My school is planning to switch from manual authentication to external database to tie in with an SIS we are setting up. Everything tests great, except that I noticed that, when a username is changed in the external db, Moodle attempts to create a duplicate account for the user. Is there a way to prevent this, or at least to make the maintenance effort manageable?
Thanks!
I had thought of that. However, we would like the external database to create accounts so that when new students enroll we don't have to do the job twice. Any other ideas?
It's an ongoing flaw with the external db authentication to key on username rather than idnumber.
In your example it manifests as creating duplicates - but it creates other varied problems too, related to mutable usernames.
A solution is to modify the auth and sync to key on idnumber, and populate the idnumber with the primary key of your external database, and ensure idnumber is locked to editing. That way the sync will update the username where the idnumber matches.
Sorry I can't thnk of a simpler solution to this problem.
Hello David,
Your solution to prevent the duplicate user record when authenticate with an external DB. I am new to Moodle, so I don't understand what you mean by saying "modify the auth and sync to key on idnumber". Would you please explain to me more in detail on how to do this.
Thanks,
Calvin
I have also seen this problem. I could try to modify my local installation of moodle, but the problem would reappear when updating.
Could this be posted as a bug?
If you open up the file: /auth/db/auth.php and look at the comments to the function sync_users you'll notice this:
* Sync should be done by using idnumber attribute, not username.
And that comment has been there for over 5 years
You'll want to:
- Change the call to get_userlist() to retrieve a list of idnumbers rather than usernames
- Change the obsolete users check to look at idnumbers rather than usernames
- If you remove users, to do it based on idnumbers rather than usernames
- When updating... to updated based on idnumbers rather than usernames
etc etc...
You might also want to change config.html because you're not interested in 'fielduser' but interested in the external database key field (idnumber) - which shouldn't ever be the username if the username is mutable in your external database (as it probably is in nearly every case).
Or you could wait until it gets fixed (it probably won't get fixed)
Thinking about this again. To get around this flaw, you could potentially add a database trigger to update the original record with the new username if the idnumber field matches. Just make sure you're populating mdl_user.idnumber with the primary key of your external database.
That could work. Probably better to fix the sync code though...
I was trying to change sync function to, prior to delete/disable a user, check if username was changed. But my function fails when trying to update username (database write error). Any hint?
//check if user changed username
$user_changed_name=FALSE;
if (!empty($user->idnumber)) {
$authdb = $this->db_init();
$sql="SELECT ".$this->config->field_map_idnumber." AS idnumber , ".$this->config->fielduser." AS username
FROM {$this->config->table}
WHERE ".$this->config->field_map_idnumber." = '".addslashes($user->idnumber)."'";
$rs = $authdb->GetRow($sql);
if ($rs) {
$updateuser = new stdClass();
$updateuser->id = $user->id;
$updateuser->username = $rs['username'];
print_r($updateuser);
$authdb->update_record('user', $updateuser);
$user_changed_name = TRUE;
}
$authdb->Close();
}
I could post full file if needed
I solved the problem. I added a bug and posted my solution (don't know if this is the best way to do so).
