept the user without a completed Request Access response. Shouldn’t the Administrator be able to override the Request Access by either adding or removing that user’s e-mail address from the Members list in the Manage Users & Groups area?

2. This “extra” request-for-information step is not common to registration processes across the Internet.

3. Feedback from my prospective members indicates that they don’t want to divulge to Nabble (that they don’t know) information that they would otherwise tell me, whom they do know and trust.

4. I’ve had feedback that some users didn’t even see the “Continue” link. A user may believe that they have already performed all necessary action(s) when they see the “Your Registered” screen.

5. Those who self-register are going to lie about why they want to gain access to my forum. I’ve already had two requests to join, both of which turned out to be bogus. Their answers to what they would have submitted on the Request Access form looked totally legit, until I vetted them.

Therefore, for the above reasons, I don’t know why Nabble insists on this extra Request Access step. Instead, maybe Nabble could send me an e-mail (or create a Verified list in the Manage Users & Groups area) informing me that a prospective user’s e-mail address has been verified, then I can decide whether I want to interrogate any users further. After all, Nabble registration changed last year to prospective users registering to a specific application. As such, that would seem to point to an application’s Administrator being more involved and accountable for vetting that Administrator’s registrants.

Anne, I hope that this long-winded explanation has answered you. Maybe, as a newbie, it might spare you the pain I’m experiencing in having lost so many prospective members.

Regards,
TheMagazineCollector
Reply | Threaded
Open this post in threaded view
|

Re: Registered Members Can't Login

GregChapman
Hi,
TheMagazineCollector wrote
Yes, I have set my Permissions for “Members,” except for activities that I have reserved for Administrator. Further, my members are not Subscribers who simply want an RSS feed. As I understand it, Subscribers cannot post, comment, or reply. Inviting them is not the same as registering my pre-qualified users whom I have pre-registered.
I confess I'm a little confused about the whole vetting and registration process you have devised. I think your basic problem is trying to do too much for your users and thereby confusing both them and yourself, plus using inappropriate permissions for your users.

These days people are used to entering a name, email address and password onto a web-based form. If you let them do that themselves, then almost certainly your users will be prepared for the verification email to arrive. After all, filling in that form tells them it is on its way and even warns them about the possibility of the message going to a spam folder! Why bother to act as intermediary and do it for them. Simply post them a link to the sign up form after you've received answers to your vetting questions.

Tell your users that you trust Nabble, so they should - or you may as well stop using Nabble, because it means that in fact your users don't trust you as much as you think. Perhaps your users are as paranoid as you about who they are joining up with. I begin to think you are running a paedophile ring, drug running syndicate or some other illicit activity and your users are as scared of you as they are the police.

Those who use Feeds use software that will announce changes to pages (i.e. posts on the forum). They cannot post unless they also have the appropriate permissions. These are different from "Subscribers", who opt to receive any post via email. Subscribers may also post to the forum by email if they have the appropriate permissions.

My issue is one of knowing more about what my pre-registered users have or haven’t done once Nabble sends out its address-verification e-mail to each of them. Perhaps the following sequence of events in getting a user from the Registration form, to actually becoming a member who is capable of logging in, might shed some light:
It doesn't! It only confirms you are trying to develop an over complex system and your understanding of Nabble has some errors in it!

1.   User (or Administrator) fills out Nabble Registration form…Authenticated list informs Administrator
True. The new name appears as "Unregistered" on the list.

As the Authenticated Lists explains, names on the Authenticated list are users whose email is available in the database. Once they have responded to the verification email (and following a delay till Nabble updates its registration database) they are shown as "Registered", so you CAN tell who has verified an address, although based on my experience, it would appear to take a number of hours.

Many, if not all, your step two points appear based on a false premise!

3a.  User has clicked on address verification and is automatically taken to Nabble’s Your Registered webpage…Administrator doesn’t know
False! The status on the Authenticated List changes!

3b.  On Nabble’s Your Registered webpage, user fails to use Request Access form…Administrator doesn’t know
Why have you set your permissions to demand this. You seem to have driven enough wedges between you and your clients already. No wonder they are all leaving!

3c.  On Nabble’s Your Registered webpage, user completes Request Access form…Administrator doesn’t know yet
I'm confused! How can Nabble send you a message until the form has been completed!

4a.  Only once 3c occurs does Administrator receive Nabble’s Request Access for approval e-mail.
But why are you even forcing your users to go through that step? You seem to have set your permissions unnecessarily high.

The Authenticated list Nabble provides me is not meaningful, because it just tells me who has filled out the registration form (step 1 in my list).
Wrong! It also tells you who has verified the address (Registered) and will also tell you who has deactivated their account.

For example, I’d been in Administrator heaven if Nabble generated another list in the Manage Users & Groups (let’s call it a “Verified” list) that represents those users who have completed step 2e or 3a in my above list.
It's already there. It's called the Authenticated user list! All your other problems appear to be caused by your excessive levels of security that is locking everybody out.

This point in the process (2e/3a) is important, because the user sees a report on Nabble’s website that he/she is registered, and assumes that they are finished and can login and use my forum.
They are, except that you have wrecked their chance of participated by upping the security levels too high.

I actually don’t see any reason for this extra step of having a prospective member complete Nabble’s Request Access form.
This is entirely self imposed!

