15 September 2021, 22:18

Hello

In my institution, I added three methods of authentication after the internal connection : CAS, LDAP, and XMLRPC by integration Moodle using the MNet.

Now I noticed when a user authenticate with Moodle, and after if he authenticate by CAS for example, this second authentication creates a second account different the first created by the Moodle. idem for LDAP too. So this mean, if a user uses the three methods, so he will have 3 different accounts.

Should anyone tell me why ? Maybe I shouldn't use the three methods together ? Or what can you advise me ?

Thanks for your help.

Cheers

Kemoko KEITA

16 September 2021, 7:53

Hi Kemoko,

This is expected behaviour in Mahara when you don't specify a parent authentication method. MNet (XMLRPC) and LTI (we'd recommend to use LTI for new installations rather than going with MNet) allow for a parent authentication method to be set, which can be LDAP or SAML (or CAS). Ideally, you use the built-in SAML plugin for your CAS authentication rather than the old third-party CAS authentication plugin as that hasn't been updated in a while to my knowledge.

For MNet, the option is in the MNet authentication settings. For LTI, you can find that when you manage the LTI connection.

However, you can only set up one authentication method as parent. LDAP cannot have an authentication method. It sounds like everybody exists in all three of them. Why do you need CAS and LDAP? Wouldn't one suffice?

Thank you

Kristina