+ Post New Thread
Results 1 to 15 of 15
Virtual Learning Platforms Thread, Moodle SSO in Technical; I've just set up SSO via NTLM on Moodle and it works a treat - apart from the fact that ...
  1. #1

    Hightower's Avatar
    Join Date
    Jun 2008
    Location
    Cloud 9
    Posts
    4,920
    Thank Post
    494
    Thanked 690 Times in 444 Posts
    Rep Power
    241

    Moodle SSO

    I've just set up SSO via NTLM on Moodle and it works a treat - apart from the fact that students SSO attempts fail and they have to log on manually.

    I logged onto the same machine as a test teacher and SSO worked a treat.

    I'm guessing this has something to do with the permissions with student account, and more likely something to do with the fact we're CC3.

    Anybody got any ideas?

    LDAP authentication works fine for ALL users, it's just the SSO that fails for students.

    Thanks,

  2. #2

    bossman's Avatar
    Join Date
    Nov 2005
    Location
    England
    Posts
    3,898
    Thank Post
    1,182
    Thanked 1,053 Times in 748 Posts
    Rep Power
    327
    @Hightower:

    have you tried with different student accounts i.e. advanced etc you may have to create another user type altogether.

    It could also just be the system wanting access to some files on logon which helps with the authentication process and as you say CC3 has got it locked down tight.

    Use wireshark to capture the process and you will soon find out what it is you will need.

  3. #3

    Hightower's Avatar
    Join Date
    Jun 2008
    Location
    Cloud 9
    Posts
    4,920
    Thank Post
    494
    Thanked 690 Times in 444 Posts
    Rep Power
    241
    Needle in a haystack springs to mind....

  4. #4

    Hightower's Avatar
    Join Date
    Jun 2008
    Location
    Cloud 9
    Posts
    4,920
    Thank Post
    494
    Thanked 690 Times in 444 Posts
    Rep Power
    241
    Ok, in RMMC I made the student users excempt from software restrictions. Logged on as student, went to Moodle and presto - it worked. Made users part of software restrictions again, logged on as same user and it still works. But for other users which didn't try it when they were excempt it didn't work.

    It's deffo trying to something these users aren't supposed to, but I can't find out what. Wireshark gave no answers (as far as I could make out).

  5. #5

    bossman's Avatar
    Join Date
    Nov 2005
    Location
    England
    Posts
    3,898
    Thank Post
    1,182
    Thanked 1,053 Times in 748 Posts
    Rep Power
    327
    @Hightower:

    Check the registry for any new keys on the accounts that do work.
    Check them against the registry of one of the other users that it don't work for.

    As you have stated it worked when the user was exempt from software restrictions so it must have written something to the registry or maybe a windows file.

    Yes needle in a haystack does spring to mind but be thankful it is only one haystack hehe!!

  6. #6

    Hightower's Avatar
    Join Date
    Jun 2008
    Location
    Cloud 9
    Posts
    4,920
    Thank Post
    494
    Thanked 690 Times in 444 Posts
    Rep Power
    241
    Yeah - will take a look tomorrow. Any special tools spring to mind for checking for NEW keys in the registry?

  7. #7
    mikeglover's Avatar
    Join Date
    Mar 2009
    Location
    Northampton
    Posts
    149
    Thank Post
    33
    Thanked 30 Times in 9 Posts
    Rep Power
    16
    Hi Hightower,

    I would interested to know if you get this working and how you setup SSO.

    We currently have RM CC3 and use LDAP authenification in Moodle.

    Many Thanks,

  8. #8

    Hightower's Avatar
    Join Date
    Jun 2008
    Location
    Cloud 9
    Posts
    4,920
    Thank Post
    494
    Thanked 690 Times in 444 Posts
    Rep Power
    241
    Ok - I got this sorted. Problem was my kids were going through a proxy, and I just needed to add a proxy bypass for our Moodle web address. Did this and working now. Bit of a school boy I know, but hopefully this solution might help others in need of help.

    Mike - just followed the wiki article for setting up NTLM, but if you get stuck message me and I'll try to help out if I can.