I’ve had feedback that some users didn’t even see the “Continue” link. A user may believe that they have already performed all necessary action(s) when they see the “Your Registered” screen.
I think this may be a case of you being confused about what you have set up and what they have done. For example were they subscribing when you thought they were registering?

5. Those who self-register are going to lie about why they want to gain access to my forum. I’ve already had two requests to join, both of which turned out to be bogus. Their answers to what they would have submitted on the Request Access form looked totally legit, until I vetted them.
Generally, an audience for a forum will take its lead from its administrator. If you present yourself as being paranoid about your users, then the potential user will become paranoid about what their getting themselves involved in and will test the system. I think this is a case of you reap what you sow.

Perhaps you should explain a little more openly what you are trying to achieve (and why you are so scared of your audience) then it will be easier to help you set the appropriate permissions and other settings for your forum.
Volunteer Helper - but recommending that users move off the platform!
Once the admin for GregHelp now deleted.
Reply | Threaded
Open this post in threaded view
|

Re: Registered Members Can't Login

TheMagazineCollector
Hello Greg,

I find your analysis and explanation quite interesting, yet it still raises some confusion and questions for me which perhaps you can help clarify.

First, all of my three Nabble sites only have the default four headings in the Manage Users area:
     --- Groups
     --- Authenticated
     --- Administrators
     --- Members

I do not find, as your post indicates, any references to how a user’s name “appears as ‘Unregistered’ on the list.” Nor do I see any identifier, as you indicate, that a user on this “Unregistered” list changes to “Registered” once a user has responded to Nabble’s e-mail address verification.

Are you, perhaps, making reference to prospective users who have been invited, or who want to subscribe? For clarification, my situation is about users from whom I have already received a separate membership form. I have already accepted them as qualified users (i.e., Members). Unless I’m missing something, Nabble’s process doesn’t change whether I register them, or they go online themselves and fill out the Registration form. I’ve tested it both ways. Nabble doesn’t know who specifically filled out the initial Registration form.

Indeed, I would agree with you that my premise is quite wrong, except that what you describe simply isn’t happening in any of my three Nabble applications. Instead, once anyone (the Administrator or a user), completes the initial Registration form, the user is then listed on my Authenticated list. Nothing on my Authenticated list changes once a user responds to Nabble’s verification e-mail. Nor does any name in the Authenticated list suddenly appear in my Members list. So how do I distinguish these “Unregistered” from “Registered” users when I view my Manager Users screens?

Please explain explicitly what you see happening on the Authenticated and/or Members lists that distinguishes users who have simply registered (Authenticated list), that differentiates any user on that list who then has verified her/his e-mail address.

My understanding is that I add those whom I accept as members to the Members list, but my testing and user feedback indicates that I must receive an e-mail from Nabble to accept or reject those who completed the Request Access form. Without my response to Nabble’s e-mail to me as to whether I accept or ignore a specific user’s Request Access submittal, the user (authenticated or not), cannot login and use the site. I never have received even one such e-mail from Nabble. However, in my tests of the Nabble process, I did receive Request Access e-mails from Nabble, but only for those test subjects that filled in the Request Access form. For those test subjects who didn’t fill out the Request Access form, I received nothing from Nabble, even though those subjects did validate their respective e-mail addresses.

You also make references to setting Permissions “unnecessarily high.” Specifically, you say that the way I have set my Permissions may have something to do with users failing or being required “to use Request Access form.” I have scoured my Permissions and cannot find any setting that specifically allows me to toggle ON/OFF my desire to have a user complete (or not complete) the Request Access form. Can you please point me to that Permission line item? By the way, since my Nabble sites are private and strictly members-only, I do not have any of the Permissions line items set to include the “Authenticated” category.

Are you addressing Subscribers, too? I’m not. My three Nabble applications are members-only access…NO subscribers. I address subscribers (the public) on my website with RSS feed sign-ups to information on my site (blogs and other public information, but the public cannot subscribe to the three private members-only Nabble forums without becoming a member first.

The process you have described would, indeed, solve many of my problems, so I look forward to your more-detailed information and clarification.

Regards,
The Magazine Collector
Reply | Threaded
Open this post in threaded view
|

Re: Registered Members Can't Login

GregChapman
Hi,
TheMagazineCollector wrote
I find your analysis and explanation quite interesting, yet it still raises some confusion and questions for me which perhaps you can help clarify.
I confess that I wrote my response rather hurriedly and without proper testing of each response. However, it appears that there are three issues to address:

1. You expect Nabble to work in ways that it is not designed to do.

2. You have some inappropriate permission settings.

3. There are currently bugs in the software affecting how things are performing.

Addressing #1:
By default, Nabble's application are almost completely open, as far as reading and posting to the application. Users do not even have to register. Clearly you wish to limit these public abilities considerably. The Nabble assumption is that some administrators will wish to stop "anyone" having access to their forum and, by default, provide two levels of restricted access, "authenticated" and "members".

If you use "authentication" then you will need to change the permissions for "anyone" to remove their access to those things you do not want them to have and, possibly, change some of the default permissions for "authenticated" users as well, depending on the access levels you wish such users to have.

In an experiment yesterday, I found that if I completed the registration form, but did NOT respond to the verification email, I would appear on the list of "People" (You only seem to be looking at the "Manage Users & Groups" screen!) as "Unregistered". Past experience has taught me that normally this changes to "Registered" on receipt of the verification email, although there is a delay in updating that status, so I assume that the servers only process the verification emails and user lists periodically and the status cannot be relied on to update immediately. I have no idea how often Nabble's "housekeeping" takes place.

