Forums | Mahara Community

Mahara/Moodle integration /
always a new mahara account will be created by connecting via SSO


anonymous profile picture
Deleted user
Posts: 39

02 October 2013, 11:22 PM

Hello mahoodle users,

we are using Moodle 2.4.6 with an LDAP authentication and Mahara 1.6.6 with a SSO configuration working fine since two years. Few days ago we realized that new users comming from moodle (with the username s0815) have the problem that every time they try to connect to mahara a new account will be created (with the username=s08151 and so on) and they have to set always a new password.

What can be the reason for this issue?

Thank you in advance,

Michael

Aaron Wells's profile picture
Posts: 896

03 October 2013, 11:26 AM

Hi Michael,

It sounds like you need to set the "parent authority" to LDAP, for the Mnet auth instance in Mahara. See http://manual.mahara.org/en/1.7/administration/institutions.html#mnet

What the "parent authority" feature does, is it basically tells Mahara that MNet and the parent auth both represent the same pool of users.

(If you don't set a parent authority, then it will assume that the MNet user with username "aaronw" represents a different person than the LDAP user with username "aaronw", and that's how you wind up with the duplicate accounts.)

Once you've set up LDAP as the parent authority to MNet, you'll need to manually identify and delete the duplicated accounts. Also, make sure all the users have "LDAP" set as their authentication method, not MNet. (You may want to run a SQL update to set this for all of them.)

Cheers,

Aaron

anonymous profile picture
Deleted user
Posts: 39

08 October 2013, 4:05 AM

Hello Aaron,

thank you for your answer. This was reason: I didn't created a "parent authority" to LDAP. ;-(

Thanks for your help,

Michael

anonymous profile picture
Deleted user
Posts: 7

24 January 2014, 4:29 PM

Hi Aaron,

We are running into the similar problem.

The difference is we are using SSO from Moodle to Mahara.

In Mahara, the Authentication plugin is Internal and XML-RPC

In XML-RPC setting page, Parent authority is internal.

Is there any setting we can look at?

Thanks

Lizzy

Kristina Hoeppner's profile picture
Posts: 3632

26 January 2014, 5:50 PM

Hello Lizzy,

Are all existing accounts that you hooked up to Moodle on "Internal" and have they all the Moodle username as their remote username / username for external authentication?

Cheers

Kristina

 

anonymous profile picture
Deleted user
Posts: 7

28 January 2014, 11:30 AM

Hi Kristina,

We want users SOO from Moodle to Mahara, but not from Mahara to Moodle.

Therefore, they will log in Moodle and then connect to Mahara.

However, we also want them be able to login Mahara straightaway using their Moodle existing accounts.

How can I change to get this work?

Thanks

Lizzy

 

 

Kristina Hoeppner's profile picture
Posts: 3632

28 January 2014, 1:34 PM

Hello Lizzy,

Users cannot log in with their Moodle credentials using the Mahara login form. You can only achieve that if you use LDAP for example and your users log in with their LDAP credentials in Moodle. Then they can jump to Mahara from within Moodle but also use the same LDAP credentials to log in to Mahara using the Mahara login form. Similarly, you can do so using SAML SSO as well, but then just the SSO login button which will take you to the SSO login form.

Cheers

Kristina

 

anonymous profile picture
Deleted user
Posts: 33

28 January 2014, 4:07 PM

Hi Lizzy,

I have been down this track and back, logic tells us use Mahara as a portal, unfortunately it doe's not quire work that way.  Yet!!!

When using the Moodle, Mahara, Mahoodle as a delivery, presentation platform we need to keep in mind some quirks.

Starting at Mahara, loging in there and going to Moodle using MNet. Moodle assigns a MNetID to new connections and uses that as the ID for the student. Mahara uses the email address, it knows nothing of the MNetID.  The other disadvantage I have found with Mahara is the MNet jump path, we can not say start in a Mahara group, page, and jump straight to the Moodle resource. :)

 

Solution is to use Moodle as the portal, archway and, have the Network block visible  to all.  This keeps things sane, especially when using Mahara resources for assessment on Moodle.

To prevent logins at Mahara, you need to remove the create account links or redirect them to the Moodle signup page, assuming you have self registration enabled.

You can use LDAP and or SAML but, in order to use the Mahoodle, Mahara + Moodle intergration you have to use MNet.

If you need to know which files to change yell. Assuming you want to do it the way I suggested.

John

anonymous profile picture
Deleted user
Posts: 7

29 January 2014, 1:18 PM

Hi John,

Thanks for your advice.

Removing the create account links from Mahara seems a good idea for this situation.

Could you please tell me which files to change?

Thanks

Lizzy

 

Kristina Hoeppner's profile picture
Posts: 3632

29 January 2014, 2:07 PM

Hello Lizzy,

You don't need to remove any files, but can do it from the frontend. :-) Just tick off the "Registration allowed" checkbox in the institution that you are using and the link for registration will be gone.

As for MNet, LDAP and SAML: You can use MNet in conjunction with LDAP or SAML. MNet is needed for the connection between Moodle and Mahara, but it can be LDAP / SAML accounts which would allow you to log in to Moodle and Mahara and not just into Moodle and from there to Mahara.

When you created the MNet connection, you can use the Network Servers block and / or copy the link to Mahara that would be displayed in the block and put it into your navigation if you have links to all other systems there. The important bit is that you use the link as you see it in the network servers block because that will sign users in automatically to Mahara. Alternatively, you could rename the language string for "Network servers" to something a bit more sensible, e.g. "Portfolio access" in the language customization of Moodle.

Cheers

Kristina

 

12 results