Here are our settings under users/authentication in moodle.
Bind settings
cn=DL LDAP,ou=droids,dc=jccmi,dc=edu
Contexts
ou=guests,ou=jcc-users,dc=jccmi,dc=edu
you will also have to edit the ldap.conf file located on the server in etc/openldap/ldap.conf
here is ours:
# LDAP Defaults
#
# See ldap.conf(5) for details
# This file should be world readable but not world writable.
#BASE dc=example, dc=com
#URI ldap://ldap.example.com ldap://ldap-master.example.com:666
#SIZELIMIT 12
#TIMELIMIT 15
#DEREF never
TLS_CACERT /etc/openldap/cacert.pem
Permissions should be 666 on this file;
We also decided to do secure ldap and added a cacert file called cacert.pem this is the certification file ssl certifricate, you shouldn’t have to do this and it is easier to get ldap working with out it.
I hope this helps, I worked with the network admin and it took us about 5 hours and it was done. If we would have known what to do it takes about an hour. On that note, what messed us up was our test moodle is built on a virtual shared account, for some reason you have to edit etc/openldap/ldap.conf at the root of the server. Moodle put this file in two locations. We edited both and it was needed at the top level. Don’t worry about this if your install is not a name bases site on a virtual server. I hope that made sense. Happy to try to answer questions.
Chad Parmentier
Aportación realizada por Chad Parmentier
Scenario: We are attempting to use secure ldap to authenticate users. Authenticate meaning have secure ldap determine whether or not a user has access nothing more. Users will be enroled via external database and associated with the courses and roles they are in.
Problem: sldap is working (after hours of work) Note: ssl certificate needs to be installed at the root level on a dedicated server. Moodle fusses over it if it is in the virtual site root directory. /etc/openldap . We now have the sldap authenticating users however we are not feeding any info from sldap such as username password or idnumber. On the external database users that are not in ldap authenticate fine. The profile info entered into external syncs upon user login. Users that are defined(exist) in ldap only authenticate, even if they are in external their profile information does not populate into the students profile. I have tried turning ldap plugin off, placing it last in the order of authentication, and I get the same result. This is on a lamp server, running moodle 1.9 beta.
Question: Enrolments seem to be Muddled (excuse the expression) with authentication. shouldn't enrolments authentication and users be created via separate processes?
Problem: sldap is working (after hours of work) Note: ssl certificate needs to be installed at the root level on a dedicated server. Moodle fusses over it if it is in the virtual site root directory. /etc/openldap . We now have the sldap authenticating users however we are not feeding any info from sldap such as username password or idnumber. On the external database users that are not in ldap authenticate fine. The profile info entered into external syncs upon user login. Users that are defined(exist) in ldap only authenticate, even if they are in external their profile information does not populate into the students profile. I have tried turning ldap plugin off, placing it last in the order of authentication, and I get the same result. This is on a lamp server, running moodle 1.9 beta.
Question: Enrolments seem to be Muddled (excuse the expression) with authentication. shouldn't enrolments authentication and users be created via separate processes?
Our end Goal is also to authenticate via ldap and also have courses build and students enroled via an automated process by pulling data from SIS. Currently we are working on using the external database plugin and an external database witch will house student data nessecary for course builds and enrollments. Our SIS can output flatfiles that can automatically ftp'd to a directory on our moodle server. We are having a program team write php scripts that will querry that data and inject it into the external database. The php scripts will initiate 2-3 times a day via cron. Hopefully this will automate everything. I am not sure it this will help but I have some user upload scripts i have collected from the forums that might be a good refrence for you.
I attached the upload course php there is also a zip available called uploadcourses.php that has a user interface.
For the past few days I have been attempting to create an external database (MySQL) and use the external database plugin to sync the two databases. In the external database I created two tables. One for users and one for courses.
This is the courses table.
| Field | Type | Null | Default | |
|---|---|---|---|---|
| id | bigint(10) | No | ||
| userid | varchar(64) | No | ||
| idnumber | varchar(100) | No | ||
| role | varchar(20) | No |
This is the users table
| Field | Type | Null | Default | |
|---|---|---|---|---|
| id | mediumint(10) | No | ||
| username | varchar(10) | No | ||
| userid | varchar(64) | No | ||
| pass | varchar(10) | No | ||
| firstname | varchar(20) | No | ||
| lastname | varchar(20) | No | ||
| varchar(20) | No | |||
| city | varchar(20) | No | ||
| country | varchar(10) | No | ||
| enrol | varchar(10) | No |
Within the administrative control panel there are two locations where information can be put having to do with external database plugin, one under authentication, the other under courses. I filled out the info for authentication and mapped the fields and it works great.
I can loggin as a user that is created in external and all the profile information comes in, but the "test student" is not enroled in a course. Nor is a course created if it does not exist. SO essentially none of the "course" attributes seem to be working. Is there a problem with enrol_database_sync.php? or have I missed something else?
THe overall goal for us is to use php scripts to populate the external database from an array of flat files that contain all user/course info. We figured this would be the best way to automate enrollments and course builds. We are a large community college in michigan with over 9000 users and 1300 courses/per semester.
I too have been working on a way to execute the upload courses file via cron. Here are my thoughts as a novice:
1. In order to run this via cron the php would have to execute the .cvs file from a folder in moodle. The php would have to have the manual upload part taken out and instead execute the .cvs file from a known location such as /moodledata/1 or something.
2. Then a .cvs file could be dumped in that folder daily and uploadcourses.php could be cron'd to run a couple times perday automating the whole process, and making this a fairly universal solution.
I am at Jackson Community College and we are willing to collaborate with other institutions/schools to complete this process.