LDAP syncing scripts

General plugins (Local) ::: local_ldap
Maintained by Charles Fulton, Andrew Zito
This plugin synchronizes Moodle cohorts against an LDAP directory using either group memberships or attribute values.
Latest release:
592 sites
319 downloads
22 fans

This plugin synchronizes Moodle cohorts against an LDAP directory using either group memberships or attribute values. This is a continuation of Patrick Pollet's local_ldap plugin, which in turn was inspired by MDL-25011 and MDL-25054.

This plugin requires that you have either CAS or LDAP enabled as an authentication method. It officially supports OpenLDAP and Active Directory. Both have unit test coverage.

The synchronization tasks are managed as scheduled tasks and are disabled by default.

Screenshots

Screenshot #0

Contributors

Charles Fulton (Lead maintainer)
Please login to view contributors details and/or to contact them

Comments RSS

Show comments
  • Tue, Aug 4, 2020, 7:34 PM
    I have installed Moodle 3.9 in the Windows 2019 Server and enabled Active Directory login and it's working fine without any issues. Now I downloaded ldap sync plugin and copied ldap folder to moodle/local and added cli/syc_cohorts.php and sync_cohorts_attribute.php in the Task Scheduler. After run the task scheduler, only 20 cohorts created out of 150 groups and very few of them only added in the cohorts not all the members.
    Group attribute - cn
    Group class - group
    Process nested groups - yes
    Auto create missing cohorts - yes

    Attribute name to search - department

    Axel, could you please help me, I have made the changes as you suggested, but still it is not populating cohorts.
  • Tue, Sep 29, 2020, 3:51 PM
    Hi! I would like to add all my LDAP users to one cohort. LDAP is working, but I can't get local_ldap to sync anything. It just does nothing when I run the task. A way to debug would greatly appreciated!
  • Mon, Oct 5, 2020, 3:16 AM
    Hi!
    We have the same issue than Tobias Marx.
    We suppose that the problem comes after an upgrade to Moodle 3.8. We try to upgrade to Moodle 3.9, we uninstall and reinstall the plugin but nothing is done when the task is running.

    Execute scheduled task: Synchronisation des cohortes sur les groupes du LDAP (local_ldap\task\group_sync_task)
    ... started 21:13:38. Current memory use 13.8Mo.
    ... used 0 dbqueries
    ... used 0.064833164215088 seconds
    Scheduled task complete: Synchronisation des cohortes sur les groupes du LDAP (local_ldap\task\group_sync_task)

    Our configuration is :
    Group attribute - cn
    Group class - group
    Process nested groups - yes
    Auto create missing cohorts - yes

    The LDAP (Active Directory) authentification works well.

    Thanks for your help.
  • Mon, Dec 7, 2020, 4:57 PM
    Same here with moodle 3.6!
  • Thu, Jan 7, 2021, 9:26 PM
    I've just realised that our LDAP Sync for groups has stopped working since upgrading to Moodle 3.10 just before Christmas.

    When running the task I get:

    Execute scheduled task: Synchronize cohorts from LDAP groups (local_ldap\task\group_sync_task)
    ... started 13:26:03. Current memory use 13.6MB.
    ... used 99 dbqueries
    ... used 0.11082696914673 seconds
    Scheduled task complete: Synchronize cohorts from LDAP groups (local_ldap\task\group_sync_task)

    ...but no changes are synced. Any help, greatly appreciated.

  • Thu, Jan 7, 2021, 10:28 PM
    Hi Andrew, I've tested the plugin against Moodle 3.10 and it's still working. What version of PHP do you have and are you on the most recent version of the plugin?
  • Fri, Jan 8, 2021, 12:18 AM
    Thanks for the quick reply, Charles - PHP Version 7.3.25-1 and yes, latest version of the plugin v3.7.0
  • Thu, Jan 28, 2021, 3:55 PM
    I've just started looking over this problem again and noticed I'm getting this error now:

    Scheduled task failed: Synchronize cohorts from LDAP groups (local_ldap\task\group_sync_task),Call to undefined function ldap_connect()

    Any thoughts?
  • Thu, Jan 28, 2021, 8:59 PM
    That error message suggests that the ldap extension is not enabled on your server.
  • Mon, Feb 1, 2021, 4:17 PM
    Thanks for that... somehow my CLI version of PHP is 7.4 whereas apache2 is using 7.3. I've installed and enabled the ldap module for 7.4 which clears that error, but still no joy syncing groups.
  • Thu, Feb 4, 2021, 4:20 PM
    I've straightened out php to be 7.3 for apache2 and cli, but still not working. The log for the scheduled task reports 99 reads, 0 writes but then Success. The message after the job runs is:

    Execute scheduled task: Synchronize cohorts from LDAP groups (local_ldap\task\group_sync_task)
    ... started 08:19:56. Current memory use 14.5MB.
    ... used 99 dbqueries
    ... used 0.069606065750122 seconds
    Scheduled task complete: Synchronize cohorts from LDAP groups (local_ldap\task\group_sync_task)

    But no cohorts are updated.
  • Fri, May 7, 2021, 8:44 PM
    I finally got the scripts working... by following Reed Glasener's post from years ago. By adding the name of the OU where groups are stored all the cohorts synced again. I think the scripts must have changed at some time to require this, as I had cohort syncs working without the Groups OU being listed in search contexts until last December.

    For anyone who's struggling, a confirmed working configuration for a Windows 2019 based Active Directory is:

    Group attribute: cn
    Group class: group
    Real user class: (empty)
    Process nested groups: (unticked)
    Autocreate missing cohorts: ticked

    ...and under Authentication/LDAP Server settings...

    User lookup settings/Contexts: ou=all_users,dc=xxxxx,dc=co,dc=uk;ou=groups,dc=xxxxx,dc=co,dc=uk
  • Wed, May 26, 2021, 3:20 PM
    Hi

    I success the cohort sync about ldap.
    I want the chort sync about ldap2.( I am using the multi ldap)

    Who have a idea about it ?

    Thank you !
  • Fri, May 28, 2021, 4:39 AM
    Hi, I have moodle 3.11+ with PHP 7.3.11. Since the moodle update, it's not sync. I have no error.

    Group Attribute: cn
    Group Class: group
    Real user class: userprincipalname. I tried empty also

    PRocess nested group: untick
    Autocreate missing cohorts: tick

    Before the update, everything worked great.

    Thx

  • Tue, Jun 15, 2021, 3:47 PM
    hello , all to make it works with ldap_syncplus i modified the file : localib.php

    i add near the line 29 after "require_once($CFG->dirroot . '/auth/ldap/auth.php');"
    require_once($CFG->dirroot . '/auth/ldap_syncplus/auth.php');

    and between
    } else if (is_enabled_auth('ldap')) {
    $this->authtype = 'ldap';
    $this->roleauth = 'auth_ldap';
    $this->errorlogtag = '[AUTH LDAP] ';
    and
    } else {
    return false;
    }
    i add :
    } else if (is_enabled_auth('ldap_syncplus')) {
    $this->authtype = 'ldap_syncplus';
    $this->roleauth = 'auth_ldap';
    $this->errorlogtag = '[AUTH LDAP SYNCPLUS] ';

    after that the plug in start to work with ldap_syncplus
    Best regards
1 2 3 4 5
Please login to post comments