Linking Azure Accounts with Existing LDAP-Imported User Accounts in Moodle SSO

Linking Azure Accounts with Existing LDAP-Imported User Accounts in Moodle SSO

بواسطة - Sam Adams
عدد الردود: 5

Hi Everyone,

We are in the process of enabling Moodle SSO via Azure. The configurations are all complete, but we were wondering if it's possible to link the Azure accounts with the existing user accounts that were imported via LDAP.

Note: I am not an expert in Moodle so any detailed response will be highly appricated. 

Thanks.

متوسط التقييمات: -
رداً على Sam Adams

Re: Linking Azure Accounts with Existing LDAP-Imported User Accounts in Moodle SSO

بواسطة - Emma Richardson
صورة Documentation writers صورة Particularly helpful Moodlers صورة Plugin developers
If it an SSO setup, they should prompt to link automatically on first login.
متوسط التقييمات: -
رداً على Emma Richardson

Re: Linking Azure Accounts with Existing LDAP-Imported User Accounts in Moodle SSO

بواسطة - Sam Adams
Thanks. I’m afraid that’s not the case, as I’m receiving the following error after logging in: 'Invalid login: User not found in Moodle. If this site has the "authpreventaccountcreation" setting enabled, you may need an administrator to create an account for you first.'

Even after disabling that setting, I’m still getting the error: 'Exception - Could not get app or system token.'
متوسط التقييمات: -
رداً على Sam Adams

Re: Linking Azure Accounts with Existing LDAP-Imported User Accounts in Moodle SSO

بواسطة - Emma Richardson
صورة Documentation writers صورة Particularly helpful Moodlers صورة Plugin developers
Then I am guessing that you don't have it setup correctly.  I would look at what you are using for userid - it should be samaccountname like ldap, I think...though to be fair, I don't actually work with Azure!
متوسط التقييمات: -
رداً على Emma Richardson

Re: Linking Azure Accounts with Existing LDAP-Imported User Accounts in Moodle SSO

بواسطة - Sam Adams
Thanks. For the LDAP data mapping, we're currently using mail for the email address field (auth_ldap | field_map_email). We've also tried userPrincipalName and sAMAccountName.

On the OpenID data mapping side, we've tested both email and UPN for the email address field (auth_oidc | field_map_email).

Are there any other suggestions we could try to help link existing LDAP accounts with the profiles created when users log in using their work email?
متوسط التقييمات: -
رداً على Sam Adams

Re: Linking Azure Accounts with Existing LDAP-Imported User Accounts in Moodle SSO

بواسطة - Emma Richardson
صورة Documentation writers صورة Particularly helpful Moodlers صورة Plugin developers
So what error are you getting when you try this? That an existing account is not found? Or does it automatically set up a new account? For mapping you need to map email to email - not upn or samaccountname. In your client settings, you need to link the samaccountname to the userid - this I don't think is in data mapping but in the initial setup.
متوسط التقييمات: -