  9. Thanks to Hightower from:

    mikeglover (11th December 2009)

  10. #9

    Join Date
    Dec 2009
    Location
    Peterborough
    Posts
    19
    Thank Post
    0
    Thanked 1 Time in 1 Post
    Rep Power
    0
    Is your web server in a DMZ? We had issues doing SSO with our server in the DMZ

  11. #10

    Hightower's Avatar
    Join Date
    Jun 2008
    Location
    Cloud 9
    Posts
    4,920
    Thank Post
    494
    Thanked 690 Times in 444 Posts
    Rep Power
    241
    Quote Originally Posted by StevieC View Post
    Is your web server in a DMZ? We had issues doing SSO with our server in the DMZ
    No DMZ

  12. #11

    Join Date
    Dec 2009
    Location
    Peterborough
    Posts
    19
    Thank Post
    0
    Thanked 1 Time in 1 Post
    Rep Power
    0
    Figures

  13. #12
    tri_94's Avatar
    Join Date
    Feb 2007
    Location
    Lincolnshire
    Posts
    117
    Thank Post
    2
    Thanked 2 Times in 2 Posts
    Rep Power
    17
    hi there, We are a CC4 school and are trying to use moodle now, i've managed to setup with LDAP, and would like to use SSO. however. it just wont seem to work for me, and i've searched and searched for help. and no luck....
    its possible something simple im not doing right.

    can you tell me how you got yours working please?

    cheers
    nick

  14. #13

    TechMonkey's Avatar
    Join Date
    Dec 2005
    Location
    South East
    Posts
    3,282
    Thank Post
    225
    Thanked 403 Times in 300 Posts
    Rep Power
    161
    Are you using IE? Have you got the right Apache modules installed and integrated?

    If you have a definite yes to both those then all I had to do was Enable NTLM SSO in the LDAP settings & add my IP ranges to the same. I did find for the IP Ranges I could enter "11.11.11., 11.11.12.," to cover whole ranges (obviously 11.11.11.11.* isn't my IP range.)

  15. #14
    tri_94's Avatar
    Join Date
    Feb 2007
    Location
    Lincolnshire
    Posts
    117
    Thank Post
    2
    Thanked 2 Times in 2 Posts
    Rep Power
    17
    Yes using IE.
    im not sure about the modules part.
    i have downloaded and put the file in the right place.
    im not sure that i've edit the httpd.conf right. so what lines do i need to put and more importantly where in that file do i put them.

    thanks
    nick

  16. #15

    TechMonkey's Avatar
    Join Date
    Dec 2005
    Location
    South East
    Posts
    3,282
    Thank Post
    225
    Thanked 403 Times in 300 Posts
    Rep Power
    161
    You may have to wait to see if an Apache expert stumbles in as there could be issues such as compiling Apache with the right bits in.

    Having taken a look at my Apache config I'm pretty sure I followed the "Using mod_auth_sspi Module" section of Moodle help to make mine work.

    The only gotcha that comes to mind is the IP range format (the page suggests xxx.xxx.xxx.xxx/bitmask format where as I could only get it working with the format I suggested above.) but I do remember I had to tinker a bit for it to work.

SHARE:
+ Post New Thread

Similar Threads

  1. NTLM, Samba, LDAP and SSO on Moodle
    By Mintsoft in forum Virtual Learning Platforms
    Replies: 2
    Last Post: 4th July 2011, 06:52 PM
  2. Quick question for those running Moodle SSO
    By MACIT in forum Virtual Learning Platforms
    Replies: 3
    Last Post: 22nd June 2010, 09:46 AM
  3. Moodle LDAP/NTLM/SSO ok for some?
    By stm-tech in forum Virtual Learning Platforms
    Replies: 26
    Last Post: 30th October 2009, 10:57 AM
  4. Getting NTLM SSO to work with Moodle - Apache issue?
    By TheFopp in forum Virtual Learning Platforms
    Replies: 4
    Last Post: 3rd April 2009, 10:17 AM
  5. SSO NTLM RADIUS???
    By PWright in forum Wireless Networks
    Replies: 0
    Last Post: 3rd March 2009, 11:52 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •