I came across a great powershell script by David Wiseman that I could adapt to query our student information system to create accounts in active directory. You can check it out here: http://www.wisesoft.co.uk/scripts/powershell_create_ad_user_accounts_from_sql_server_database.aspx
Once I had my accounts being created, I could use moodle's sync_users.php script running as a cron job to pre-populate our main moodle server. Some caveats though. Make sure you modify your objectclass filter in moodle to be (&(objectClass=user)(!(objectClass=computer))) otherwise you'll also get computer accounts as well as user accounts. You'll also either need to patch sync_users.php to allow paginated results from LDAP or increase the MaxPagesize variable for your active directory install to be able to return all the users in a single page using ndsutil (the default is 1000 results per page). There's some relevant moodle discussion here.
The last bit was to be able to pre-populate the linked mnet servers with the proper accounts. Which I did using the following SQL query
INSERT INTO moodle_db2.mdl_user (auth, confirmed, policyagreed, mnethostid, username, password, idnumber, firstname, lastname, email, institution, city, country)
SELECT 'mnet', mdl_user.confirmed, mdl_user.policyagreed, '5', mdl_user.username, mdl_user.password, mdl_user.idnumber, mdl_user.firstname, mdl_user.lastname, mdl_user.email, mdl_user.institution, mdl_user.city, mdl_user.country
FROM moodle_db1.mdl_user
WHERE institution = 'Mnet Institution Name'
ON DUPLICATE KEY UPDATE auth='mnet', confirmed=moodle_db1.mdl_user.confirmed, policyagreed=moodle_db1.mdl_user.policyagreed, mnethostid='5'
This lets me select just the users who should be on the federated mnet server and create their accounts, if the user already exists, it updates a few fields. mnethostid will vary by installation, in my case it was 5 but you should be able to query the database easily to find out what it should be in your specific installation.
No comments:
Post a Comment