LDAP (Lightweight Data Access Protocol) is a way of pulling user information from an external directory (such as Active Directory) into your Totara site. When setting up LDAP authentication on Totara there is a quite a long list of settings, however these are broken down into sections.
|LDAP server settings||Establish the basic parameters for the LDAP server itself, including host URL, version (of the protocol being used), and LDAP encoding.||-|
|Bind settings||These settings will allow the LDAP server to complete its bind operations, which authenticate clients and establish an authorised identity it can use for subsequent processes on the connection. In this case LDAP will be authorising your Totara site to access the directory information.||-|
|User lookup settings||Determine how your site will interact with the directory LDAP is pointing to. You can set the user type and the context among other settings.||-|
|Force change password||Decide if you want users to change their password when they first login to Totara and configure the parameters around that such as password format.||-|
|LDAP password expiration settings||You can choose whether to have Totara check if an LDAP password has expired and warn users before the LDAP password expiration, if you use LDAP with other systems then you may wish to do this elsewhere.||-|
|Enable user creation||These settings can be used to allow anonymous new users to self-create accounts on the LDAP server.||-|
|Process creator||This is a list of groups or users whose members are able to create new courses.||-|
|User account synchronisation||Specify what to do with internal user accounts if you run a mass synchronisation and the account was removed from the external sources.||-|
|If you wish to use NTLM authentication then you can enable and configure it. NTLM authentication uses MS Active Directory to authenticate users based on the credentials stored on their Windows client computer. rather than prompting for login details.||-|
Configure how data for various fields should be mapped across Totara Social and the external system.