Furthermore, in my tests yesterday, I went on to change the username, before I responded to the verification email. I now find the user remains on the list of authenticated users as unregistered, in spite of getting the user to delete the account, re-register or change the username back. (This may be because I also got them to subscribe at one point and the username may remain as a result of that. I need to do further tests.)

Traditionally, forum administrators insist upon registration of their users although, in itself, this serves no particular purpose beyond allowing the administrator to claim a certain membership level, by virtue of the numbers who might have once thought they wanted to participate, so registered!

Many forums, allow some users to post in a limited range of areas (sub-forums, to use Nabble jargon) and while allowing others to post in a wider range of areas. (The Nabble Support forum is a case in point, any registered user can post in Free Support, but you must pay to gain access to the Premium Support area.) This possible differential is catered for by the default "Members" group. As with the "authenticated" level, if you are using this facility you are expected to change the permissions for the appropriate sub-forums, to exclude "anyone" and "authenticated" users and allow "members".

Other possibilities are to add other further groups with access to further areas not available to ordinary "members". Typical cases include a "moderators" group who have their own area, invisible even to "members" where possible undesirable posts are moved to while discussion takes place on how to deal with it.

Given your description of pre-vetting your members, I suspect that you need almost none of this and a major part of your problem is a misunderstanding of the purpose of user level access (authenticated, member moderator, etc.) together with inappropriate permissions for the "anyone" and "authenticated" groups. I doubt you need to use the default "member" group at all.

That's why I asked you to spell out what you are seeking to achieve at the end of yesterdays post in terms of how much the public are meant to see, (For most administrators it is useful for publicity to let "anyone" see, if not post, and to give trailers about what's in the other sub-forums to which they don't have access. However, you now reveal that you have a network of sites, blogs, feeds, etc for this purpose). Bear in mind that the convention in the forum world is to upgrade access levels over time as users demonstrate trustworthiness and appropriate posting. It is not the norm to do the major pre-vetting that you appear to do.

Addressing #2
People see the "Request Access" screen because permissions for their group are set to disallow viewing in that forum or sub-forum. Those that have passed your vetting should be in a group that does not have that restriction. It sounds as if you need that restriction on "anyone" but "authenticated" members should have that restriction lifted, assuming membership of "authenticated" means they've passed your vetting process. (If I have understood your requirements you don't need the "Members" group at all. I explain later.)

Addressing #3
In yesterday's experiments when I was adding a user to to my test forum not only did I encounter the unchanging "unregistered" status, but I was also receiving emails with inappropriate wordings. I need to do more work on this to tie down exactly what happens and report it to Nabble. The bugs are confusing to you , me and our users!

-----
First, all of my three Nabble sites only have the default four headings in the Manage Users area:
     --- Groups
     --- Authenticated
     --- Administrators
     --- Members

I do not find, as your post indicates, any references to how a user’s name “appears as ‘Unregistered’ on the list.” Nor do I see any identifier, as you indicate, that a user on this “Unregistered” list changes to “Registered” once a user has responded to Nabble’s e-mail address verification.
That first heading should read "Add New Group" and include a field to enter a new group name. That page is designed for you to add and delete names and addresses, not report on current member status. I am referring to the list revealed when you select the "People" option.

In part, my answer yesterday was based on past experience. However, I can say that on my test list I currently have people listed as both "Registered" and "Unregistered". In the past I have seen the status "Deactivated" and I think others. That's why I believe there is periodic updating/housekeeping of the status. Maybe Deactivated only appears temporarily, until it is actually deleted in the later Nabble  housekeeping session.

Nabble’s process doesn’t change whether I register them, or they go online themselves and fill out the Registration form. I’ve tested it both ways. Nabble doesn’t know who specifically filled out the initial Registration form.
As I understand it, subject to housekeeping delays, the "People" list does show which are "Registered" i.e. have responded to a verification email.

My understanding is that I add those whom I accept as members to the Members list, but my testing and user feedback indicates that I must receive an e-mail from Nabble to accept or reject those who completed the Request Access form. Without my response to Nabble’s e-mail to me as to whether I accept or ignore a specific user’s Request Access submittal, the user (authenticated or not), cannot login and use the site. I never have received even one such e-mail from Nabble. However, in my tests of the Nabble process, I did receive Request Access e-mails from Nabble, but only for those test subjects that filled in the Request Access form. For those test subjects who didn’t fill out the Request Access form, I received nothing from Nabble, even though those subjects did validate their respective e-mail addresses.
As indicated above, you appear to be using inappropriate groups and permissions. On the basis of your description so far, you only require "anyone" and "authenticated" since while you may allow anyone to reach your site, only those you have vetted will have any kind of access. You don't appear to have a third group of users, so "members" is an redundant group for you.

