LDAP authentication does not work with AD groups. Why?

LDAP authentication does not work with AD groups. Why?

by Plamen Stanev -
Number of replies: 4

 In the LDAP settings when I enter for user context particular OU with users in it, I can login to moodle and it will create the account in moodle for that LDAP user. If for the users context I put particular AD group and try to login user from that group it says "Invalid login, please try again" . Why it works with OUs and not with AD groups?

Average of ratings: -
In reply to Plamen Stanev

Re: LDAP authentication does not work with AD groups. Why?

by Emma Richardson -
Picture of Documentation writers Picture of Particularly helpful Moodlers Picture of Plugin developers

You cannot use groups in the context field.  These belong in the object class field.  The entry should look something like the following: (|(&(objectClass=user)(!(objectClass=computer))(memberOf=cn=MoodleUser,ou=people ,dc=yourdomain,dc=com)))

Average of ratings: -
In reply to Emma Richardson

Re: LDAP authentication does not work with AD groups. Why?

by Plamen Stanev -

Thanks Emma,

That worked. If you can give me some tips on how to make NTLM SSO working. Can it be done only from LDAP server settings  of I have to setup CAS server (SSO) also. I'm using MS AD, IIS 7, Win 2008 R2, Win 7,  IE, Chrome.

Average of ratings: -
In reply to Plamen Stanev

Re: LDAP authentication does not work with AD groups. Why?

by Emma Richardson -
Picture of Documentation writers Picture of Particularly helpful Moodlers Picture of Plugin developers

Sorry - I have never messed with SSO - you might look at the documentation and search the forums.

Average of ratings: -