For those who aren’t aware, Moodle is an open source Learning Management System (LMS) which gives you the ability to teach courses online. I’ve used it for years and I think its brilliant. You can use it to teach in junior and high schools, but also you can use it in a corporate environment as well if you ever need to deliver training material to your staff without having them need to leave their desks.
Check it out, I highly recommend it. http://www.moodle.org
So lets crack on with the guide. What this walk through will show you is how to build a brand new Moodle website and connect it to your already existing Microsoft Active Directory environment for user authentication.
For this exercise, I will be using the below details to connect a web server running Red Hat Enterprise Linux 6.3 to Microsoft Active Directory 2008R2.
MS Active Director Domain Controller: dc01.nt.example.com (10.0.2.11) Web server to run Moodle: web01.nt.example.com (10.0.2.21) LDAP Bind User: moodle LDAP Bind User Password: RedHat123 User's Organisational Unit: OU=Accounts,DC=nt,DC=example,DC=com Teachers Organisational Unit: OU=Teachers,OU=Accounts,DC=nt,DC=example,DC=com (Any user located in this OU will have the ability to create Moodle Courses)
Lets crack on with the install.
First off, we will need a blank Red Hat Enterprise Linux server. As you are using Microsoft Active Directory, I highly recommend you integrate this server into Active Directory using this article here, as I will be writing a follow-up article to enable Single Sign On which will require Kerberos.
Step 1, Install all the necessary packages that we will need. This includes, Apache, mod_ssl to allow us to create an SSL website, a fair few php modules and MySQL as we will be creating a local database.
root@web01:~# yum install -y httpd mod_ssl php php-mysql mysql-server php-intl php-gd php-soap php-xmlrpc php-mbstring php-xml php-ldap
Step 2,Enable on boot and start the MySQL server
[root@web01 ~]# chkconfig mysqld on [root@web01 ~]# service mysqld start
Step 3, Set a master root password for your mysql service
This will prevent any unwanted access.
[root@web01 ~]# mysqladmin -u root password 'redhat123'
Step 4, Create a MySQL database to use for Moodle
[root@web01 ~]# mysql -u root -p Enter password: Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 554 Server version: 5.1.61 Source distribution Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. mysql> create database db_moodle character set utf8; Query OK, 1 row affected (0.03 sec) mysql>
Step 5, create a moodle database user and grant permissions to the db_moodle database
mysql> CREATE USER 'moodle'@'localhost' IDENTIFIED BY 'redhat123'; Query OK, 0 rows affected (0.00 sec) mysql> GRANT ALL PRIVILEGES ON db_moodle.* TO 'moodle'@'localhost' WITH GRANT OPTION; Query OK, 0 rows affected (0.00 sec)
Step 6, Open port 80 and 443 on your system with IPTables
[root@web01 ~]# iptables -I INPUT -p tcp --dport 80 -j ACCEPT [root@web01 ~]# iptables -I INPUT -p tcp --dport 443 -j ACCEPT [root@web01 ~]# service iptables save iptables: Saving firewall rules to /etc/sysconfig/iptables:[ OK ] [root@web01 ~]#
Step 7, Create an SSL Virtual Host definition in Apache. Create the file /etc/httpd/conf.d/moodle.nt.example.com.conf with the below contents.
You will see that I have created an SSL enabled site here. If you need some assistance creating a certificate, you can find details on how to do this here
<VirtualHost 10.0.2.21:443> SSLEngine on SSLCertificateFile /etc/httpd/moodle.nt.example.com.crt SSLCertificateKeyFile /etc/httpd/moodle.nt.example.com.key ServerAdmin webmaster@nt.example.com DocumentRoot /var/www/moodle.nt.example.com/html/ ServerName moodle.nt.example.com ErrorLog logs/moodle.nt.example.com-error_log CustomLog logs/moodle.nt.example.com-access_log common </VirtualHost>
Step 8, Create your directories that are mentioned in the above file.
[root@web01 ~]# mkdir -p /var/www/moodle.nt.example.com/html/ [root@web01 ~]# chown -R apache:apache /var/www/moodle.nt.example.com/html/ [root@web01 ~]# restorecon -R /var/www/moodle.nt.example.com/
Step 9, Enable Apache to start on boot and start service
[root@web01 ~]# chkconfig httpd on [root@web01 ~]# service httpd start Starting httpd: [ OK ] [root@web01 ~]#
Step 10, Download Moodle and extract it to the new site’s html directory.
