LDAP replaces normal registration?
| Project: | LDAP integration |
| Version: | 6.x-1.0-alpha2 |
| Component: | Miscellaneous |
| Category: | support request |
| Priority: | normal |
| Assigned: | Unassigned |
| Status: | active |
Jump to:
Drupal currently requires users to register using a unique email address. This is a problem for our school website (still in development), as many of our users can't or don't want to use email authentication. When they register, I'd have to try to coerce/train them to input a fake email into the registration form. I will also have to moderate every registration, to ensure that the people signing up are actually who they say they are.
I have just got myself my first VPS hosting account, so an LDAP server is now an option.
With regard to my registration problem, will LDAP help? I know nothing about it, but I envisage an LDAP database on the server, from which Drupal authenticates and also 'imports' user profiles, including a fake email address for each user which keeps drupal happy. With the database pre-created and registration disabled, is means that I wouldn't have to moderate all those sign-ups?
Is LDAP suitable for this kind of usage?
Or maybe I'm better to use the user import module (http://drupal.org/project/user_import)?
Thanks for any advice.
#1
You still have to create user accounts in LDAP using other tools. LDAP provisioning, http://drupal.org/project/ldap_provisioning, could be handy for this purpose. It replaces drupal core user registration. However, it is strongly recommended to use real mail addresses as they are used to reset forgotten passwords. Nowadays email addresses at gmail or other domains are free, so I just recommend to train your users to register for one.
#2
Thanks for your reply.
> You still have to create user accounts in LDAP using other tools
> LDAP provisioning could be handy
Yep, I was hoping it would import from CVS file, or something like that.
> However, it is strongly recommended to use real mail addresses as they are
> used to reset forgotten passwords. Nowadays email addresses at gmail or other
> domains are free, so I just recommend to train your users to register for one.
I disagree for this particular scenario. Children should not use email; it just isn't a safe protocol. Look at your spam box and tell me you'd want your eight year old reading (and possibly replying) to that stuff. Also, the only method of training I could offer would be a screencast, which wouldn't be very effective.
Regarding lost passwords, if there is something wrong with their account, they can just come and see me to get it sorted. I really, really hate the fact that email is virtually the only authentication method for the entire internet. By now there should be better, easier, safer methods, especially for organisations or clubs where there are other points of contact between the users and the website admin.
Thanks for your advice though.
#3
Hi anti,
Using this module it is possible to discard the use of e-mail in registration as this data can and will be provided by the email attribute in the LDAP directory (so you can make them fake). You can disable or remove the e-mail and password changing option on the user-page. This means however that your role will be an system-admin, so all issues regarding this matter must be handled by you. I don't know how many students / children you teach but this can get frustrating. However, considering what you wrote earlier, this is what you need I guess.
Btw, I'm talking about the ldap_auth module. ldap_groups and ldap_data are not needed for what I just illustrated.
Good luck!
#4
Thanks!
Well, I decided that during this development cycle, I don't have time to get LDAP up and running.
I'll try and do this for the next rendition of the site though; for the D7 version or perhaps D8.
For now, I think I'm going to try the user import module - it's not as refined, but it will get me started.
Cheers