|
|
| (31 intermediate revisions by 3 users not shown) |
| Line 1: |
Line 1: |
| == Introduction ==
| | See [https://docs.moodle.org/30/en/Office365 https://docs.moodle.org/30/en/Office365] |
| | |
| Office 365 services complement the Moodle learning platform to provide a more productive experience for teachers and students.
| |
| | |
| The Office 365 plugin set provides Moodle integration with Word Online, One Drive for Business, and the Outlook calendar. The plugin uses Azure Active Directory to provide a Single Sign On experience with Office 365.
| |
| | |
| === Getting Started ===
| |
| | |
| === Requirements ===
| |
| | |
| You must have the following:
| |
| | |
| * Office 365 for Business subscription
| |
| * Microsoft Azure subscription
| |
| * Moodle version 2.7 or above
| |
| | |
| = Install the plugins =
| |
| | |
| The packages are available from:
| |
| | |
| * The [https://moodle.org/plugins/ Moodle Plugins directory ]
| |
| * The [http://github.com/MSOpenTech/moodle-local_office365 O365 Moodle plugin GitHub repository]
| |
| | |
| When you log back in to your Moodle instance, you are presented with the all the plugin configuration options. Since you are installing the plugins as a package there are dependencies that have not yet been enabled. Save the settings without configuring them. You will come back to them later.
| |
| | |
| For information on installing plugins in Moodle see [[Installing Plugins]]
| |
| | |
| == Configure the plugins ==
| |
| | |
| Enable the OpenID Connect authentication plugin:
| |
| | |
| <ol style="list-style-type: decimal;">
| |
| <li><p>Navigate to '''Site Administration>Plugins>Authentication'''.</p></li>
| |
| <li><p>Click '''Manage authentication'''.</p></li>
| |
| <li><p>Locate the OpenID Connect authentication plugin and click the eye icon to enable</p></li>
| |
| <li><p>Click the Settings link for the plugin.</p></li>
| |
| <li><p>In the Provider Name field type an end user-facing label that will inform a user of the type credentials her or she must use to login.</p></li>
| |
| <li><p>In the '''Auth Endpoint''' field enter:</p>
| |
| <p>https://login.windows.net/common/oauth2/authorize</p></li>
| |
| <li><p>In the '''Token Endpoint''' field, enter:</p>
| |
| <p>https://login.windows.net/common/oauth2/token</p></li>
| |
| <li><p>Note the Redirect URI. This should be the URI of the Moodle instance followed by /auth/oidc.</p>
| |
| <p>For example, https:// www.bellowscollege.com/auth/oidc/</p></li></ol>
| |
| | |
| [[image:SettingOpenIDConnect.png|frame|border|left|OpenID Connect Settings]]
| |
| | |
| === Configuring Single Sign-on with Office 365 ===
| |
| | |
| ==== Preparing your Office 365 account for single sign-on with your Moodle installation ====
| |
| | |
| To use Moodle with Office 365 for SSO, you must configure Microsoft Azure to manage your Office 365 Microsoft Azure Active Directory.
| |
| | |
| You will need an Azure subscription. If you do not have one, you can create one by visiting [[http://azure.microsoft.com/en-us/pricing/free-trial/]]
| |
| | |
| '''Note''': During the setup, you are required to enter a credit card and phone number. If you do not setup virtual machines or use paid services on the subscription, and only use it to access the Azure Active Directory, you will not be charged for the subscription.
| |
| | |
| === To register an application in the Azure Management Portal ===
| |
| | |
| # Sign in to the Microsoft Azure Management Portal.
| |
| # Click on the '''Active Directory''' icon on the left menu, and then click on the desired Office 365 connected Azure AD.
| |
| # On the top menu, click '''Applications'''. If no apps have been added to your directory, this page will only show the '''Add an App''' link. Click on the link, or alternatively you can click on the '''Add''' button on the command bar.
| |
| # On the '''What do you want to do''' page, click on the link to '''Add an application my organization is developing'''.
| |
| # On the '''Tell us about your application''' page, you must specify a name for your application and indicate the type of application you are registering with Azure AD. Click '''web application and/or web API''' (default) and then click the arrow icon on the bottom-right corner of the page.
| |
| # On the App properties page, provide the '''Sign-on URL''' and '''App ID URI''' for your Moodle instance. The Sign-on URI is the Redirect URI you from the OpenID Connect authentication plugin configuration. The APP ID URI is the main URI of the Moodle instance.
| |
| # Click the checkbox in the bottom-right hand corner of the page and then click Ok to add your app to Azure Active Directory.
| |
| # There are a couple more values and changes you need to make and write down some values which you will need in the next section.
| |
| | |
| === To configure your app to provide identity for your Moodle instance ===
| |
| | |
| # Click on the '''Active Directory''' icon on the left menu, and then click on the desired Azure AD.
| |
| # Click the Applications tab at the top of the screen.
| |
| # Select your app.
| |
| # Click Configure at the top of the screen.
| |
| # Locate the '''Client ID''' and copy it to the '''Client ID''' field in your OpenID connect configuration screen.
| |
| # To create a Client Secret, locate the '''keys''' section and select a duration for the validity of the key. Save the new key and copy it to the '''Client Secret''' field in your OpenID connect configuration screen.
| |
| # Locate the '''Permissions to other applications''' section.
| |
| # Click '''Add application''' click the plus sign to the right of Office 365 Exchange Online and Office 365 SharePoint Online. Note, the plus will appear when you hover over each of the items.
| |
| # Click the check mark at the bottom right of the dialog.
| |
| # In the Delegated Permissions dropdown for Office 365 Exchange Online select the following permissions:
| |
| | |
| * Read users’ calendars
| |
| * Have full access to users’ calendars.
| |
| | |
| # In the Delegated Permissions dropdown for Office 365 SharePoint Online select the following permissions:
| |
| #* Read items in all site collections
| |
| #* Edit or delete items in all site collections
| |
| #* Create or delete items and lists in all site collections
| |
| #* Have full control of all site collections
| |
| #* Read users' files
| |
| #* Edit or delete users' files
| |
| # Click save at the bottom of the screen.
| |
| | |
| == Microsoft Office 365 Integration ==
| |
| | |
| === To configure the O365 plugin ===
| |
| | |
| # Navigate to '''Site Administration>Plugins>Local plugins'''.
| |
| # Click '''Microsoft Office 365 Integration'''.
| |
| # In the '''AAD Tenant''' field type the subdomain of your Office 365 subscription. For example, if your subscription URL is contoso.onmicrosoft.com type contoso.
| |
| # Click the '''System API User''' link and an Azure AD user to use to perform operations that are not user-specific. We recommend that you select either the account of an administrator or create a dedicated account to use.
| |
| # In the '''Course SharePoint sites parent site URI''' field type the subdomain of the SharePoint site in which you want to create courses. For example, if your SharePoint site URL is contoso.sharepoint.com, type contoso.
| |
| # If you want to sync users from Azure AD to your Moodle instance, click the '''Select Sync users from Azure AD''' checkbox.
| |
| | |
| [[image:SettingsO365Integraton.png|border|left|Office 365 Integration Settings]]
| |
