LDAP server (Sync Plus)

Authentication ::: auth_ldap_syncplus
Maintained by Logo "Moodle an Hochschulen e.V."Moodle an Hochschulen e.V., Alexander Bias
Moodle authentication plugin which provides all functionality of auth_ldap, but supports advanced features for the LDAP synchronization task and LDAP authentication.
Latest release:
805 sites
61 fans
Current versions available: 20

Moodle core's auth_ldap authentication plugin is a great basis for authenticating users in Moodle. However, as Moodle core's auth_ldap is somehow limited in several aspects and there is no prospect to have it improved in Moodle core, we have implemented an extended version for LDAP authentication with these key features:

  • The most important part: All functions from auth_ldap are still working if you use this authentication plugin.
  • The plugin adds the possibility to the LDAP synchronization task to suspend users which have disappeared in LDAP for a configurable amount of days and delete them only after this grace period (the Moodle core LDAP synchronization task only provides you the option to suspend _or_ delete users which have disappeared in LDAP - MDL-47018).
  • You can prevent the LDAP synchronization task from creating Moodle accounts for all LDAP users if they have never logged into Moodle before (the Moodle core LDAP synchronization task always creates Moodle accounts for all LDAP users - MDL-29249).
  • You can fetch user details from LDAP on manual user creation (MDL-47029).
  • It supports login via email for first-time LDAP logins (Moodle core only supports login via email for existing Moodle users - MDL-46638)
  • It adds several line breaks to the output of the LDAP synchronization task to improve readability (MDL-30589).

Please see README file for details about the usage and features of this plugin.

No support in the comments section on this page

Please note that we don't provide any support for this plugin in the comments section on this page anymore.

We appreciate your commendation and reviews for this plugin in the comments. For bug reports and support requests, please read the extensive information in the plugin's README file first and create, if needed, a ticket in the bug tracker which is linked below.

Thanks for your cooperation.


Screenshot #0


Logo "Moodle an Hochschulen e.V."
Moodle an Hochschulen e.V. (Lead maintainer): Maintainer
Alexander Bias: Maintainer
Ulm University: Initial Maintainer
Kathrin Osswald: Former Developer
Please login to view contributors details and/or to contact them

Comments RSS

Show comments
  • Alexander Bias
    Tue, Nov 22, 2016, 11:21 PM
    Hi Grzegorz,

    auth_ldap_syncplus is based on auth_ldap, thus it will sync whatever auth_ldap syncs.

    In recent versions of Moodle, you can map custom profile fields to LDAP fields, this is done on /admin/auth_config.php?auth=ldap_syncplus. With this feature, you can fill custom profile fields on user creation and on login.

    Unfortunately, this does not work for the scheduled LDAP sync task. There is a ticket on https://tracker.moodle.org/browse/MDL-40613 for Moodle core which is somehow stuck and we didn't have the time to contribute resources for solving this ticket.

    Summing up:
    * Yes you can map custom profile fields
    * This is a feature of Moodle core, not of our plugin
    * You can't fully rely that the values in the custom profile fields are up to date for all users as they are only updated on login and not with the (nightly) LDAP sync task.

    Hope this helps.

  • Paul Nijbakker
    Fri, Apr 7, 2017, 10:16 PM
    This is an interesting plugin. My question is: Can this plugin exist next to the standard LDAP plugin, so that a site basically has two LDAP authentication instances which authenticate users from two different active directories?
  • Alexander Bias
    Sat, Apr 8, 2017, 12:52 AM
    Hi Paul,

    I have never built a setup like this before myself, but theoretically it should work without problems.

  • Yegor Grishko
    Tue, Jul 25, 2017, 12:07 PM
    Hello, any news on when will 3.3 version available? Thank you!
  • Alexander Bias
    Thu, Jul 27, 2017, 3:26 PM
    Hi Yegor,

    we will need some more weeks until we can do 3.3 testing due to our delayed internal scheduled.

    However, up to now, we haven't received any problem reports with the 3.2 version on 3.3. Please give it a try.

  • Gabe G
    Wed, Feb 7, 2018, 5:05 AM
    Hi Alexander,

    Just wanted to report that the 3.3 plugin released earlier today (what a coincidence!) installed fine to my 3.4.1, and seemed to successfully sync/create users in Moodle from cron.

    Thank you for all your work on this!
  • Silke Kirberg
    Thu, Jan 24, 2019, 9:15 PM
    Hello Alex, does syncplus work with Moodle 3.6? We will have an update next week smile Thank you, Silke
  • Alexander Bias
    Tue, Jan 29, 2019, 3:10 PM
    Hi Silke,
    I am sorry but this plugin has not been tested for 3.6 yet by us. I have seen that there were, as usual, some changes in auth_ldap in 3.6 which most probably have to be adopted to auth_ldap_syncplus. We will tackle this work throughout the next weeks.

    So, running this plugin on 3.6 is at your own risk currently unfortunately.

  • Alexander Bias
    Tue, Jan 29, 2019, 7:15 PM
    Hi Silke,

    the 3.6 version is now tested and released.

  • Jiri Michal
    Fri, Nov 22, 2019, 4:40 PM
    I'm solving a problem with LDAP authentication and synchronization user accounts in multi-domain MS Active Directory tree. I'm using core LDAP plugin and authentication and synchronization are working (SSO to), but, because SamAccountName is not unique in this environment, I'm using userprincipalname like attribute for user identification (user_attribute). And it can be problem, for example when women user get merried and she change her surname, AD manager changes it in AD and userprincipalname are changed too. I would like use SID or GUID like identification users, but in core LDAP it's not possible.
    It's posible to use SID or GUID in LDAP syncPlus plugin? And whats about switch ID atribut in live system?

  • Zoran Jančić
    Fri, Mar 20, 2020, 2:20 AM
    How to change authentication type of existing users form ldap to ldap_syncplus? Is it enough to update their auth field in mdl_user database table from 'ldap' to 'ldap_syncplus'?
    In theory, this can be done via user download/upload moodle feature so we don't have to do it directly in database if someone doesn't have direct access to the database.
  • Дмитрий Курбатов
    Tue, Oct 27, 2020, 4:17 PM

    Explain or clarify why during creation
    user account fields such as First Name, Last Name and Email Address are required fields?

    Why the System does not allow leaving these fields empty, although the description for this plugin indicates the following «.... The only thing you have to specify correctly is the username (which corresponds to the username in LDAP). All other details like first name or email address can be filled with placeholder content. After you click the "Create user" button, Moodle pulls the other user's details from LDAP and creates the user account correctly with the details from LDAP.»
  • MAG II
    Mon, Jun 21, 2021, 10:48 PM
    Hi -

    My organization has been using this plugin to create profiles on Moodle from our active directory, and it works great. I have a question regarding the capability of this plugin. Is it possible that upon profile creation, the plugin automatically enrolls users into specific courses? The ideal scenario is to have employees automatically enrolled into courses upon Moodle profile creation, and before they even login to Moodle for the first time. Is such an action possible? Please let me know. Thanks!
  • Rene Hansen
    Tue, Mar 22, 2022, 12:06 AM
    Hello, we want to use this function: synchronize the attribute "suspended" - but it doesn't work, The users with this attribute are not suspended. What do we have to do to make this function work as expected?

    version v3.11-r1 (2021072000) auth_ldap_syncplus
  • Elias Pereira
    Sun, May 5, 2024, 3:08 AM
    Any idea if the plugin is compatible with version 4.x?
1 2 3
Please login to post comments