+ Post New Thread
Results 1 to 7 of 7
Virtual Learning Platforms Thread, Moodle SSO - tearing my hair out! in Technical; Setup IIS 7.5 MSSQL Server 2008r2 and Windows Server 2008r2 PHP 5.3.5 Moodle v2 - Setup LDAP without issue and ...
  1. #1
    jgcracknell's Avatar
    Join Date
    Mar 2009
    Location
    Somewhere
    Posts
    93
    Thank Post
    5
    Thanked 1 Time in 1 Post
    Rep Power
    21

    Moodle SSO - tearing my hair out!

    Setup IIS 7.5 MSSQL Server 2008r2 and Windows Server 2008r2 PHP 5.3.5

    Moodle v2 - Setup LDAP without issue and authentication is working. Setup NTLM SSO as per instructions and done the tinkering as per the instructions as well for IIS 7.5

    I just can't get SSO to work - It tries to authenticate using SSO according to the IIS logs but it says that the user is unknown! If I just use Windows Authentication on a normal HTML page on the same website then it works! Yet for SSO failure!

    I am now stuck on what the issue could be...PHP? AD? - does the IIS user have to be in certain usergroups? It just doesn't want to play ball.
    Last edited by jgcracknell; 14th April 2011 at 01:24 AM.

  2. #2

    Join Date
    Dec 2005
    Posts
    536
    Thank Post
    34
    Thanked 89 Times in 79 Posts
    Rep Power
    39
    Do the logs show what username it is seeing?

    I know when I was trying to get sso and moodle working on ubuntu I had to edit a file to read the username differently.

    As an example... the computers where authenticating with domain\username and I had to get it to strip the domain\ from the authentication (or it was the other way round...)

    If you can check the logs for this info it might show which its picking up... domain\username or username

  3. Thanks to siuko from:

    jgcracknell (14th April 2011)

  4. #3
    jgcracknell's Avatar
    Join Date
    Mar 2009
    Location
    Somewhere
    Posts
    93
    Thank Post
    5
    Thanked 1 Time in 1 Post
    Rep Power
    21
    Hi

    I've tried altering auth.php and have had no luck.

    It seems Firefox is pulling back sck (my userid) but everything else is not working. Even firefox doesn't work when I use just userid or domain\userid

    J.

    logs from IIS

    2011-04-14 16:57:15 10.103.130.3 GET / - 80 sck 10.103.130.3 Mozilla/5.0+(Windows+NT+6.1;+WOW64;+rv:2.0)+Gecko/20100101+Firefox/4.0 303 0 0 96
    2011-04-14 16:57:15 10.103.130.3 GET /login/index.php - 80 sck 10.103.130.3 Mozilla/5.0+(Windows+NT+6.1;+WOW64;+rv:2.0)+Gecko/20100101+Firefox/4.0 303 0 0 98
    2011-04-14 16:57:15 10.103.130.3 GET /auth/ldap/ntlmsso_attempt.php - 80 sck 10.103.130.3 Mozilla/5.0+(Windows+NT+6.1;+WOW64;+rv:2.0)+Gecko/20100101+Firefox/4.0 200 0 0 158
    2011-04-14 16:57:15 10.103.130.3 GET /auth/ldap/ntlmsso_magic.php sesskey=ZUmEqDV1Ix 80 - 10.103.130.3 Mozilla/5.0+(Windows+NT+6.1;+WOW64;+rv:2.0)+Gecko/20100101+Firefox/4.0 401 2 5 1
    2011-04-14 16:57:15 10.103.130.3 GET /auth/ldap/ntlmsso_magic.php sesskey=ZUmEqDV1Ix 80 - 10.103.130.3 Mozilla/5.0+(Windows+NT+6.1;+WOW64;+rv:2.0)+Gecko/20100101+Firefox/4.0 401 2 5 1
    2011-04-14 16:57:19 10.103.130.3 GET /auth/ldap/ntlmsso_finish.php - 80 sck 10.103.130.3 Mozilla/5.0+(Windows+NT+6.1;+WOW64;+rv:2.0)+Gecko/20100101+Firefox/4.0 200 0 0 151


    011-04-14 17:06:43 10.103.130.3 GET / - 80 - 10.103.130.3 WWW-Mechanize/1.0.0+(RubyForge: WWW::Mechanize: Project Info) 200 0 0 1945
    2011-04-14 17:06:49 10.103.130.3 GET / - 80 - 10.103.130.3 WWW-Mechanize/1.0.0+(RubyForge: WWW::Mechanize: Project Info) 303 0 0 2563
    2011-04-14 17:06:49 10.103.130.3 GET /login/index.php - 80 - 10.103.130.3 WWW-Mechanize/1.0.0+(RubyForge: WWW::Mechanize: Project Info) 303 0 0 307
    2011-04-14 17:06:49 10.103.130.3 GET /auth/ldap/ntlmsso_attempt.php - 80 - 10.103.130.3 WWW-Mechanize/1.0.0+(RubyForge: WWW::Mechanize: Project Info) 200 0 0 225

    These look odd....

    It looks like NTLM is either not returning the userid or stripping out everything.....

  5. #4
    InterwebsGuy's Avatar
    Join Date
    Jan 2011
    Posts
    229
    Thank Post
    58
    Thanked 23 Times in 23 Posts
    Rep Power
    11
    I take it you have NTLM enabled in Firefox? If I remember correctly, once upon a time you had to enable it in about:config. Having said that I haven't attempted NTLM in an app in a long time.

  6. #5
    Cools's Avatar
    Join Date
    Jan 2009
    Location
    Bedfordshire
    Posts
    498
    Thank Post
    24
    Thanked 62 Times in 57 Posts
    Rep Power
    25
    only ever got sso to work with IE..
    and that was with IIS and on Nix ..

  7. #6
    jgcracknell's Avatar
    Join Date
    Mar 2009
    Location
    Somewhere
    Posts
    93
    Thank Post
    5
    Thanked 1 Time in 1 Post
    Rep Power
    21
    I am getting IIS with a 401.1 error and no sign of authentication in the IIS logs - just tried it on a new website tonight on the same server. So something is being denied somewhere. Even put myself into the local domain policy so I can log on locally......running out of ideas.....

  8. #7

    Join Date
    Dec 2010
    Posts
    2
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    If you're using Firefox with NTLM you have to specify the URI of your Moodle. There's a step-by-step guide here: sivel.net/2007/05/firefox-ntlm-sso - it's still applicable for Firefox 4. It works perfectly for SSO in our school. This might not solve the problem you're having but is definitely something to check!

SHARE:
+ Post New Thread

Similar Threads

  1. Moodle SSO
    By Hightower in forum Virtual Learning Platforms
    Replies: 14
    Last Post: 25th May 2011, 08:24 AM
  2. moodle sso help
    By cobra in forum Virtual Learning Platforms
    Replies: 14
    Last Post: 4th March 2011, 01:27 PM
  3. SSO Moodle
    By witch in forum Virtual Learning Platforms
    Replies: 12
    Last Post: 27th January 2011, 01:37 PM
  4. Moodle LDAP/NTLM/SSO ok for some?
    By stm-tech in forum Virtual Learning Platforms
    Replies: 26
    Last Post: 30th October 2009, 10:57 AM
  5. AFP Automount - tearing my hair out over it
    By sidewinder in forum Mac
    Replies: 2
    Last Post: 4th November 2008, 10:34 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •