In Reply to: Emma Richardson
This is not needed to get people to log in. As long as Moodle can talk to the LDAP server, the users are created automatically when they first log in.
Nope not the case. Depends on how you set it up.
I forget which option it is but there is a way to make moodle write a user to ldap on creation in moodle. I'll call that "Write to LDAP"
However our option is that there is a large ldap server with all the AD accounts already on and one is created in moodle whenever an AD account is created. I'll call that "Read from LDAP"
To make that happen and to pull the users over to moodle then you need a cron script to sync them. If you don't have this then any changes made at the AD end won't be reflected in moodle and none of the existing AD users will be set up as users in moodle.
Now if moodle is your master record source then you might not want that and would use "Write to LDAP". If your ldap server is the master record then you would only want moodle to pull accounts from there and to only use the ldap server info "Read from LDAP".
So in summary if you are setting it up to pull in existing users "Read from LDAP" and then authenticate you need to pull over their details at least once. Schedule is better otherwise they might get out of alignment for various reasons.