Forum .LRN Q&A: Re: Authentication with ldap

Posted by Matthew Coupe on
Hi Christopher,

We're currently in the process of setting up our LDAP server for pretty much the same purpose as you. I believe we got to exactly the same point whereby when someone hit the site they were not yet authenticated and it took an admin to do this. (approve and add to dotLRN I believe).

This is how I understand the synchronisation works:

To synchronise the two accounts you need to get your active directory to export a snapshot to a URL and then point the ldap module of dotlrn to this URL (through configure or something like that). This then synchronises the two databases. Any mods after that are updated automatically via snapshot updates at another URL. It also does a full synch every so often to ensure consistency.

I haven't configure this part yet but I believe some people have. If they don't hit you back with anything I may be able to give you their contact info so you can drop them a line. If you do get this working though please could you let us all know how you did it as this would be really interesting for us too. The synchronisation aspect does not appear (As far as I know) to have great documentation.