LDAP server settings
  • 21 Jun 2022
  • 1 minute to read

LDAP server settings


Article Summary

Lightweight Data Access Protocol (LDAP) is a way of pulling user information from an external directory (such as Active Directory) into your Totara site. You can configure the following settings when setting up LDAP authentication on Totara.

Setting
Description
Notes

LDAP server settings

Establish the basic parameters for the LDAP server itself, including host URL, version (of the protocol being used), and LDAP encoding.

-

Bind settings 

These settings will allow the LDAP server to complete its bind operations, which authenticate clients and establish an authorised identity it can use for subsequent processes on the connection. In this case LDAP will be authorising your Totara site to access the directory information.

-

User lookup settings

Determine how your site will interact with the directory LDAP is pointing to. You can set the user type and the context, among other settings.

-

Force change password

Decide if you want users to change their password when they first log in to Totara, and configure the related parameters, such as password format.

-

LDAP password expiration settings

You can choose whether to have Totara check if an LDAP password has expired, and warn users before the LDAP password expiration. If you use LDAP with other systems then you may wish to do this elsewhere.

-

Enable user creation

These settings can be used to allow anonymous new users to self-create accounts on the LDAP server.

-

System role mapping

Set up mappings for Totara roles when creating accounts through LDAP. 

-

User account synchronisation

Specify what to do with internal user accounts if you run a mass synchronisation and the account was removed from the external sources.

-

NTLM SSO

If you wish to use NTLM authentication then you can enable and configure it. NTLM authentication uses MS Active Directory to authenticate users based on the credentials stored on their Windows client computer, rather than prompting for login details.

-

Data mapping

Configure how data for various fields should be mapped across Totara and the external system.

-

© Copyright 2024 Totara Learning Solutions. All rights reserved. Some content originally obtained via GPLv3 license and continues to be available under GPLv3. All other content is the sole copyright of Totara Learning Solutions. 



Was this article helpful?

Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.