Dear Sir,
In existing Moodle, we use AD for authentication and authorization
We plan to change Moodle 3.x to use ADFS for user authentication only ( not course enrollment)
Which plugin can we use ADFS SSO user authentication on Moodle 3.x?
Indeed, we also have local account in Moodle and need login moodle as manual authentication also.
Please advise how to do it?
Regards,
William
You can use the SAML2 Single sign on (auth_saml2) plugin to authenticate against AD FS.
Two things you might need to consider:
The plugin has an Allowed any auth type option which may address both of these points. The way to be sure is to test the settings work as expected before changing anything for your live users, ideally on a test site.
You can continue to log into Moodle using manual authentication alongside auth_saml2 users.
Dear ,
Thank for kindly reply.
For point 1,
Many user account is configured to use LDAP authenticaiton which bind to AD . we plan to change them to use SAML2 authentication
IN LDAP authentication modules, we can set only user account under academic staff or student AD sub-tree are authorized to login Moodle.
When user under Alumni AD sub-tree cannot login Moodle
I don't whether SAML2 authenitcation can also do it or not. If not, what the alternative way to do it.
For point 2.
Moodle Course and Most of user accounts are created automtically via LMB plugin in Moodle (https://moodle.org/plugins/enrol_lmb),
Auto account creation in Moodle at the first login isn't allowed.
Do we still can use ADFS authenticaiton?
William
