The Killer App: Google Apps and Moodle Integration?

The Killer App: Google Apps and Moodle Integration?

Moodle
Image via Wikipedia

Even though I haven’t used Moodle as much as WordPress and Wikispaces in my own teaching and learning, I have installed it enough times to know what it does well and what it does not do so well.

Moodle does a very good job of monitoring students, giving assessments/grades, providing content, and doing discussion forums. It does not do a very good job of synchronous collaboration, wikis, email, or any of the other things that Google Apps does an amazing job at. I guess that is why Moodlerooms decided that it would be a great idea to get the two projects together and create an easy way to do single-sign-on.

I am amazed at the potential for something like this. Imagine being able to log into your classes, your e-mail, your sites, and your docs all at one place. Well, after much working on my own installation, I would like to provide a simple how to for making this process happen in your Moodle instance:

Step 1: Download Moode-Google Integration “plugin”

Step 2: Unzip the files into your moodle installation.

Step 3: Follow these instructions for the moodle side:

  1. Login to Moodle as an Administrator
  2. Click Notifications to update block tables
  3. In the Site Admin menu, select Users. Next, select Authentication and click Google Authentication.
  4. Enter your Google partner page domain name.

Step 4: Create the Private and Public Keys for Moodle and Google Apps

Open up Terminal and enter in the following two strings:

  • openssl genrsa -out rsaprivkey.pem 1024
  • openssl req -new -x509 -key rsaprivkey.pem -out rsacert.pem

The first command creates the private key that is stored only on Moodle and the second command creates the public key that is stored on both Moodle and Google Apps.

Step 5:

Step 6:

  • In a new window open Google Apps Control Panel page as admin (http://google.com/a/yourdomain.com)
  • Click the Advanced tools tab.
  • Click the Set up single sign-on (SSO) link next to Authentication.
  • First check the Enable Single Sign-on box.
  • Now insert this url into the Sign-in page URL text field.
    http://YourMoodleDirectory/login/index.php
  • Insert this url into the Sign-out page URL text field.
    http://YourMoodleDirectory/login/logout.php
  • Insert this url into the Change password URL text field.
    http://YourMoodleDirectory/login/change_password.php
  • Upload the Verification certificate to Google (X.509 certificate containing the public key). This is the rsacert.pem file that you uploaded to Moodle already.

Step 7:

  • Click the User Accounts tab in Google Apps.
  • This displays existing users as well as a message that says “You can create up to ### user accounts for this domain” If you are using the Google User Sync block for account management, this number must match the number of accounts you plan on creating. Request more accounts if you need them by clicking the “request more” link on this page.
  • Click the Settings link. Check the box to Enable provisioning API (otherwise users will NOT be updated).
  • Click Save Changes.
  • Click on Advanced tools in Google Apps one more time
  • Click on “Manage OAuth Access”
  • Upload your (X.509 certificate containing the public key) here too. This is the rsacert.pem file that you uploaded to Moodle already.
  • Then copy to your clipboard (Control+C/Apple+C) the OAuth consumer secret

Step 8 (in order to get Gmail to fully talk with Moodle):

  • Enable all of the google blocks in your Moodle Instance by logging in as an admin and then adding them to the front page.
  • Open up the blocks admin (under modules) and click on the Gmail block.
  • Paste the OAuth Consumer secret into the field that asks for it.
  • Click Save Changes
  • Click on the Google User Sync block in the blocks admin menu.
  • Fill out your admin information for Google Apps

I think that is pretty much it. Once I did all of those things, I was able to create users in Moodle and have them transfer over to Google Apps. I was able to log into docs, sites, gmail, etc directly from the Google Apps block in Moodle.

As excited as I am that I was actually able to get it to work, I am more excited for the possiblity of stopping the excuses that many people have in either not implimenting a LMS because it doesn’t have a collaborative suite built in or not implimenting Google Apps because it doesn’t work within their LMS. I would like to get to a point where people only are talking about the learning possibilities, not the pitfalls of the technology.

(Also, let me know if I have screwed up in any way on this how-to. I would post it on a wiki for others to make it better, but since I don’t know where the Moodle wikis are, I will wait until someone illuminates me.)

Reblog this post [with Zemanta]

70 Comments

  1. Jim Lerman

    This is absolutely amazing…if it works, it renders MoodleRooms unnecessary, just load Moodle and off you go. Of course one needs to be able to handle all this, but there are those out there who can! Kudos, Ben, for doing a fabulous public service. I sure hope others will rise to the challenge of uncovering any bugs in this process so that it becomes totally smooth for all!