You also make references to setting Permissions “unnecessarily high.” Specifically, you say that the way I have set my Permissions may have something to do with users failing or being required “to use Request Access form.” I have scoured my Permissions and cannot find any setting that specifically allows me to toggle ON/OFF my desire to have a user complete (or not complete) the Request Access form.
It's part and parcel of the VIEW permission. Remove that permission and a user will be presented with the the Request Access screen. Anyone who is in a group of yours that represents "passed vetting" should not have VIEW permission turned off.

since my Nabble sites are private and strictly members-only, I do not have any of the Permissions line items set to include the “Authenticated” category.
This is part of your problem of not understanding that the "members" group in Nabble has no relation to your concept of members. To Nabble it just means the next level of access up from "authenticated". As I understand it you only have two concepts, "Non-members" and "Members". In Nabble terms this translates into "Anyone" and "Authenticated". For your forum, Nabble's default "members" group is redundant.

Are you addressing Subscribers, too? I’m not. My three Nabble applications are members-only access…NO subscribers.
You appear to misunderstand the concept of subscriptions within Nabble. Subscribers are just people who opt to receive the posts they are entitled to see on the forum by email. It is their decision. All you can do is control what pages they see.

Those who can access a page of your forum where they can see a FEED button or access the "Subscribe by email" option on the OPTIONS menu can become a feed recipient or subscriber to that forum and any sub-forum. There are checkboxes offering a similar facility at the post level, so any user with access to a particular page can subscribe to it.
Volunteer Helper - but recommending that users move off the platform!
Once the admin for GregHelp now deleted.
Reply | Threaded
Open this post in threaded view
|

Re: Registered Members Can't Login

TheMagazineCollector
Hello Again Greg,

Sorry for the delayed response. I really appreciate your more-comprehensive followup of 13 March. I have also undertaken further tests, based on your feedback and inputs.

Here's some preliminary grist for the mill:

My forum site's "People" area only allows me to view "Administrators" on the drop down menu on the "Users & Groups" tab.

I temporarily changed the "View" setting on my Permission to include "Authenticated." So far, I have not detected any change in the "People" area, such as seeing the 30 users who have been for a month now on my Manage Users & Group "Authenticated" list. I'm giving Nabble the benefit of the doubt that its server has not yet corrected my Permission settings.

My forum's home page indicates that there are "People in the Forum (18)." Shouldn't those 1.5 dozen names be in my "People" list as "Registered?"

Further, there have been 169 views of the forum (of which perhaps I account for about 30%).

Even with all of the above and without my ability to know anything, a brave sole did post a topic the other day. I know who he is and that he's legit, of course, but only because of my external signup and vetting process. Otherwise, I would have had no idea of who he was and what he was doing.

A very telling thing you brought up was "receiving emails with inappropriate wordings." Do you think that has anything to do with Permissions settings, and not bugs? Did your user also get such emails?

I'll continue my testing and I hope you'll be kind enough to help bring all of these issues to some level of resolution that gets my site functioning.

Regards,
The Magazine Collector
Reply | Threaded
Open this post in threaded view
|

Re: Registered Members Can't Login

GregChapman
TheMagazineCollector wrote
My forum site's "People" area only allows me to view "Administrators" on the drop down menu on the "Users & Groups" tab.
It sounds as if you have been playing with the "Show_group_members" permission - though I have never changed the default for this so don't know what the results might be. By default it's set for all of "Authenticated", Administrators" and "Members".

I temporarily changed the "View" setting on my Permission to include "Authenticated." So far, I have not detected any change in the "People" area,
That setting only affects which forums and sub-forums you can see. It's the setting that controls whether a user sees the "Request Access" screen. As I understand it (untested!) it's the "Show_group_members" that will affect the options on the "People" menu.

A very telling thing you brought up was "receiving emails with inappropriate wordings." Do you think that has anything to do with Permissions settings, and not bugs? Did your user also get such emails?
Having double checked, I don't think the inappropriate wording applied to your issue, i.e. authentication/registration.

I requested a subscription to a forum, and the email requesting verification reached me saying "invited to subscribe" which I felt was less than ideal and likely to confuse (actual names/addresses removed):

---------------------------------------------------------------------------
Dear user,

You have been invited to subscribe to <forum name>, which is available at:
<forum link here>

With your subscription, updates will be sent directly to your email address
and you can reply to them to participate in the discussion. Your subscription works the same
as a mailing list.

To confirm your subscription, click on the link below:
<verification link here>

Sincerely,
The Nabble team
---------------------------------------------------------------------------

I'll continue my testing and I hope you'll be kind enough to help bring all of these issues to some level of resolution that gets my site functioning.
I'm only an ordinary user myself, so I can't be guaranteed to provide a definitive answer!
Volunteer Helper - but recommending that users move off the platform!
Once the admin for GregHelp now deleted.
Reply | Threaded
Open this post in threaded view
|

Re: Registered Members Can't Login

TheMagazineCollector
Hey Greg, A Breakthrough (Almost!),

In a previous message, you wrote:

Furthermore, in my tests yesterday, I went on to change the username, before I responded to the verification email. I now find the user remains on the list of authenticated users as unregistered, in spite of getting the user to delete the account, re-register or change the username back. (This may be because I also got them to subscribe at one point and the username may remain as a result of that. I need to do further tests.)

This prompted me to do some diagnostics based on data that my forum produces, and the outcome shocked even me. In the “People”>>”Members” list, statistically I have 31 total entries. Of those, 17 are Registered, and 14 are Unregistered. Of the 17 Registered, 6 are test users. Thus, of the 25 “real” users, 14 are Unregistered.

