LDAP server settings

LDAP server settings

Establish the basic parameters for the LDAP server itself, including host URL, version (of the protocol being used), and LDAP encoding.

-

Bind settings 

These settings will allow the LDAP server to complete its bind operations, which authenticate clients and establish an authorised identity it can use for subsequent processes on the connection. In this case LDAP will be authorising your Totara site to access the directory information.

-

User lookup settings

Determine how your site will interact with the directory LDAP is pointing to. You can set the user type and the context, among other settings.

-

Force change password

Decide if you want users to change their password when they first log in to Totara, and configure the related parameters, such as password format.

-

LDAP password expiration settings

You can choose whether to have Totara check if an LDAP password has expired, and warn users before the LDAP password expiration. If you use LDAP with other systems then you may wish to do this elsewhere.

-

Enable user creation

These settings can be used to allow anonymous new users to self-create accounts on the LDAP server.

-

System role mapping

Set up mappings for Totara roles when creating accounts through LDAP. 

-

User account synchronisation

Specify what to do with internal user accounts if you run a mass synchronisation and the account was removed from the external sources.

-

If you wish to use NTLM authentication then you can enable and configure it. NTLM authentication uses MS Active Directory to authenticate users based on the credentials stored on their Windows client computer, rather than prompting for login details.

-

Data mapping

Configure how data for various fields should be mapped across Totara and the external system.

-