Integrate with an LDAP server
Jump to section
Lightweight Directory Access Protocol (LDAP) integration with your organization's database provides single sign-on (SSO) access for Möbius users.
TIP: Are you an instructor? Ask your organization's Möbius administrator if your organization uses LDAP.
When LDAP is integrated by your IT group, all Möbius user profiles and user authentication are managed automatically by Möbius retrieving basic user profile information from the LDAP server. Example — Email address and student ID
NOTE: The LDAP server is a central repository that's managed by your organization's IT group.
User authentication is handled entirely by the LDAP server, meaning that users will always use their organization's user login and password to access Möbius.
A user's Möbius user login, email, or password aren't required for logging in; students just need their organization's user login and password to access Möbius.
NOTE: Administrators don't have to worry about user logins, emails, passwords, or resetting passwords in a Möbius environment that's integrated with LDAP. These credentials are handled by your IT group.
NOTE: Administrators work with DigitalEd's Support Team (support@digitaled.com) to configure which information in the LDAP profile will be made available to Möbius.
Log in with LDAP
Any user who is stored in the LDAP directory for your organization can log in to Möbius.
Users log in to Möbius using their organization's user login and password.
NOTE: Here the workflow of a user logging in to Möbius when their organization is integrated with LDAP:
The user enters their user login and password.
Möbius presents these login credentials to the LDAP server.
The LDAP server performs authentication of the user.
- If the credentials are rejected by the LDAP server, log in is denied.
- If the credentials are accepted and the user already has a Möbius account, the profile information is retrieved from the LDAP directory and Möbius's database is updated to reflect any changes.
- If the credentials are accepted and the user doesn't have a Möbius account, the user is added to the Möbius database and the profile information is retrieved from the LDAP directory. Möbius then displays a validation page for the user. The user is given the opportunity to add profile information not supplied by the LDAP directory, and must confirm the final profile information. The user's Möbius is then created.
The user can then access Möbius.
NOTE: Möbius stores the user login as found in the LDAP directory and that user login will appear in web pages and reports.
Forgotten passwords and LDAP
If a user forgets their password, the user must contact their organization's IT group.
NOTE: Möbius doesn't manage passwords in an LDAP environment, and your organization's Möbius administrator can't reset or retrieve passwords.
Create users with LDAP
Administrators (and users with the instructors + create privilege) can search for users in the LDAP directory who don't have a Möbius account and create an account for them.
Click System User Manager on the System Homepage.
Click Add User.
NOTE: An instructor with the instructor + create privilege will view a modified System User Manager menu.
Select the user attribute you want to search for in the LDAP directory.
TIP: You can search in the LDAP directory by a user's:
- User login
- First name
- Last name
- Email address
Enter a value for the selected user attribute.
TIP: You can perform a wild card search by entering a string of text with an asterisk (*). Wild card searches aren't case-sensitive. Example — an* in the Last Name field will display all last names that start with an that are in the LDAP directory but not in Möbius.
Click Search.
Select the user check boxes from the search results that you want to add to Möbius and click Submit to create the LDAP user profiles in Möbius.
Enroll users into a class with LDAP
Administrators and instructors can enroll users into a class using a user roster file when LDAP is enabled.
TIP: Check out Enroll users into my class to learn how to enroll students using a user roster file.
NOTE: When LDAP is enabled, users must already be registered in Möbius to be imported into a class using a user roster file.
NOTE: The user roster file should only contain user login values when enrolling users into a class using a user roster file. The user login values in the import file are used to match users to the LDAP directory. Check out Work with a user roster file.
User information is verified and updated from the LDAP directory when you import users into a class with a user roster file from a Möbius environment that's integrated with LDAP.
NOTE: When LDAP is enabled and you import users into a class using a user roster file:
- The LDAP server is consulted to verify each user is in the LDAP directory (users that aren't in the directory won't be imported).
- User matching is done by user login.
- Profile information from the LDAP directory overrides any corresponding information in the import file.
- The Require user to validate on next login check box (found in the User Details pane) is ignored if enabled.