Users creation with LDAP on moodle

Question

I have an existing moodle 2.5.3 installation and currently planning for LDAP authentication with MS AD. I got most LDAP information from our network team but for deployment I have a few questions.

1. I have hundreds of existing users created manually or by self-registration. What would happen to users who already exist (registered with same corporate email address) now that I add LDAP authentication?

2. If I don't have a Creators group on AD, I suppose I would assign role in moodle manually. would these assignment be affected during sync job?

3. AD users and non-Ad users would co-exist in this case. Any suggestion, experience or insight regarding users management is much appreciated. Thank you very much for your help in advance.

Answer 1

This question was asked a while ago, but here's my opinion.

First, regarding point 1: to answer that you have to ask what you currently use for the USER NAMES of those manual/self-registered users. Can students choose their own user names, or do you use some kind of standard piece of information for all user names, e.g. their email address or 'social security' number? If they can pick their own usernames then AD integration won't work.

Then, regarding point 3: AD users and non-AD users would co-exist in this case. That is a disaster waiting to happen! I did it for a while and it resulted in a whole lot of duplicate user profile problems in my Moodle database (i.e. more than one Moodle profile for a user).

To avoid that, before you enable AD authentication in Moodle you'll need to convert all the Moodle user names for your existing users in Moodle to use the same user_id atttribute from AD. So, if your user identifier attribute in AD is the students' college Student Numbers (or email addresses - not recommended!) then you'll need to change all the existing user names for those students in Moodle to use that same user_id attribute. That can be quite a big job. But if you don't do that you'll create a whole lot of duplicate profiles in Moodle when you synchronise the Moodle database with your AD database! That means your students will have more than one profile in Moodle! And it can't be undone!