I am using Moodle version 2.0.3+ and I need to add a new role that will allow the user to create and delete users for their specific course only. I do not want them to have access to any other users in other courses that were created. I have tried to copy the non-editing teacher role and allow it to create users and delete users but when I test this role out, it doesn't appear to allow that function. Any suggestions on how to achieve this are truly appreciated, thank you.
Karen,
It's possible I've forgotten something very basic, but I'm under the impression that you enroll students into a course. You can't create students inside a course because roles and users exist outside of courses.
I see, thank you very much. That is very helpful! Do you have a suggestion perhaps on how to manage users to be added, removed or have a password reset without the Site Administrator having to do it each time? I am not sure what course of action would be the best approach here. Please let me know if I need to provide further detail.
Hi Karen,
There's a new role I haven't explored yet in 2+ called "manager." It fits between site admin and teacher. That might be the way to go. I just don't know yet.
Password reset is the easiest problem. Give your teacher in the course the capability to "log in as," which allows the teacher to become the student. Once logged in as, the teacher edit's the student profile, using "changeme" as the one time password. Apparently, "changeme" always forces the user to set a new password.
I would use flat file to add and remove users. http://docs.moodle.org/20/en/Flat_file However, that requires fiddling with capabilities to allow your person to get into site admin without messing anything else up. I don't know how to set that capability.
And, you will want a very specific protocol for adding or removing students during the flat file upload process, as the options can cause trouble, too.
I will definitely look into these suggestions. One last question, do you think that self enrollment may be an option? Maybe this way the user is able to set their own account up as long as they have the enrollment key.
Thanks again VERY much, your feedback has been valuable.
Hi Karen,
On self enrollment I admit ignorance. I've never used it or played with it. Afraid we'll need someone else to comment.
Sorry,
Hi Karen - I'm just following Ben around () Self enrolment would help you as long as you follow all the security safeguards - have a Captcha! for instance so it is a human self enrolling and only give the enrolment key to those students you need in the course. You can also restrict the email addresses (the Russian federation of hackers like yahoo for example!) so that people can only self enrol with certain email domains and not others. Just a thought.
Mary,
Thanks to both you and Ben for all of the suggestions, very good information!
Ironically, yesterday afternoon, my office neighbor was saying she wished she could do the things you want, Karen, and then I remembered a role someone else here created that we call "Registrar." It goes a little beyond what you'd like, but I think there's a scheme that might go mostly toward your goal. This is in 1.9
Take a teacher or non-editing teacher. Go Site admin > Users > Permissions > Define roles and Duplicate role for Teacher, giving it a different name. Set these capabilities to Allow, leaving all the others as they are already set.
Upload CSV file
Create and manage roles
Aprove course creation
Send messages to any user
Upload new users from file
View participants
Create users
Delete users
Edit own user profile
Update user profiles
Reports -- allow all 3
Users -- allow all 4
Course Reports -- allow all 6
Course -- allow the following capabilities
Manage groups
Enable/disable email address
View courses
View hidden activities
View hidden courses
View hidden sections
View hidden user fields
View participants
Switch to other roles
Access all groups
Always see full names of users
View reports
Login as other users -- for some reason, we use prevent, but I would allow
View user profiles
This gives your user access to Site Admin > Users > Accounts and Site Admin > Users > Permissions and to Site Admin > Front Page and to Site Admin > Reports
Now, I think, but have not tried this, you set up categories and put your various Registrar-type users into just one category. At that point, they can't see the courses in other categories because they can't get into the other categories.
They *can* see all users, which is necessary to find the people to enroll. But, you can do clever things with usernames, such as prefix with "Able-" "Baker-" "Charlie-" that signal your Registrar whether the username belongs to the Registrar's group. Instruct Registrars not to touch users not in their group.
Your Registrar can then use all the bulk user actions in Site Admin to mass enroll, mass delete, pull lists of their students, etc.
Thanks for the follow up, fantastic information. I think it is a good suggestion but am not sure I want the user to view all users for other courses as you have pointed out.
Hi Karen. Just to repeat what was said above, I think you will find it difficult to get a role that can add new users just to specified areas without having site wide permissions. Maybe someone will come up with something!
Hi Mary, et al:
Has this changed at all in the past 4 years, now that we are on Moodle 2.9+? I would like to be able to do a similar thing as described in the original post - have a user that can create users either specific to a given meta-course or to a cohort, but not see all users in the system.
If this is not possible, is there a way to have the user creation process be self-serve, but with the new user selecting a specific group?
Try this
