Any problem with using Email self-registration and LDAP authentication at the same time?

Any problem with using Email self-registration and LDAP authentication at the same time?

by Peter Ruthven-Stuart -
Number of replies: 0
Picture of Plugin developers

Hello,

Is there any problem with using the "Email-based self-registration" and "LDAP server" authentication methods at the same time?

I plan to use these four authentication plugins in a Moodle site:

  1. Manual accounts
  2. No login
  3. Email-based self-registration
  4. LDAP server

Up until now, I have been using the first three authentication methods, but now want to add the LDAP method to make logging in easier for new students (i.e. facilitate single-sign-on within the university).

I have read the LDAP authentication documentation, and believe that with the help of our IT people I can make it work. However, before going ahead with this, I'd like to check that adding the "LDAP server" authentication plugin will not cause any problems for existing users.

In particular, I'd like to know what happens if an existing user (i.e. one that has been authenticated via Email-based self-registration or Manually) tries to login using their Password and Username for the university system to which the LDAP system is linked? Is there a possibility / danger of them inadvertently creating a second account? i.e. my understanding of LDAP is that when a student logs in for the first time the system "recognises" them because their login details exist on the LDAP server, but because it is their "first time" they have to fill in their name etc. in order to create their account on the Moodle database. However, I can imagine two scenarios that may cause problems:

  1. A student who has already been registered to the Moodle system might 'accidentally' use their university Username and password to login to Moodle. Moodle will recognise them as existing on the LDAP server, but new to the Moodle system and so create a new Moodle account. So the problem is that this student will have two accounts.
  2. A student used the same login details as his university account when he created his Moodle account via "Email-based self-registration". What will happen when he tries to login to Moodle after "LDAP server" authentication has been activated? Will Moodle recognise him as an existing user, or a new user existing on the LDAP server, and so end up with the same problem in scenario one; one student but two Moodle accounts?

No doubt I'm missing something obvious, but would like to be certain before going ahead with activating the "LDAP server" authentication method.

Average of ratings: -