[root@web01 ~]# cd /tmp/ [root@web01 tmp]# wget http://downloads.sourceforge.net/project/moodle/Moodle/stable23/moodle-2.3.1.zip?r=&ts=1344176682&use_mirror=ignum [root@web01 tmp]# cd /var/www/moodle.nt.example.com/html/ [root@web01 html]# unzip /tmp/moodle-2.3.1.zip [root@web01 html]# mv moodle/* ./ [root@web01 html]# rm -fr ./moodle/
Step 11, Browse to https://moodle.nt.example.com to continue the web installation
You will be presented with the Language selection. As English is the default, I just clicked Next.
See screen shot
Step 12, Confirm directory paths.
Moodle will need to create a directory to store all content. I left this as default. If you wish to change this, ensure that the path you specify allows the Apache user to read and write to the location.
See screen shot
Step 13, Select Database type
As we will be using MySQL, leave this as default
See screen shot
Step 14, Database Settings
Enter the host, database name, database user and password for Moodle to populate the database.
See screen shot for the details I have used in my example.
Step 15, End User License Agreement
Please read the EULA and click continue if you accept the terms.
See screen shot
Step 16, Server Checks
If you have followed this guide, you should see all green ‘OK’ statuses next to all server checks. If something is missed, please go back and check you haven’t missed something. The item that fails the check will also give you details of how to resolve the problem.
See screen shot
Step 17, Populating Database
Moodle will now populate the database will all the necessary components to get a default installation up and running. Depending on the spec and capabilities of your server, this may be quick or it may take a few minutes.
Click continue once it has finished
See screen shot
Step 18, Create Admin user
The install will now create an Admin user to manage the site. Make sure you chose a password that you will remember. Fill out all details marked in red.
See screen shot
Step 19, Site Settings
Chose a Long and Short website name for your new installation. If you change your mind, you can always change this later.
Accept the settings when you are done. This is at the bottom of the page. Once you do this, your site is now up and running.
See screen shot
Step 20,
Now that your Moodle site is up and running, lets add it to Active Directory.
Browse to the “Manage Authentication” Plug-in
See screen shot
Step 21, Enable LDAP Authentication
You can enable and disable plug-ins by clicking on the open or closed eye. I opened the eye for LDAP and closed the eye for Email-based self-registration.
See screen shot
Step 22, Configure LDAP Authentication
As this guide is specific to Active Directory, please use the below details as they may differ from other forms of LDAP authentication platforms.
If you find an entry that is not listed below, it means it is left blank.
LDAP server settings
Host URL: ldap://dc01.nt.example.com
(If you have multiple domain controllers, I recommend you add all of them here for redundancy. E.g: ldap://dc01.nt.example.com ; ldap://dc02.nt.example.com ; etc )
Version: 3
LDAP encoding: utf-8
Bind Settings
Hide Passwords: Yes
Distinguished Name: moodle@nt.example.com
Password: RedHat123
User Lookup settings
User Type: MS Active Directory
Contexts: ou=accounts,dc=nt,dc=example,dc=com
Search subcontexts: Yes
Dereference aliases: No
User attribute: sAMAccountName
Member attribute: memberOf
**UPDATE**
If you wish to use a security group instead, or in addition to using the lookup of the Organisational Unite, you can add the following attribute
Please note, the brackets are required.
ObjectClass: (memberof=cn=moodle-users,ou=groups,dc=example,dc=com)
Course creators
Course creators: ou=Teachers,ou=accounts,dc=nt,dc=example,dc=com
Data mapping
First Name: givenName
Surname: sn
Email address: mail
City: l
Country: c
Phone 1: telephoneNumber
Phone 2: homePhone
When you’ve finished filling out the details, click save changes.
You are now finished adding Active Directory users.
Any user that is located in the “Accounts” OU will be able to log into your Moodle site.
Any user that is located in the “Teachers” OU will be able to log into and create Moodle courses.
Enjoy.
Hi Dale,
thank you very much for your instructions. I had to authenticate my users via an AD and did not get it right. After reading your text and changing two little things it worked!
Thanks,
Karl
Hi,
The first, thank you for your post, it is very useful to me to config my moodle and AD.
But I need to get all user of AD syn with moodle. Because, When All my staff in AD, I want to after fishing config LDAP, I can login moodle assign my staff to the courses in my moodle. How to do that.
Thanks,