Why are these 14 Unregistered? After all, I personally registered all 25!
I then copy/pasted the Nabble-generated Authenticated list into a spreadsheet. In the next column I pasted in my Administrator-generated Members list, and in the third and fourth columns I pasted in the Names from the People>>Members list along with the Registered/Unregistered data.

I examined every entry in each row, and discovered that Nabble’s entries in its Authenticated list are not consistent. The syntax of every Unregistered entry traced back to the Authenticated list as being incorrect, while every Registered user’s entry in the Authenticated list was correct.

Here’s samples of the difference (not real e-mail addresses):

Registered Users have syntax of: [Username] [<e-mail address>]
     Wally <edmorgan@aol.com>
     SamMan212 <s.johnson@gmail.com>

Unregistered Users have a syntax of: [truncated text from e-mail address] [<e-mail address>]
     marysmith <marysmith@comcast.com>    (Mary’s Username was registered as BigMomma)
     larry356 <larry256@hotmail.com>     (Larry356’s registered Username was OldFish)

This correlated with 100% accuracy, and I tested all of the 14 unregistered ones and couldn’t login on any.

Because I registered every user of my forum, I have all the records that show what information was supplied to Nabble on every registration form, so I know I didn’t screw up.

I have attempted to correct the deficiencies in my Administrator Members list, but Nabble wouldn’t accept the corrected version. I also tried banning a few Unregistered users, in the hopes of being able to re-register them, but that doesn’t clear the entries in the Authenticated list.

My research, as yours, on the Nabble Help and Support Forums has lead to nothing that will remove the incorrect data in Nabble’s Authenticated list. I have tried Hugo’s create a new group of “Hidden Members,” blah-blah-blah!

This messed-up Authenticated list has been the root cause of all my original problems! I’ve tested, re-tested, and tested again every variable that I as Administrator could possibly make, as well as anything that a user could or couldn’t do on their end. I now am sure that I can register my users myself, and that all they really have to do is click on the e-mail verification. They don’t have to respond to Request Access forms, and I don’t have to change my Permissions settings to anything else but the Members status. What I didn’t see until today was the pivotal role that Nabble plays in such a basic action as posting registration data correctly in my forum’s Authenticated list.  

The Magazine Collector
Reply | Threaded
Open this post in threaded view
|

Re: Registered Members Can't Login

GregChapman
Leaving aside the issue of the wording of the subscription email, which is the one that should be sent when an administrator issues a bulk invitation, I'm not entirely clear where your latest research leaves us. I do believe there are some errors in the system, but I haven't spent the time or have the records of what I did.

If you can list only the actions and results that achieve "problem registrations" so that anyone could replicate the problem without any additional information, I'll happily post a link to that message on the Premium forum directing the Nabble team to it. (While you were fighting in the dark you had a tendency to add detail that didn't impinge on the problem and that only confused the issue.)

I fear the team will skip over this rather lengthy thread as it stands, What we need now is a brief and succinct definition of the problem.
Volunteer Helper - but recommending that users move off the platform!
Once the admin for GregHelp now deleted.
Reply | Threaded
Open this post in threaded view
|

Re: Registered Members Can't Login

Peter <Nabble>
Let me see if I got this straight:

If you register someone like:

xxx <xxx@domain.com>

he does not get registered. But if you try:

yyy <xxx@domain.com>

it does.

If the name is the same as the e-mail (before the "@") it does not register the user.

Is that correct?
Nabble staff. We never ask for passwords.
Reply | Threaded
Open this post in threaded view
|

Re: Registered Members Can't Login

TheMagazineCollector
In reply to this post by GregChapman
Hello Greg,

Here’s the short version of the “problem registrations” issue that my research and testing currently indicates.

Some users are shown as “Registered,” while others are listed as “Unregistered” in the People > Users & Groups > Members list. Unregistered users cannot log in. My testing deals with discovery of observable irregularities that may point to why some users become Registered, while others don’t. Among other things, implications may point to corrupted databases.

Interested parties can access the attached file which details the tests, results, and findings.

Regards,
The Magazine Collector
Re_Registered_Users_Cant_Login_04-20-11.docx
Reply | Threaded
Open this post in threaded view
|

Re: Registered Members Can't Login

GregChapman
Ah! That's not quite what I meant. I was hoping that you'd be able to say something along these lines:

1. Do: Click register link (Result: Registration screen appear)
2. Do: Complete screen (Result: receive verification email)
...
n. Do c (Result: People List shows "Unregistered")
...
n. Do d (Result: Login failure message appears)

where you fill in the missing actions and results so someone else can consistently get the same faulty result.
Volunteer Helper - but recommending that users move off the platform!
Once the admin for GregHelp now deleted.
Reply | Threaded
Open this post in threaded view
|

Re: Registered Members Can't Login

TheMagazineCollector
In reply to this post by Peter <Nabble>
Greetings Peter,

If, in your message, you mean the word “register” to fill out the Register Now form, then I do not try either version. I simply fill in the Username field with a name provided me by the user. I also enter the user-provided e-mail address and password.

You are describing both of the possible outcomes that I get when I view the Authenticated list:
Example:
I entered the following to register a user:
        Username = Nosey
        E-mail = jsmith@domain.com
             Password = ********
Once the user has verified via Nabble e-mail, I find that the Authentication list reports either your “xxx <xxx@domain.com>  scenario as:
        jsmith <jsmith@domain.com>
This outcome causes the People>>Members list to report the user as Unregistered, and cannot log in.

