Okay, here's where I'm currently running into a wall because the error messages I'm seeing only amount to "It does not work!" without a hint of why.
A bit of background: My school has a rather outdated Moodle 3.0 installation which came as a sort of "module" provided by our administration software's vendor. As a result, we simply cannot update this installation. Luckily, we're still in the test phase so even a "restart from scratch" would not be a catastrophe ... yet.
So installed a fresh 3.7 on a different server inside my school (with my principal's blessings, of course), made it accessible from the outside through a reverse proxy (don't ask...) and am currently trying to setup the LDAP plugin.
Now, the LDAP server is reachable from my Moodle installation and it does not need a Bind-User (again, a config by our vendor so nothing I did).
I thought I simply had to copy over the settings from the 3.0 installation but when I then try to login with an LDAP-user (instead of admin) I simply get "Invalid login, please try again" and the logs show the usual "Login failed for user 'foo'. User does not exist (error ID '1')."
I'm not sure what's going wrong here, considering that I'm able to use those same settings via CLI and 'ldapsearch'.
Basically, these are the settings which are actually set (and not simply empty or default) in the 3.0 install:
Host URL: ldap://ldap.schule.local:389
Hide passwords: yes
Usertype: posixAccount (rfc2307)
Search subcontexts: Yes
User attribute: uid
Member attribute: memberUid
Object class: objectClass=IdUserAccount
Course creator context: cn=lehrer,ou=groups,dc=schule,dc=local
I was a bit irritated by the fact that the config page insists on turning "memberUid" into "memberuid". Not sure how important this capitalization is, though.
So, what more do I need?