Forums | Mahara Community
Support
/
LDAP authetication and user accounts - how does it work?
03 May 2011, 3:36
Hello!
We are using Mahara in our Bachelor programme in Information Systems. The programme is hosted in a Business School at one of the largest universities in Sweden.
We currently pull student data from the student record system and build a csv files for creating user accounts. It works, but it also means a new set of login data for the students to manage. Thus, we consider using one of the available directory services (at school or university level) for authentication.
I have looked in the Mahara wiki and similar topics in the fora to try and understand better how this is done. I still have some questions I hope someone can answer.
First of all, when you add LDAP as an authentication plug-in Administer Institutions you can check or uncheck "We auto-create users." If this is unchecked, where and how are users created?
Second, we want to have user accounts for our programme students only and not the all the other 5000 at the school or 40 000 at the university. Is there a way to filter out our students in Mahara or is that something that has to be set up at the directory side?
My knowledge about configuration and directory services is close to non-existent, so my questions might seem a bit newbie ... Anyway, I hope someone can help me with this.
Best regards,
Odd
03 May 2011, 17:41
Odd, when you turn auto-create users off, it means that users can be authenticated using LDAP, but only if they already exist in Mahara and their user record is set to use LDAP auth.
If you set up LDAP authentication in institution settings, you will see an option to choose this auth method when you upload users by csv file.
16 June 2011, 3:21
Thanks for your reply, Richard!
If I understand this correctly, any user that can be authenticated using Ldap will also create an account (if auto-create is on). As an administrator, I don't need to know anything about their id:s and passwords (and other info)?
If auto-create is turned off, I still need to create user by a csv-file which must include at least username, password, email, firstname and lastname? What would then be the difference between Ldap and internal authentication?
I think I must have misunderstood something here... I hope you can explain this to me!
Best regards,
Odd.