Or, your “yyy  <xxx@domain.com>” version can be the outcome in the Authenticated list as:
        Nosey <jsmith@domain.com>
This outcome causes the People>>Members list to report the user as Registered, and can log in.

Your remark about the Username being the same as the e-mail (before the “@”) does not necessarily seem to influence either outcome, as long as the user required me to register that as his/her Username. Thus, if the user indicated the following to be entered into the registration form:
        Username = jsmith
        E-mail = jsmith@domain.com
             Password = ********
I would enter it that way, but would have scant evidence of whether the Authenticated list would (or not) be correctly reporting with the entry “jsmith <jsmith@domain.com>”
I can test this, if you like, but so far I have no real-world users that fit this scenario. All my users fit the first two examples here. Their Usernames are obvious as to the “xxx” and/or “yyy” being a distinct Username not even closely resembling the e-mail address.

I invite you to reference my just-posted latest reply to Greg Chapman here. The attachment goes into great detail as to my ongoing tests over the past month or so.

Regards,
The Magazine Collector

Computers must not be like humans…they cannot go insane by repeatedly doing the same thing. They do produce different outcomes!
Reply | Threaded
Open this post in threaded view
|

Re: Registered Members Can't Login

TheMagazineCollector
In reply to this post by GregChapman
Hello Once More Greg,

It seems that both you and Peter are focused on data input errors on the Registration form. The good news is that I cannot replicate the error at that stage of the process, but not being able to replicate it is not the same as saying the error didn’t happen, or that it won’t happen again, or even that it may be happening to other administrators who don't even realize it.

There are four possible sources of the errors:
1.   User input on the registration form.  Upon entering a user’s supplied data into the registration form, I then sent each user an e-mail stating that I have just registered them with the following username, password, and e-mail address. In reviewing these, as well as my original database used to input (copy/paste) that information into the registration form, I see no evidence that points to incorrect information at the registration stage. Even if I had entered an incorrect username or password into the Registration form, my e-mail to the user would have mirrored the Registration error(s), and the user would still be able to login using the as-registered password.

2.  User compliance at the time of e-mail verification. Not a suspect that would cause incorrect data in the Authenticated list and/or the People/Members list. However, there might be further evidence in those Nabble e-mails. The e-mail’s salutation line (“Hi [%username%]”) might reveal an incorrect Username!

Example of Unregistered user #1 from my table in the previously-attached document:
• “Hi TomBoy,” would display the username correctly.
• “Hi jcorbin,” would display the username incorrectly, as it is recorded in the Authenticated list.

3.  The administrator has done something that results in the error. We’re safe here, because all the administrator can do is enter data into the Options > Users > Manage Users & Group > Members list. As pointed out in my test report, an administrator cannot enter anything that does not exactly match the entry in the Authenticated list.

Maybe you can test something here. If you have users that appear in your forum’s People > Members list that display “Unregistered,” can you try contacting them with a simple request to attempt to log in?
I did that with my real-world users who showed “Unregistered” and got feedback which confirmed that they could not login (couched in expletives and requests to drop them as members).

Actually, it would also be helpful, along the same lines, to give me some feedback as to the number of posts, replies, etc., your “Unregistered” users have made. My Unregistered users all show zeros, making that a possible indicator that they can’t log in.

4.  My research and testing all point to the errors occurring at Nabble. By testing and deduction, I believe that I have ruled out most other variables and contributors. I’m totally open to being wrong, of course. I’ll be glad to work with anyone who can invalidate my test procedures and outcomes.

Hopefully, Nabble can examine data from my forum site as the best way to support or debunk my tests and conclusions. I don’t know if there are logs that show the very Registration information you have asked about, or maybe the Nabble e-mail salutations can be reconstructed, as well as how the flawed data came to exist in the Authenticated and People/Members lists…but let’s hope so.

Regards,
The Magazine Collector
Reply | Threaded
Open this post in threaded view
|

Re: Registered Members Can't Login

TheMagazineCollector
In reply to this post by TheMagazineCollector
Follow up to Peter on 04-30-11

Hello Again Peter,

I am attempting to conduct further tests to help resolve the mysterious “Unregistered” status of some of my forum’s members. These “Unregistered” user are known to the forum administrator in the (People > Members) list.

Previous tests have explored the issue of corrupted Nabble databases. However, there may be other possible contributing factors that might cause a user to become “Unregistered” and unable to login. such as:
     1.  The user did not respond to Nabble’s e-mail verification
     2.  The user’s e-mail address was invalid, and Nabble’s e-mail bounced
     3.  The forum administrator did not receive notice of Nabble having received the e-mail verification.
     4.  The administrator entered the user into the Members list (Options > Users  > Manage Users & Groups) before receiving an e-mail from Nabble to which the administrator should have “accepted” the user’s request to join.

Item #1
Does lack of a user verification response cause a user’s status to become identified as “Unregistered?” Clarification of exactly how “Unregistered” is interpreted by Nabble would make a world of difference in the way I am (and all other application administrators are) interpreting this term. My confusion stems from the Authenticated list, which Nabble appears to interpret Registered as “Authenticated + Registration-Date”.  By “Registration-Date” does Nabble mean:
     A. The date on which the user filled out the original “Register Now” form, or
     B.  The date on which the user responded to Nabble’s e-mail verification and become “Registered”?

