Forums | Mahara Community

Support /
How to set up LDAP authentication in Mahara?


Shen Zhang's profile picture
Posts: 87

05 January 2010, 18:12

Hi, we are trying to link Mahara to the LDAP server so that the LDAP server takes care of the authentication. Is it possible? What are the steps to set it up if it's possible? I'm new to this forum, so apologies if it's a silly question. Many thanks.
Shen Zhang's profile picture
Posts: 87

05 January 2010, 23:05

I've seen some posts about linking Mahara and Moodle. If we don't use Moodle, can we still use the LDAP option that provided by the system? The attributes are making me confused. Can anyone tell me what value this Authority name should have?
anonymous profile picture
Account deleted
Posts: 4

06 January 2010, 0:42

Hi Shen,

You can link directly to your LDAP within the Administrator area:

 In Institution, you can configuration the Authentication Plugin to connect directly to LDAP. Fire me an email at leebrent [at] gmail.com and I can send you a short video if you need more direction/help.

 Cheers,

 Brent. 

anonymous profile picture
Account deleted
Posts: 5

07 January 2010, 3:36

I found it was very easy to setup the LDAP authentication, I just copied all the details out of my Moodle server. It's much better than managing the users manually. Now anyone that has an account on my network can log into Mahara with the same credentials.  cool.

The hardest part was getting the LDAP modules installed in my Ubuntu server so they would show up on the Institutions authetication settings:  sudo apt-get install php5_ldap  I think, then do an Apache2 restart  to let it kick in.

These are the values I used for the LDAP settings (more or less) 

Authority name: myLDAPconnection 
Host URLldap://10.51.1.7  
Contexts:  OU=MaharaUsers,OU=Users,DC=mycollege,DC=domain
User type: MS ActiveDirectory  
User attribute: cn
Search subcontexts: Yes  
Distinguished name:    CN=LDAPadmin,CN=Users,DC=mycollege,DC=domain
Password:   LDAPadmin's password
LDAP version:  3 
Update user info on login: Yes  
We auto-create users:  Yes  
LDAP field for First Name: givenName  
LDAP field for Surname: sn  
LDAP field for Email: mail 

the Authority name is just a label so you can recognise the connection settings profile you have used later on. You will probably only have one of these anyway.

Shen Zhang's profile picture
Posts: 87

07 January 2010, 16:55

Hi Steve,

Thanks for providing the values that you used for the LDAP settings. It gives us a good idea what the values should look like. I've submitted a ticket to our IT department. Hope it's straight forward for them to fill the blanks.

Iñaki Arenaza's profile picture
Posts: 253

07 January 2010, 18:21

Just a minor detail :-)

Most people should use 'sAMAccountName' instead of 'cn' for the 'User attribute' setting if they are using MS Active Directory, as sAMAccountName is the 'windows logon name' we usually type to log into Windows.

Saludos,
Iñaki.

Shen Zhang's profile picture
Posts: 87

07 January 2010, 19:12

Thanks guys for the advices. I used most of the values Steve provided and it's now working  :)

anonymous profile picture
Account deleted
Posts: 3

26 July 2013, 22:33

Hello Inaki,

I have managed to authenticate my users for a specific institution with an LDAP server. The problem is that I would like to authenticate only users who belong to a specific group, as I use a unique ldap server for several projects, and several users can belong to more than one projects. 

This functionality on Moodle can be achieved using the memberof overlay ldap function, as I saw on one of your posts, and I have successfully implemented it :)

However, such an option doesn't seem to be present in Mahara (?). There is no option for a search string or an objectclass where I can insert a proper query for my LDAP server.

Having seen that you have been very active on Moodle/Mahara issues concerning LDAP integration, I believe that your opinion would be of signific assistance.

Greetings,

Stef

Kristina Hoeppner's profile picture
Posts: 4717

30 July 2013, 0:55

Hello Stefanos,

It should be easy to just select a specific LDAP group to connect to in Mahara. We had once set this up for a client who wanted to have all staff members in a separate Mahara institution than the students to be able to give them a separate theme.

I'm afraid though that I can't check the settings. I suspect you would enter the specific group information either in the "Context" field.

Cheers

Kristina

 

anonymous profile picture
Account deleted
Posts: 3

30 July 2013, 3:03

Hello Christina, 

I have already tried to place the group dn inside the Contexts field of Mahara, but with no result. :(

12 results