I already got the authentication part working beautifully. Now I want to setup everything to work the way, that people automatically get signed up to certain courses based on their roles specified within LDAP.
E.g.: Everybody in the company embodies the role of a employee. Then there are departments like "finance" and "HR". In "finance" all employees also have the role of "finance worker" and one person is a "manager" additionally to his other two roles. Now I want to define a number of courses for "employees" to take, some for the "financial worker"s and some for "manager"s. So the manager would end up with a lot classes to take
I was so proud to get the authentication working, but it seems like now things become even harder. I really do not know a whole lot about MS AD (we are using AD on MS Server 2k3) or LDAP.
So my questions are:
1) Can I realize that kind of architecture with the build in LDAP enrollment plugin?
2) Do I need to enter role information twice in my LDAP structure (once through my regular tree structure and then a second time for the moodle-oriented tree)?
3) How should I implement roles in LDAP? As attributes (eg classes) of DNs or in a tree-like structure through OUs or some other way?
4) How should I setup the LDAP enrollment plugin?
Unfortunately the Moodle documentation on the plugin is a little bit over my head, but I think the architecture I am trying to put up is very common.
Any help (including links to what to read) are greatly appreciated. THANKS so much!
Paul