LearnBook is now availalbe on Moodle 3.9 which brings a number of new and exciting features to the platform.

We will be upgrading our retail clients currently using Moodle Version 3.7 to 3.9 overnight on the evening of the 4th Feb 2021.

Our enterprise clients will be upgraded by arrangement

Articles in this section

See more

Customer Side ADFS Configuration Guide for Moodle

  • Updated

Overview

This document describes the high level configuration required for enabling Single Sign On between Moodle and ADFS.

This document is intended to be used by customer-side IT Administrators with experience managing Windows Server, Active Directory and ADFS environments.

Configuration may differ based on individual customer environments and software versions. This document should be used as a guide while implementing ADFS with the support of eCreators engineers.

Configuration

The following screenshots describe the minimum configuration to be performed by the customer's IT Administrator to implement Single Sign On between Moodle and ADFS.

IT Administrators should start the configuration process by selecting "Add Relying Party Trust...".

Monitoring \ Metadata

Configuration Description
Relying party's federation metadata URL Value supplied by eCreators during configuration stage.
Monitor relying party Ensure Checked
AUtomatically update relying party Ensure Checked

Properties \ Advanced \ Secure Hash Algorithm

Configuration Description
Secure hash algorithm SHA-1

 

Properties \ Encryption \ Certificate Install

Configuration Description
Install Certificate Ensure Certificate is installed. Select "Install Certificate..." and follow wizard.

 

Edit Claim Rules \ Add UPN Rule

Configuration Description
Claim rule name Moodle UPN
Incoming claim type UPN
Outgoing claim type Name ID
Outgoing name ID format Transient Identifier
Pass through all claim values Ensure Enabled

 

Edit Claim Rules \ Metadata Claims LDAP

Configuration Description
Claim rule name Metadata
Attribute store Active Directory

Mapping of LDAP attributes to outgoing claim types

LDAP Attribute Outgoing Claim Type
Given-Name Given Name
SAM-Account-Name Windows account name
Surname Surname
E-Mail-Addresses E-Mail Address

Additional Attributes

Additional attributes may be supported on request during the initial implementation phase. Additional attributes requested post implementation may require a change request.

Related articles