what was your error message.
It is best to have your entra map it to use the fields available in the drop down.
For example if you have same a field in Entra called "UserType", set it up in entra to use extensionAttribute8 for UserType and it will be updated to this field. You don't need the same names as this is to keep it clean.
What were you trying to do and expected result?
Hello folks.
I have reported this to the plugin developer as well about this anomaly
We are running Moodle 4.5.4 on RHEL Linux with MySQL with:
The scheduled task local_o365\task\usersync ("Sync users from Microsoft Entra ID") has previously created multiple Moodle accounts for the same Entra ID user (same numeric samAccountName as username, different emails – one UPN-based, others derived numeric).
I have also confirmed that the auth_oidc_token table currently has no duplicate rows for the same oidcuniqid + resource. Thankfully there are no duplicates yet in the table.
However, the table still lacks a unique constraint on (oidcuniqid, tokenresource), so duplicates could easily re-appear once we turn the sync task back on (due to the well-known race-condition / token-lookup-failure pattern reported many times over the years, e.g. #2102, #1723, #249, #231, etc.).
Questions:
(oidcuniqid, tokenresource) been added in a newer version (or in the Moodle 5.x branch)?The manual unique index workaround is something we could test in our test platform, but it would be ideal if the plugin handled it out-of-the-box to prevent the issue for everyone. This may cause an issue if we upgrade to Moodle as this may or may not break the process when the manual index addition is added and for every Moodle upgrade.
The index I want to add is:
ALTER TABLE mdl_auth_oidc_token
ADD UNIQUE INDEX idx_oidc_unique (oidcuniqid(191), tokenresource(50));
Would the above work?
Thank you for the excellent plugins – they’re a critical part of our Microsoft integration!
Regards
Moodle version 4.5.4 | auth_oidc 4.5.2 (2024100710)
We are in Moodle 4.5 and where in Moodle do I make sure that users who have never logged in their user accounts are created and under OIDC AUTHENTICATION exclusively when we turn off SAML? Where is that setting in Moodle Manage Authentication, OIDC and Microsoft 365 Integration local plugins? In SAML, we can do that and there is a setting. Where is the OIDC similar operation to it ?
Was looking for the setting to auto create users if not in moodle and they don’t have it like in saml. The global “authpreventaccountcreation” in Manage authentication acts as a master switch for all auth plugins, including OIDC. We keep it unchecked to allow auto-creation, which it is now.
thoughts?
Hello folks.
I just want to confirm my understanding .. I think I am correct.
In Moodle 4.5, I have a few users whose accounts are suspended. For example jsmith@mit.com and 000123456@student.mit.com. Both are suspended accounts in Moodle.
At a regularly scheduled time, we create enrollment text file which have user accounts, their moodle course, and roles and uploaded in our external DB enrolment database.
Then a few minutes after, the external DB enrolment scheduled task is scheduled to run ever hour to update enrolments in our moodle course - teachers and students.
These are my questions.
Let's say in the enrollment text file contains the suspended account and the external db enrollment task is executed, would Moodle automatically make them active again and not suspended? or would they still be enrolled in that moodle course and would be listed in the moodle's participants list but just shown as a suspended account?
2. Also the instructors cannot add them manually as they cannot see them if they tried to search for their username/account as suspended is hidden from their view except Moodle administrators, correct?
3. The only way the user that is suspended to be able to log in and for instructors to add them manually is to unsuspend them, correct?