I have replaced the original LDAP names in this email with "XXX" , "AAA" "YYY".
The details I have been provided are:
LDAPS authentication for remote server
1) Bind DN CN=LDAP\,AAA ,OU=Infrastructure,OU=Information XXX YYY,OU=UserAccounts,DC=xxx-home,DC=xx,DC=xxx,DC=ac,DC=uk
N.B. escaped “,”
2) Bind secret – in separate e-mail
3) Current LDAP search base: DC=xxx-home,DC=xx,DC=xxx,DC=ac,DC=uk
Search filter: (&(objectCategory=user)(employeeID=*))
User Info on initial bind;
Name = displayName
e-mail = mail
Login = sAMAccountName
The necessary certificate bits for are in the moodle are in a ZIP – we use an internal root CA for our Active Directory forest, so that CA certificate chain is in the zip. On a windows server, the components need to be specifically stored in the “Trusted Root Certification Authorities” machine certificate store.
Can some help guide me toward how to set it up on Moodle. We are trying to do authentication of user accounts on moodle without populating the user accounts on the system. That is - all accounts are simply searched from the offsite LDAP server and accordingly authenticated.
And also if you could guide towards what needs to be done with the CA certificate files. In the zip folder, I can see 4 files (2 ending with "CA" and 2 with the names of the OU itself -XXXX and they are filled a list of encrypted - alphanumerical lines of text)
Any ideas on setting this up?