Help

Configuration of the IDP server

  • Information needed to configure a school for Crystal Lite.
 

MoE number

 

Address

 

Phone

 

Roll

 

Principal

 

Principals email

 

Account contact

 

Account email

 

ELearning contact

 

ELearning email             

 

ICT support contact

 

ICT support email

 

IP number 

 

LDAP type?

 

External domain name

 

Domain name of the LDAP server

  Password for AD user name called CrystalDB (user level rights). This is used to access the below OU's.
 

LDAP group names (if needed)
Full path names of any OU's that need to be accessed (student/staff/management/Google?)


 

Moodle SSO?
Location of Moodle host's metadata?
Crystal metadata below.

  Google Apps?
Domain name if different from external domain name above.
Email BarryB@tmsw.co.nz for Google certificate when ready.

 

My Portfolio?

 

ETV?
Crystal already has suitable exchnage metadata with ETV

 

Any other SSO clouds?


  • Metadata location: https://idp.crystal.school.nz/simplesaml/saml2/idp/metadata.php?output=xhtml

  • Firewall rules
    Port 389 need to be opened for traffic from 122.56.63.42, 122.56.63.43, 122.56.63.44, 122.56.63.50, 122.56.63.51, 122.56.63.52 to the local LDAP server on the school's/host firewall
    The second range is for the redundant IDP server.

  • Google setup
  • Password change
    • This is NOT currently part of the Lite package
    • Admin note: If we want to offer the password change function - will have to make a change so that it doesn’t need a user record (or self populate when they do a change) plus we’ll have to have a certificate from them, use port 636 and crystaldb have account operator rights.