+ Post New Thread
Results 1 to 5 of 5
Virtual Learning Platforms Thread, Getting NTLM SSO to work with Moodle - Apache issue? in Technical; Trying to get SSO working on our WAMP Moodle box. LDAP is fine and has been working since we started ...
  1. #1

    Join Date
    Nov 2007
    Location
    Manchester
    Posts
    206
    Thank Post
    2
    Thanked 13 Times in 7 Posts
    Rep Power
    17

    Getting NTLM SSO to work with Moodle - Apache issue?

    Trying to get SSO working on our WAMP Moodle box. LDAP is fine and has been working since we started using moodle, but would be nice if we could use it as the kids homepage without them having to sign in each time.

    The setup so far:
    Moodle 1.9.4+ (Build: 20090325)
    PHP 5.2
    Apache 2.2.3 (with mod_auth_sspi 1.0.4 v2.2.2)

    on Windows 2003 server R2 SP2

    LDAP Authentication is working fine (and has been since I set it up 1 1/2 years ago)

    NTLM SSO is now enabled
    Subnet set to 10.0.

    Have edited httpd.conf to include

    <IfModule !mod_auth_sspi.c>
    LoadModule sspi_auth_module modules/mod_auth_sspi.so
    </IfModule>

    <Directory "C:\moodle\auth\ldap">
    <Files ntlmsso_magic.php>
    AuthName "MoodleAtChets"
    AuthType SSPI
    SSPIAuth On
    SSPIOfferBasic Off
    SSPIAuthoritative On
    SSPIDomain csm.local
    require valid-user
    </Files>
    </Directory>

    Restarted Apache

    When I go to my moodle homepage it redirects and I get the 'Attempting Single Sign On via NTLM' page as I would expect but it brings up a windows authentication box asking for username and password for the site.

    Both the Username and Password fields are blank.

    Interestingly if I put my username in as just AdrianH@csm.local and my password it authenticates, but if I just put AdrianH and my password it won't authenticate and passes my to the normal login page.... which will accept AdrianH (without the csm.local) as my username.

    So I'm guessing the NTLMSSO is either just picking up AdrianH as my username (without the csm.local), or, as the fields in the Windows style authentication box are blank when it comes (and I think this more likely) then it isn't picking up a username and password at all.

    So I created a PHP file with following in the moodle directory which should print on screen my Username:

    <?php
    echo $_SERVER['REMOTE_USER'];
    ?>


    but when I run it I get nothing on screen. So I can only presume that either PHP or more likely Apache are at fault (not moodle) as they aren't able to show my credentials.

    Has anyone got this working before? Or can anyone see what I might need to do within Apache to get this working....

    .... or do I need to do something else?!

    I've tried over at the Moodle forums and not had any luck (but I'm not the only one to have had similar problems.

    Any help would be appreciated.

  2. #2

    Join Date
    May 2007
    Location
    Southampton
    Posts
    94
    Thank Post
    7
    Thanked 4 Times in 4 Posts
    Rep Power
    16
    What browser are you using? I think there's an additional change that you need to make on each Firefox installation to make that work with NTLM. The only other thing I can think of is to check that the path c:\moodle\auth\ldap is correct.. I'm sure that it is, but I thought I should ask since you might have copied/pasted that part from the Moodle NTLM guide.

  3. #3

    Join Date
    Nov 2007
    Location
    Manchester
    Posts
    206
    Thank Post
    2
    Thanked 13 Times in 7 Posts
    Rep Power
    17
    Quote Originally Posted by nutso View Post
    What browser are you using? I think there's an additional change that you need to make on each Firefox installation to make that work with NTLM. The only other thing I can think of is to check that the path c:\moodle\auth\ldap is correct.. I'm sure that it is, but I thought I should ask since you might have copied/pasted that part from the Moodle NTLM guide.
    We are using IE. The path I have in my config file is correct (but yes I had just copied the one in the example from the Moodle guide!)

  4. #4

    Join Date
    May 2007
    Location
    Southampton
    Posts
    94
    Thank Post
    7
    Thanked 4 Times in 4 Posts
    Rep Power
    16
    When you log in to Moodle, does IE see it as being in the Intranet zone or the Internet zone? If I remember rightly, by default IE only does NTLM in the Intranet zone.

  5. #5

    Join Date
    Nov 2007
    Location
    Manchester
    Posts
    206
    Thank Post
    2
    Thanked 13 Times in 7 Posts
    Rep Power
    17
    Quote Originally Posted by nutso View Post
    When you log in to Moodle, does IE see it as being in the Intranet zone or the Internet zone? If I remember rightly, by default IE only does NTLM in the Intranet zone.
    nutso... you are a genius. Worked a treat. Got it in the Intranet Zone settings for IE using GPO now.
    Many thanks



SHARE:
+ Post New Thread

Similar Threads

  1. Moodle & NTLM Authentication
    By alan-d in forum Virtual Learning Platforms
    Replies: 12
    Last Post: 15th December 2009, 03:19 PM
  2. SSO NTLM RADIUS???
    By PWright in forum Wireless Networks
    Replies: 0
    Last Post: 3rd March 2009, 12:52 PM
  3. Case Sensitive Apache/Moodle
    By CyberNerd in forum *nix
    Replies: 5
    Last Post: 13th October 2008, 10:15 PM
  4. Users Work Saving Issue
    By dsnanra in forum Windows Server 2008
    Replies: 2
    Last Post: 18th April 2008, 01:29 PM
  5. Office 2007 file format support in Apache, PHP and Moodle
    By Geoff in forum Virtual Learning Platforms
    Replies: 2
    Last Post: 8th July 2007, 01:12 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •