My Org is running Moodle 3.10.1+ and we're syncing to Active Directory via LDAP. We've recently onboarded two users in AD who should have shown up in Moodle, but they aren't visible in the list of users and I cant add them to courses. When I run the "LDAP users sync job" via Scheduled Tasks I can see them in the log. They both are listed in the log with "Updating user <username> id <##> - Skipped", the same as most of my other existing users. I also tried adding a fresh user to AD and reran the job to verify that it's working. I was able to see that user in the sync log, main user list, and assign them to a course. Any suggestions on how to get these two folks to show up?
Could it be that when the user was first created in AD the first name and last name weren't populated? So the sync created a Moodle user with a username but because the first/last name were blank they're hard to find in Moodle? If Update local is "On creation" this could happen as the once the user is created these fields aren't updated – I normally set this to "On ever login" so that updates are pulled from LDAP.
If you know the username in Moodle, read from AD in the specified User attribute, you could search the Moodle database using a query like:
SELECT id, username, firstname, lastname, email
FROM mdl_user
WHERE username = 'missing_user' AND auth = 'ldap' AND deleted = 0;
Replace missing_user with the username.
Thanks Leon. After running that query I can see that these usernames were once used by old AD users that have since been deleted. As an example, smithj was previously John Smith. They were deleted and now we have a new user named James Smith that is reusing smithj in AD. Is there a way to clean this user out from Moodle? Since I cant see them in the Moodle admin interface, I'm a bit stuck.
In Site administration ▸ Users ▸ Browse list of users under New filter click Show more.... Then put smithj in the Username field and click Add filter. There should be one row displayed with blank columns and which you can delete. You can click on Edit (⚙) first to show the username is the expected one before deleting.
That solved it. Thank you very much for your time Leon.