A Windows System Admin's Blog

Covering Server Administration, Endpoint Management, Scripting and Network Management

Using LDAPS (Secure LDAP Binding) with Moodle for Sign-In running on IIS in a Windows Active Directory Domain

,
LDAP Server Settings in Moodle

The process for running LDAP queries via secure channel for Moodle is fairly straight forward. This method is not using a trusted certificate but is encrypting the traffic between Moodle and your Domain Controller to prevent snooping. The first thing you will want to do is install the latest OpenSSL binaries onto your Moodle Server. Once this is done, create a folder structure on the C drive like this C:\OpenLDAP\sysconf\ and create a new text file called ldap.conf, in its contents we can enter a single line;

TLS_REQCERT never

Now that OpenSSL is ready to go, restart IIS for good measure. Once things are back up we can enter Moodle, login as an Administrator and change the LDAP query from LDAP:// to LDAPS:// as well as the port from 389 to 636.

2 responses to “Using LDAPS (Secure LDAP Binding) with Moodle for Sign-In running on IIS in a Windows Active Directory Domain”

  1. Kamil Avatar
    Kamil

    LDAPS port is 636 not 689.

    Reply
    1. John Avatar
      John

      Thanks for catching that, have updated the post

      Reply

Leave a Reply

More Posts

Fixing the Outlook Web Access web application failed to initialize error

During the Christmas break many still wish to check their e-mails whilst enjoying their holidays.  One of my Clients who don’t use OWA are now taking the plunge and going to be checking their e-mail (great feature). With SBS 2008 (so Exchange 2007), OWA is enabled by default, so I thought there would be nothing […]

Fixing the randomly stopping WsusPool IIS Application pool and Windows Updates failed 0x80244022 error

I was recently assisting a client with an upgrade of their Configuration Manager (SCCM) environment up to the latest release of 1702 and as part of that we’re also going over it’s currently deployed functionality and making sure it all works. They recently noted that clients were no longer receiving updates and ran the Software […]

Amazon WorkSpaces and SSL Errors with Deep Packet Inspection

I was recently doing a new FortiGate deployment for a customer and one of the requirements included setting up Deep Packet SSL Inspection for their users. The customer already has an Internal CA so we generated a certificate for the FortiGate to use for encryption and clients already trusted the certificate as it was part […]