I've just set up SSO via NTLM on Moodle and it works a treat - apart from the fact that students SSO attempts fail and they have to log on manually.
I logged onto the same machine as a test teacher and SSO worked a treat.
I'm guessing this has something to do with the permissions with student account, and more likely something to do with the fact we're CC3.
Anybody got any ideas?
LDAP authentication works fine for ALL users, it's just the SSO that fails for students.
have you tried with different student accounts i.e. advanced etc you may have to create another user type altogether.
It could also just be the system wanting access to some files on logon which helps with the authentication process and as you say CC3 has got it locked down tight.
Use wireshark to capture the process and you will soon find out what it is you will need. ;) :)
Needle in a haystack springs to mind....
Ok, in RMMC I made the student users excempt from software restrictions. Logged on as student, went to Moodle and presto - it worked. Made users part of software restrictions again, logged on as same user and it still works. But for other users which didn't try it when they were excempt it didn't work.
It's deffo trying to something these users aren't supposed to, but I can't find out what. Wireshark gave no answers (as far as I could make out).
Check the registry for any new keys on the accounts that do work.
Check them against the registry of one of the other users that it don't work for.
As you have stated it worked when the user was exempt from software restrictions so it must have written something to the registry or maybe a windows file.
Yes needle in a haystack does spring to mind but be thankful it is only one haystack hehe!! ;) :)
Yeah - will take a look tomorrow. Any special tools spring to mind for checking for NEW keys in the registry?
I would interested to know if you get this working and how you setup SSO.
We currently have RM CC3 and use LDAP authenification in Moodle.
Ok - I got this sorted. Problem was my kids were going through a proxy, and I just needed to add a proxy bypass for our Moodle web address. Did this and working now. Bit of a school boy I know, but hopefully this solution might help others in need of help.
Mike - just followed the wiki article for setting up NTLM, but if you get stuck message me and I'll try to help out if I can.
Is your web server in a DMZ? We had issues doing SSO with our server in the DMZ
Originally Posted by StevieC
hi there, We are a CC4 school and are trying to use moodle now, i've managed to setup with LDAP, and would like to use SSO. however. it just wont seem to work for me, and i've searched and searched for help. and no luck....
its possible something simple im not doing right.
can you tell me how you got yours working please?
Are you using IE? Have you got the right Apache modules installed and integrated?
If you have a definite yes to both those then all I had to do was Enable NTLM SSO in the LDAP settings & add my IP ranges to the same. I did find for the IP Ranges I could enter "11.11.11., 11.11.12.," to cover whole ranges (obviously 18.104.22.168.* isn't my IP range.)
Yes using IE.
im not sure about the modules part.
i have downloaded and put the file in the right place.
im not sure that i've edit the httpd.conf right. so what lines do i need to put and more importantly where in that file do i put them.
You may have to wait to see if an Apache expert stumbles in as there could be issues such as compiling Apache with the right bits in.
Having taken a look at my Apache config I'm pretty sure I followed the "Using mod_auth_sspi Module" section of Moodle help to make mine work.
The only gotcha that comes to mind is the IP range format (the page suggests xxx.xxx.xxx.xxx/bitmask format where as I could only get it working with the format I suggested above.) but I do remember I had to tinker a bit for it to work.