  2. I just sent this article off to my district IT guy. we already use Moodle district wide and now they have been working on a google docs/apps system for the district… I hope they can put them together! thanks for posting this, although it makes no sense to me, I hope it will make sense for my IT guy.
    thanks

  3. Just as a note to Jim, the integration doesn’t let you run Moodle <em>on</em> GoogleApps*, it lets you integrate Moodle with GoogleApps – with Moodle as the source of user accounts in GoogleApps.

    Hopefully it doesn’t render Moodlerooms unnecessary or we won’t be able to keep developing and releasing things like this;-).**

    *Running Moodle on the Google Platform would be a great deal of work, as Google’s BigTable database doesn’t support joins, and Moodle uses a great deal of them currently.

    ** As Moodlerooms is an official Moodle partner, we also do contribute a substantial amount of our revenue back to support the continued development of the Moodle core code.

  4. Kevin Brooks

    Ben,

    I, too, would like to talk with you sometime about this integration and how you have used it. I have used Google Docs quite a bit so it would be amazing if I could integrate it into Moodle. Thanks
    Kevin Brooks
    Littleton High School

  5. Pingback: Moodlerific.org » Blog Archive » Google Apps + Moodle Integration Struggles

  6. Ben, can’t thank you enough for this great guide. Only bit I had to change was the bit r.e. key generation but that was explained on the Google page you linked to!

    I’ve managed to get a Moodle installation talking to my existing Google Apps service as a test (http://twitpic.com/69vjj) so now I can hopefully roll it out to c.3,000 students at the Academy at which I’m Director of E-Learning. 🙂

  7. Ben –

    This is phenomenal. Fantastic work. I’m playing with this for one of my clints, and everything worked seamlessly. If only my Moodle-Mahara integration was going as smoothly!

    Kudos for developing it and sharing it with all of us. If you’re going to be @ NECC, drop me a line, and we can connect.

    Chris : )

    P.S. As Edutopia’s Totally Wired Teacher for 2007, you might be interested in the Digital Generation Project which I recently helped them launch: http://www.edutopia.org/digital-generation

  8. Pingback: Moodlerific.org » Blog Archive » Microsoft Integrates Live@edu with Moodle

  9. Thank you for the clear directions – I just finished implementing a Wikispaces / Moodle SSO integration and am now working on getting this as the next step. Your easy to understand steps are so valuable.
    If only blogger was included with educational google apps.

  10. John Easo

    There is another very useful tool that does better for student monitoring, content management and also very good synchronous collaboration with other students in real time. Take a look at flash cards on this site and also the concept of student ‘funnel’ and concurrent changes to flashcards! I have used this and found it to be very useful with my students.

  11. Hello Ben,

    I was trying to access this site ( http://code.google.com/apis/apps/articles/sso-keygen.html) but it results in error. I searched a lot to find some clues on how to obtain the Private and Public Keys for Moodle and Google Apps. Finally I stopped by this site: http://moodle.eustaceisd.net/mod/wiki/view.php?id=1101&page=Create+RSA+Key+and+SSL+Certificate+for+Moodle+and+Google
    Would you so kind to update the information, so other people reading your awesome instruction won’t have any problems ?
    Thank you

    Roque

  12. Pingback: Moodle, Mahara, Google Apps and SSO « Adrian Taylor

  13. Dave Sweigert

    Your directions were great. This is exactly what we needed to get the password piece of our LDAP integration working with Google Apps. Two things I’d like to point out or ask though.
    First – Now that I have made the changes, when my users log off our Moodle server they go to a new URL (http://moodle.wssd.k12.pa.us/login/logout.php?sesskey=fNFykG7nS4) and it comes up as an error (Internet Explorer cannot display the webpage) unless you refresh the page then you are out logged out of the Moodle site. Has anyone else seen this? Am I doing something wrong?
    Second – I have some users who have usernames that are split with a space (like john doe) and the sync-cmd in Google Apps does not like them and now that I have done SSO, neither does Moodle. I can change these few users to a different username but is this normal behavior too?
    Thanks again for documenting this. It really helped.
    -Dave

  14. Dave Sweigert

    The above situation was being caused by our web content filter prohibiting access to mail.google.com. Once we got that straightened out, we were OK. And yes our users cannot have spaces in their names, so we are in the process of fixing these too. Thanks for your help.

  15. Pingback: m-Learning » Google Apps y Moodle

  16. Chris

    Wow this great. Thanks.
    Is it possible for me to use this plug for two separate Google Ed Apps. We hold and host two different domains for Google Ed App. One is for our teachers and one for our students. This allows another layer of control for our tech department and staff. Both groups use the Moodle platform to log in. So I was hoping to be able to have two separate blocks. One for students, one for teachers.

  17. Wheelie

    If anybody else is having an issue with the unread mail count always reading (0), I found that in the Gmail Settings in my site Modules-Blocks-Gmail that the OAuth Consumer Secret had a space at the end of it i.e. jhjhhuhuh788 . (obviously the . is to represent where my key ended, it should have ended after the last 8). When removed and changes saved, hey presto unread emails showed up. Hope this helps anyone.

    Wheelie

  18. Estevan Veenstra

    I would so like to have access to terminal, but to be honest I don’t know what it is?

    Or could somebody help get to the commandline so that I can generate the public and private keys for integration between moodle and google..

    Thanks in advance,,

    Estevan

  19. Bill Willis

    I’d love to implement this, but I have one question:

    I already have 1200 users on my Google domain. If a user is on the Google Domain, but not in the Moodle user database, will they be eliminated from Google?

    Bill

  20. Ben Wilkoff

    @Bill All you would need to do is download all of the users from your gApps domain as a CSV and then upload them to your moodle. This would make sure that no accounts get “erased”. You can also not turn on that option, meaning that Moodle will be used for authentication, but it will not sync the databases. Let me know if you have any questions about that.

  21. Pingback: Moodle eingeführt « Ich lerne noch.

  22. Serpil Kilic

    Ben thank you for your great explanation. I found it out after strugling with Gooogle and Moodle documentations.
    One important question. Like Bill I have gApps running with all my users there and just installing Moodle. I have my google accounts in .csv and use Upload users option in Moodle to add all of them. I need to enter passwords for the csv. What do I do for that?
    What happens to the students gmail passwords. I did a trial on a few it only works with the new passwords I enter from csv. I have turned on the Google authentication. But still gmail passwords do not work when loggin in. I do not want to tell all the kids that they have a new password. Even if I do I cannot configure in bulk to make them change their passwords when they first enter.
    Any advice?

  23. Ben Wilkoff

    @Serpil, Your user’s Google Passwords are no longer in use, but if you were to ever remove the SSO (like we did when our moodle was down for repairs) their passwords in Google Apps would again become active. I don’t think that there is any way to get the passwords from your Google Apps Administration panel, so I would recommend setting all of the passwords in the CSV that you upload to moode to a single thing and then forcing them to reset their passwords to whatever they were using for their gApps password. This is a pretty dumb step, but I don’t really see any way around it.

    There is a way to have they force to change passwords upon entering within the CSV. I believe that you can add that as one of the fields, but I would have the check what it is in the Moodle docs. I’ll let you know if I find it.

    Let me know what other questions you have, and thanks for commenting.

  24. Ben, I have worked my way through and have my test site ready. 🙂 Thanks to you!!
    In csv for the pasword you should give changeme and when you are uploading you should pick “Select for bulk operations:New User”.
    I do not know what this option is for but it worked only with this.
    One more question:
    My moodle and Google Apps sites used to work very fast before this operation. Now Moodle site is very slow. It might me that I have uploaded 600 users, or I am hosting it on dreamhost servers, oe don’t know what else. I started to think that this was not a good idea.
    Any thoughts??

  25. Ben Wilkoff

    @Serpil

    Moodle slows down for a few different reasons (this is not an exhaustive list by any means). One, the server that it is on is not set up to handle the amount of traffic. Two, the database that it is using is not set up to handle the number of entries. I would say that both may be in play in your case. If you are having everyone authenticate through moodle, more people are going to be using it. If you had to upload all of those users, the database is getting larger as a result.

    If I had to guess, it would probably be amount of traffic, but you should be able to see just how many people are logging on when and see if there was a difference after you did the SSO. Let me know if there is any other ways I can help. Talk to you soon.

  26. Thanks for your howto. It is still the best. At the moment, December 2009, there will be a more new software package from November 16th 2009. It can be downloaded directly from MoodleRooms.

    Another thing: Google Apps Education has since 2009 no “Partner Start Page” available. So there is a small mistake in the Google-Block. I have just deleted the line in the code, so everything is now ok.

  27. Johan

    I followed this guide but the connection from moodle to gmail doesnt work. If i turn on full debugging i get this.

    [message:protected] => Could not find private key file [C:MoodleInstaller19servermoodle/auth/gsaml/C:MoodleInstaller19server/moodledata/samlkeys/rsaprivkey.pem] which is needed to sign the authentication response

    As you can see i use windows for this installation, the strange thing is that the sync to google works, i have pushed users from moodle to google, but the gmail function is dead.

    I can’t sort it out, i have copied the certs to both locations mentioned above.

    Anyone have any thoughts of this?