My tests point to the answer being “B.” Once the user responds to Nabble’s e-mail verification notice, only then is there a “Registration-Date.” Further, only then does the user appear on the Authenticated list…right? But then, how can there exist any “Unregistered” users?

See Item #3 below about users who did (or didn’t) complete the “Request Access” form.

Does Nabble have a way to identify for; notify the forum administrator of; or deal with users who are listed on the Authenticated list, but are still categorized as “Unregistered?” What can an administrator do to rectify this condition?

Item #2
What does Nabble do to notify a forum administrator of a bounced e-mail address? Does such a user still get onto the Authenticated list and become identified as “Unregistered?” My test results show that the user does get onto the Authenticated list.

Item #3
I raise this issue again because of the ongoing situations in which a user may or may not click on the “Continue” button on Nabble’s “Congratulations” screen when the user responds to Nabble’s verification e-mail. When a user clicks on “Continue,” he/she is supposed to fill in the “Request Access” form.

I was able to successfully register users without ever clicking on “Continue.” By doing so, I never received even one notice from Nabble that the users were successfully registered. Once I clicked on Nabble’s e-mail verification URL and saw the “Congratulations” registration screen, thereafter I used the Authenticated list to enter user info into my Members list (Options > Users  > Manage Users & Groups).  Those users could then login and use the forum site, even though they did not complete the “Request Access” form. My tests have shown that, by a user not completing that form, the forum administrator has no way of knowing that Nabble has granted login and site access/use privileges to that user.

Note that I did periodically (not always) encounter a pop-up notice when I attempted to log in some of the test users. The pop-up notice requested that the user complete the “Request Access” form. When I simulated a user that completed the “Request Access” form, that user could still login and use the site, even though the forum administrator did not receive a “Request Access” e-mail from Nabble.

See Item #4 here because, the issue of when a forum administrator is supposed to enter a user into the Members list (Options > Users  > Manage Users & Groups) may impact whether or not an administrator receives a “Request Access” e-mail from Nabble, or is required to respond to one. Is that a true assumption?

Item #4
When – and even whether or not -- the forum administrator enters the user into the Members list (Options > Users > Manage Users & Groups) may have some bearing on how a user comes to be classified as “Unregistered.” For example, if the administrator uses the “Authenticated” list as a trigger of when to add a new user to the Members list, then does that cause the administrator to not have to wait for and respond to an e-mail from Nabble to which the administrator should “accept” the user’s request to join? Is the right time to add a user to the Members list only after the administrator accepts the “Request Access” e-mail from Nabble?  

Summary
Are any or all of the variables I have identified above contributors to why some users have “Registered” status, while others are “Unregistered” in the (People > Members) list?

Notice that I have avoided involving the entire issue of “Permissions” settings. These settings have nothing to do with the subject of how some users become “Unregistered.”  Admittedly, Permission settings can mask the effects, but my focus here is on causality.

Consequences
I have had to stop using my three Nabble applications for over two months now. My direct marketing campaign for soliciting members from a 10,000-prospects database it took four months to build is in limbo, and my Nabble-embedded website’s launch (the announcement scored almost 2,000 Google hits) is now a shambles while I wait for someone to just do something to resolve the problem. I think I’ve been more than reasonable by my conducting extensive tests and documenting (ad nauseam) what’s happening.

Action Items?
Why is all of this “Register Now -- E-mail Verification/Registration-Date – Authenticated list -- Request Access –Administrator Notification -- Members list” process shrouded in mystery as to what elements in the process result in “Unregistered” users? Will someone provide me with a simple flowchart or a cause/effect table that maps out the sequence of events and the correlating outcomes?! One of those outcomes has to show a series of identified events/steps that cause some users to become “Unregistered.”  Once we administrators have that quintessential “How Nabble Works” documentation, then perhaps we can move on to actually exploring ways to find and fix whatever is broken.

Right now, I’d settle for a way to totally remove my “Unregistered” users from Nabble’s database, so that I can more accurately test these failed users from scratch. I’ve tried banning them, but then I cannot re-register them using their same username, e-mail, or password because these users still appear in the Authenticated list.  Even though I have these “Unregistered” users’ e-mail addresses, passwords, and usernames, I can’t login as the “Unregistered” users and go to these users’ respective profiles and delete them as members. I want to replicate the failures without changing the original variables.

Regards,
The Magazine Collector
Reply | Threaded
Open this post in threaded view
|

Re: Registered Members Can't Login

TheMagazineCollector
In reply to this post by TheMagazineCollector
Hi Greg,

See my latest post to Peter on this still unresolved issue.

Regards,
The Magazine Collector
Reply | Threaded
Open this post in threaded view
|

Re: Registered Members Can't Login

Hugo <Nabble>
Let me explain some important concepts here:
 - The owner/admin of a forum cannot change the registration status of another user.
 - Only the user himself/herself can change this status by clicking on the activation link sent to his/her email address.
 - If the user doesn't click on the activation link, he/she will be kept as "unregistered".
 - The registration expires after 7 days. After that, the user must register again.

I don't understand what you are trying to do, but you must make sure you are submitting the registration form on behalf of the user (or you force the user to filling that form). That's the only way you have to send the registration email to them and get them into the "registered" state.
Reply | Threaded
Open this post in threaded view
|

Re: Registered Members Can't Login

GregChapman
In reply to this post by TheMagazineCollector
Hi Magazine Collector,

Apologies for not responding earlier. After a series of public holidays in this part of the world, not to mention a high profile wedding, I've been spending much of my time away from my main computer for the last couple of weeks.

