+ Post New Thread
Results 1 to 10 of 10
Virtual Learning Platforms Thread, Moodle - LDAP between schools? in Technical; Hi All, We locally host our own Moodle installation and are thinking about hosting seperate Moodle sites for some of ...
  1. #1
    mb2k01's Avatar
    Join Date
    Jan 2007
    Posts
    1,135
    Thank Post
    189
    Thanked 230 Times in 195 Posts
    Rep Power
    92

    Moodle - LDAP between schools?

    Hi All,

    We locally host our own Moodle installation and are thinking about hosting seperate Moodle sites for some of our local Primary Schools. The hosting itself isn't a problem, but how the schools then authenticate to the Moodle installation is.

    I know that an option of manual usernames and/or email address authentication is possible, but neither of those are options I want to explore (one school doesn't have email for pupils and manual would be fiddly!)

    Would it be theoretically possible to allow LDAP authentication beween the primary school and our site?
    Currently our sites aren't within the same AD site and I wouldn't want to change that at this point.

    Would simply opening up port 389/636 between each of our sites (restricting access to and from specific IP addresses for security) allow LDAP authentication to work?

    Has anyone tried this already?

  2. #2
    frosty's Avatar
    Join Date
    May 2007
    Location
    East Sussex
    Posts
    121
    Thank Post
    13
    Thanked 10 Times in 10 Posts
    Rep Power
    17
    Don't think it is quite what you are after but have seen this in passing.

    Moodle Network - MoodleDocs

  3. #3
    mb2k01's Avatar
    Join Date
    Jan 2007
    Posts
    1,135
    Thank Post
    189
    Thanked 230 Times in 195 Posts
    Rep Power
    92
    Thanks for that Frosty.
    It doesn't answer what I was looking for, but is useful anyway.

    Anyone else any experience / knowledge of this?

  4. #4

    Join Date
    Jan 2010
    Posts
    15
    Thank Post
    0
    Thanked 3 Times in 3 Posts
    Rep Power
    10
    Can you tell us more about the network setups between the schools (are u on the same wan for example)

    It may be possible to set up a "resource" domain with user accounts in these. U could look at Microsoft Identity manager, it would mean trusts and the likes but in theory i guess it would be possible

  5. #5
    mb2k01's Avatar
    Join Date
    Jan 2007
    Posts
    1,135
    Thank Post
    189
    Thanked 230 Times in 195 Posts
    Rep Power
    92
    All schools would be connected via SWGfl, so we should be able to open/restrict whatever ports were needed for school-school comms.

    The schools all have different IP ranges and two different subnets (255.255.255.0 and 255.255.252.0). All of the sites operate indepentanty within their own domain, with no current cross communication.

  6. #6

    Join Date
    Jan 2010
    Posts
    15
    Thank Post
    0
    Thanked 3 Times in 3 Posts
    Rep Power
    10
    Now this is total theory and not based on anything i've tried.. however...

    Take this example
    School 1, School 2, School 3 all on the same WAN as you describe.
    We create a domain lets call it central

    We set a trust up between School 1 and Central, then School 2 and Central and School 3 and Central.
    We then use Microsoft Identity Integration to dump all the user identity details into this central domain
    We then configure moodle to authenticate agains this domain.......

    Now as i said this is total seat of the pants guessing stuff. We use identity manager for GAL replication between our parent company and ourselves (yeah sorry folks i no longer work in education!!) so i know it's possible to dump the data from one domain to the other.. infact now i think on it you dont need the trust between the schools, u need an account with permissions on each domain

    So School 1 domain has an account centralconnectionout,
    The central domain has the account centralconnectionin

    You supply the details for each between the domains to set up the replication.......

    If this works i'd be shocked but it might get you on the right track
    [ame=http://en.wikipedia.org/wiki/Microsoft_Identity_Integration_Server]Microsoft Identity Integration Server - Wikipedia, the free encyclopedia[/ame]

  7. #7

    Join Date
    Jan 2010
    Posts
    15
    Thank Post
    0
    Thanked 3 Times in 3 Posts
    Rep Power
    10
    I've just asked the question on the microsoft MIIS forum, if somone gets back to me i'll post here.

  8. #8

    Join Date
    Jan 2010
    Posts
    15
    Thank Post
    0
    Thanked 3 Times in 3 Posts
    Rep Power
    10
    Now i think about this again, is this not the reason the shibboleth project took off?

    Shibboleth

  9. #9

    Join Date
    May 2009
    Posts
    241
    Thank Post
    32
    Thanked 10 Times in 10 Posts
    Rep Power
    12
    if your trying to authenticate moodle to AD cant you just rent a server for hosting the site (I mean entire server or private server) and then have a vpn host (openvpn) on the hosting server and openvpn client on your domain server
    Last edited by squeeky; 28th January 2010 at 05:35 PM.

  10. #10

    Join Date
    Jan 2010
    Posts
    15
    Thank Post
    0
    Thanked 3 Times in 3 Posts
    Rep Power
    10
    Apparently this idea of a resource domain will work, here are some MS articles to help

    Synchronizing Active Directory Objects to SQL Server

    Synchronizing SQL Server Objects to Active Directory

SHARE:
+ Post New Thread

Similar Threads

  1. Moodle Ldap Help
    By acerf1 in forum Virtual Learning Platforms
    Replies: 2
    Last Post: 30th November 2009, 11:58 AM
  2. Moodle LDAP Auth
    By FN-GM in forum Virtual Learning Platforms
    Replies: 36
    Last Post: 9th April 2009, 11:55 AM
  3. Moodle and LDAP
    By ahunter in forum Virtual Learning Platforms
    Replies: 6
    Last Post: 31st October 2008, 11:12 AM
  4. Moodle LDAP
    By zag in forum Virtual Learning Platforms
    Replies: 6
    Last Post: 17th July 2008, 10:12 AM
  5. Moodle and LDAP
    By GrumbleDook in forum Virtual Learning Platforms
    Replies: 10
    Last Post: 28th March 2007, 04:02 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •