In LDAP configuration page we have:
"This method provides authentication against an external LDAP server. If the given username and password are valid, Moodle creates a new user entry in its database"
Is it possible to disable the new user entry creation in moodle database?
We only need LDAP to authenticate users that already are in moodle database. We don´t want to use LDAP to create new users. How can i disable that feature?
You may be asking why... 2 reasons:
1) We don´t want to give access to all users in ldap server that are not in moodle database.
2) We only have username, password and email information in LDAP server (Don't want to create new users with so little info)
thank you.
Re: LDAP : how to disable new user entry in moodle database
Hi Susana
I had the same issue and fixed it with this hack!
In /moodle/lib/moodlelib.php find line 2601 approx and comment out "$user = create_user_record($username, $password, $auth);".
This will send the user "You need to confirm your login" page and stop "function create_user_record($username, $password, $auth='')" creating a bare-bones user record.
code before:
if (auth_user_login($username, $password)) { // Successful authentication
if ($user->id) { // User already exists in database
if (empty($user->auth)) { // For some reason auth isn't set yet
set_field('user', 'auth', $auth, 'username', $username);
}
update_internal_user_password($user, $password);
if (!is_internal_auth()) { // update user record from external DB
$user = update_user_record($username);
}
} else {
$user = create_user_record($username, $password, $auth);
}
code after:
if (auth_user_login($username, $password)) { // Successful authentication
if ($user->id) { // User already exists in database
if (empty($user->auth)) { // For some reason auth isn't set yet
set_field('user', 'auth', $auth, 'username', $username);
}
update_internal_user_password($user, $password);
if (!is_internal_auth()) { // update user record from external DB
$user = update_user_record($username);
}
} else {
// $user = create_user_record($username, $password, $auth);
}
I hope this helps
Re: LDAP : how to disable new user entry in moodle database
Cheers,
susana
Re: LDAP : how to disable new user entry in moodle database
$user = create_user_record($username, $password, $auth);
With
continue;//$user = create_user_record($username, $password, $auth);
This just return the user to the login page, with the message "Invalid login, please try again".
Re: LDAP : how to disable new user entry in moodle database
I'm trying this now on a XAMPP Moodle 2 install on my OSX workstation.
However I make the change and a success ldap authentication for an account without a local record is still sending me to the profile page.
I've tried clearing browser data in case I was still caching something and restarting apache. The update just doesn't seem to be working.
Any ideas?
Re: LDAP : how to disable new user entry in moodle database
Nevermind. I think there was a problem with the account i was using. Seems to be working properly now.
Re: LDAP : how to disable new user entry in moodle database
Does anyone know if there is a setting in Moodle 2.0 to do that???
Re: LDAP : how to disable new user entry in moodle database
I'm afraid there isn't. The only way to do that is by modifying the code.
Saludos.
Iñaki.
Re: LDAP : how to disable new user entry in moodle database
I was afraid that this was the case. I have added an issue for improvement http://tracker.moodle.org/browse/MDL-29093.
Maybe it will be added in an upgrade.
Re: LDAP : how to disable new user entry in moodle database
Saludos.
Iñaki.