I hope that Hugo's response provides most of the answers to your questions. I still think that most of your problems are caused because Nabble's system is not really designed to cope with your pre-membership vetting process and your initiation of the registration process on potential member's behalf. It is almost bound to cause some confusion in your members as it will subvert much of what they will be used to when joining any other forum.

As to the processes being "shrouded in mystery", I think that is a case of the software still being in active development and in what most would consider a "pre-release" state. It is not entirely stable, with almost nightly updates to the underlying code. Currently, the Nabble team are working hard on a "Templates" feature. As that will so fundamentally affect much of the existing documentation it is only after that is released do they plan to update the documentation.

Hugo didn't specifically say when unregistered members disappear from the Nabble database after a failed registration or non-response to the verification email. My understanding is that they never do. This is the norm for Forum software and will, I suspect, mean that you will not be able to do some of the analysis of membership that you were hoping to be able to do.

You also mention "Request Access" issues. These will be caused by you denying VIEW permission to certain classes of user, and is unrelated to registration issues (except in as far as registration may affect how you assign group membership). I think you are already aware of the assumptions made by Nabble with regards to the "anyone", "authenticated" and "member" groups, but it may help to read the Are you sure Authors means Members? section of my post in the link.

I realise now that in that post I failed to state that "author" means just that, the author of a post. This is a somewhat specialised category. You would probably only use it if you are in the habit of moving especially useful definitive posts to a sub-forum to which the author would not normally have write permission, so that the author could keep it updated.
Volunteer Helper - but recommending that users move off the platform!
Once the admin for GregHelp now deleted.
Reply | Threaded
Open this post in threaded view
|

Re: Registered Members Can't Login

TheMagazineCollector
In reply to this post by Hugo <Nabble>
Hello Peter,

I’m back after a brief hiatus. As you last wrote:

          Let me explain some important concepts here:

           - The owner/admin of a forum cannot change the registration status of another user.

           - Only the user himself/herself can change this status by clicking on the activation link sent to his/her email address.


I agree and have always realized it, even though I see no appreciable advantage to the user – and especially no benefit to the forum administrator. I have taken every measure to inform and remind my pending-registrants to find the Nabble e-mail and click on the verification URL. In doing so, I have no way of knowing whether they have or not, until I check their status in the People > Members area.

What’s the typical time-lag an administrator should allow between the date a user clicks on the e-mail verification and when that administrator could rely on the displayed registration-status info in the People > Members area? Is it valid that the user cannot login until that user appears in the People > Members list? Only until I see that user appear in the People > Member list should I then enter their information in the Options > Users > Manage Users & Groups > Members list…is that correct?

           - If the user doesn't click on the activation link, he/she will be kept as "Unregistered."

Yes again, and the pending-registrants do not know that they have “unregistered” status and that’s why they can’t login. Nor, after 7 days, do they know what to do about it, except sending me (the innocent administrator) hate mail…and they have usually dropped out.

I am trying to figure out a way to test/verify the presumption that registrants are actually receiving Nabble’s e-mails at all, whether in their SPAM folders or in any other folder. I believe that pursuing this is important, because everything you have written here, Peter, is based on an assumption that Nabble’s verification e-mails are actually available to the intended recipients.
 
My observations (unconfirmed) are that the e-mail may not be accessible at all to the recipient because:

         • The e-mail ISP filters the e-mail and holds it in a SPAM folder that is only available to the recipient by going online to the ISP’s webmail service
         • The recipient’s AV (antivirus) blocks the e-mail and the user has to check a list of SPAM in the AV software
         • The recipient’s browser and/or firewall is configured to block (or only allow) certain e-mails
         • The recipient uses a service that pings back a verification e-mail to the sender (here Nabble), who is required to click on an acknowledgement in order to have the recipient actually see the e-mail
         • The recipient has rules set up in the e-mail software that filter out e-mails, so that they never
         • Recipients are inherently prone to ignore or avoid any e-mail that is in their SPAM folder.

I’m a total greenhorn when it comes to how these might prevent Nabble’s e-mails from ever getting into an intended recipient’s SPAM folder at all. I don’t even understand why e-mails from Nabble are vulnerable to being dumped into the recipient’s SPAN (and/or Junk Mail) folders. Is there anyone in the group who is a PMK on this e-mail-filtering matter?

          - The registration expires after 7 days. After that, the user must register again.

This is new information! Thank you!

Is it safe to say that, on the 8th day after the date of the original user registration, that I can then check my People > Members list where I would then reliably see who is “Unregistered?”

My Authenticated list didn’t change after 7 days for any of my still-today “Unregistered” users who first signed up as long ago as 23 March. Am I correct that, if Nabble were to delete “Unregistered” users from the Authenticated list, one outcome would be that these users would also be totally removed from the People > Members list? That may not be a good thing, since an administrator would have to constantly monitor both lists so as not to miss who is being deleted.

On the other hand, if the “Unregistered” user does successfully re-register, does she/he appear twice in both the Authenticated and People > Members lists?  This is important to me, because of this continued correlation identified in my previous writings between potentially corrupted entries in my Authenticated list and my list of “Unregistered” users who still can’t login.

Regards,
The Magazine Collector
12