Change LDAP accounts to OpenID accounts automatically on log in

Change LDAP accounts to OpenID accounts automatically on log in

by Jatin Sharma -
Number of replies: 4

Hi, 

Is there a way to set the authentications up so that is a user has logged in using LDAP and received grades, they can log in using OpenID authentication and retain the grades. 

I just want to change the method of authentication from LDAP to OpenID(Azure AD).

There are about 400 users logged in using LDAP, is that even possible?


Running the CRON to match the user not working.

Thanks again

Average of ratings: -
In reply to Jatin Sharma

Re: Change LDAP accounts to OpenID accounts automatically on log in

by Bruce Wilbee -
We have the same issue with 3000 users....did you find a solution?
Average of ratings: -
In reply to Bruce Wilbee

Re: Change LDAP accounts to OpenID accounts automatically on log in

by Eoin Campbell -
Picture of Core developers Picture of Particularly helpful Moodlers Picture of Plugin developers

The only way to change existing users' authentication method from LDAP to OpenID is by uploading an appropriately formatted file in the User Matching page (see below), as far as I can tell. This works reasonably well for us. However, we have noticed that in some cases, Moodle accounts are duplicated: a student logs in the first time using OpenID/Microsoft 365, and an hour or a day later, when they log in again, instead of logging in to their existing account, Moodle creates a new account instead, which is a nuisance. We couldn't track down the issue.



Average of ratings: -
In reply to Eoin Campbell

Re: Change LDAP accounts to OpenID accounts automatically on log in

by Przemek Kaszubski -
Picture of Particularly helpful Moodlers Picture of Testers
"an hour or a day later, when they log in again, instead of logging in to their existing account, Moodle creates a new account instead, which is a nuisance."

Try Manage authentication (/admin/settings.php?section=manageauths) > tick the Prevent account creation when authenticating (authpreventaccountcreation) box ?
Average of ratings: -
In reply to Przemek Kaszubski

Re: Change LDAP accounts to OpenID accounts automatically on log in

by Eoin Campbell -
Picture of Core developers Picture of Particularly helpful Moodlers Picture of Plugin developers
Thanks for responding, but I don't think this approach will work in our case, as we don't pre-provision students on Moodle. The behaviour I see is: 1) new student authenticates using OpenID; 2) Moodle creates an account; 3) student logs out; 4) student logs in again; 5) Moodle creates a second account for the same student, instead of simply logging them in to the existing account.
Average of ratings: -