  28. Pingback: Daily Links 02/20/2010 « EduEyeView

  29. bhwilkoff

    The www is redundant. You shouldn't ever need it.

    If you have Moodle running on your server, all information is in that
    database.

    You will have to install the Moodle-Google integrations plugin in the moodle
    folder. If you have FTP access, you should be able to do it just fine. Just
    follow the instructions on the read me file in the Moodle-Google zip file
    for installing in the Moodle directory. Let me know if you have any other
    questions.

  30. alexvarsakopoulos

    hi,

    thank you for responding. I have the standard version of google apps and and it seems it doesn't have some of the features that the moodle-google integration instructions-settings call for in the advanced tools of google apps..

    I did all the things that you have suggested in your email such as ftp-ing the moodle-google integration files in the moodle directory of the host(ed) server.
    I wonder if I can upgrade to the educational g-apps.

    thank you again!

    Alex

    ________________________________

  31. Pingback: #Google Apps Integration @bhwilkoff | Moodle Monthly

  32. Pingback: Where Diigo this week… (weekly) « Dave Dixon

  33. Pingback: Moodle o google? « AlexelA

  34. Pingback: Moodle i Google « AlexelA

  35. Pingback: links for 2010-08-01 « Mathematics, Learning and Web 2.0

  36. Pelletierb

    Ben I am having the same problem were my new users are not getting created but when they are added in google they sync fine. I was wondering if you ever got yours fixed. You mentioned something about the latest version but I can not find anything newer than May. If I go to sync status I get Google Apps error: Unable to Connect to ssl://www.google.com:443. Error #0: php_network_getaddresses: getaddrinfo failed: Temporary failure in name resolution my last sync was Sept 10

    1. I haven’t been able to come up with the time to really take a close look.rnThe one from May should be good enough to perform syncs with the new versionrnof the API. I will be looking more into this soon, but let me know if yournwere able to figure it out because uploading the users twice is kind of arnpain.

      1. Pelletierb

        I fixed the Unable to Connect to ssl://www.google.com:443. Error #0: php_network_getaddresses: getaddrinfo error that was an issue with my server. But my users still do not sync anymore when I go to google user sync I get “Authentication with Google Apps was successful.” but when I add a new user I get “Invalid Email”. I am still working on it thanks for the update. rn

        1. Yep. The invalid email will happen until either the SAML handshake is fixedrnwithin settings (which I haven’t had time to figure out) or you upload thernuser into Google Apps (which is what I have been doing in the meantime).rnPlease let me know if you do figure it out. Talk to you soon.rnrnMy profiles: [image: WordPress] [image:rnLinkedIn] [image:rnTwitter] [image:rnFlickr] [image:rnDelicious] [image:rnSlideShare] [image:rnFacebook] [image:rnGoogle] rnLatest Blog Post: Question 291 of 365: What is the newrnEugenics?

  37. Sasha Yin

    Thanks for your guide. I am a foreign language teacher. My school has not set up any course management system yet, I have been using a wikispaces account for my classes. Lately, I have been thinking about installing a wordpress as extension of my class wikis, and even switching from wikispaces to Moodle, but don’t know exactly how to go about it. I wonder if you could comment on the difference between wikispaces, wordpress, and moodle for individual users. Thanks!

    1. Wikispaces is great for collaborating on one long range project. I generally
      set up a new wiki for each unit of study so that the wiki maintains focus.
      You can try and do a year long wiki, but it does get unweildy a bit. I love
      wordpress for writing from a particular perspective or for things that do
      not build upon one another. I have written about 1000 blog posts with
      wordpress and I think that it has brought a level of reflection to my
      practice that nothing else has. As for Moodle, it is a straight up Learning
      Management System. This is for course creation, assessment, and
      conversation. If you have a wiki, you may not need Moodle to manage your
      content. If you have a Gradebook, you may not need Moodle to manage your
      assessments. If you have a portal for your kids to go to and access their
      classwork, then you may not need Moodle for the hallways of your your school
      or the conversations in your classroom. Moodle is an
      incredibly versatile tool, but it isn’t the right tool for everything. I
      hope that helps some.

  38. David Sweigert

    Starting this school year (2011-12) my users have been randomly (but more frequent than I would like) getting the attached error.  It states “Password Not Valid” and this is when attempting to log into Moodle.  We are doing LDAP authentication to our PDC and then using the Moodle-Google plugin for SSO.  We are using the first version of the plug in.
    Does anyone think that my issue is my Moodle server (Moodle 1.9.9+ (Build: 20100707)) or should I consider upgrading my plug in or is is Google (did they upgrade something on their end).
    Any thoughts appreciated.

Leave a Reply to Bonnie ThurberCancel reply