In partnership with:
Moodle + Office 365: Better together
A Setup Guide
Microsoft France
Published: July 2015
Version: 1.0
Authors: Frédéric Chiaroni (Edunao), Nicolas Humann (Exakis), Romain Lacour (Exakis), Philippe Beraud (Microsoft
France), Nicolas Frindel (Microsoft France)
For the latest information on Office 365, please see:
http://aka.ms/Office
Copyright © 2015 Microsoft France. All rights reserved. Reproduction permitted for commercial and non-commercial
purposes, provided that the source is mentioned.
This document is made available under license "Attribution-Share-Alike 3.0 non-transposed". To view a copy of this
license, go to http://creativecommons.org/licenses/by-sa/3.0/deed.fr or write to Creative Commons, 444 Castro Street,
Suite 900, Mountain View, California, 94041, USA
The information in this document represents Microsoft France's current views on the subjects covered on the date of
publication. Given that Microsoft must adapt to changing market conditions, this information must not be interpreted
as a commitment by Microsoft, and Microsoft cannot guarantee the accuracy of any information presented after the
date of publication.
MICROSOFT DOES NOT PROVIDE ANY EXPRESS OR IMPLICIT GUARANTEES IN THIS DOCUMENT.
The other product names or companies mentioned may be brands of their respective owners.
Microsoft France • 39, quai du Président Roosevelt • 92130 Issy-Les-Moulineaux • France
Contents
INTRODUCTION ................................................................................................................................................ 4
Objectives of this paper ............................................................................................................................................................ 5
Non-objectives of this paper .................................................................................................................................................. 6
Organization of this paper ...................................................................................................................................................... 7
About the audience .................................................................................................................................................................... 7
BUILDING A TEST LAB ENVIRONMENT ......................................................................................................... 8
PROVISIONING AN OFFICE 365 ENVIRONMENT ....................................................................................... 10
Creating the Office 365 accounts ...................................................................................................................................... 10
Configuring the SharePoint Online privileges .............................................................................................................. 14
PROVISIONING AN AZURE ENVIRONMENT ............................................................................................... 16
Understanding the ongoing costs of virtual machines in Azure ........................................................................... 17
Adding the Azure trial to the Office 365 account ....................................................................................................... 17
Preparing the local environment for Azure ................................................................................................................... 18
Deploying the core Azure-based environment ............................................................................................................ 23
Completing the DNS registrations .................................................................................................................................... 26
SETTING UP THE MOODLE PLATFORM ....................................................................................................... 29
Setting up the Moodle server ............................................................................................................................................. 29
Setting up and configuring the database server ......................................................................................................... 33
Pointing the domain name o2m.contoso123.fr to the Moodle server ............................................................... 36
Installing the SSL/TLS certificate ........................................................................................................................................ 39
Opening the rights on the Moodle configuration files ............................................................................................. 40
Setting up and configuring Moodle from the web .................................................................................................... 41
Setting up the Microsoft resources for Moodle .......................................................................................................... 43
SETTING UP AND CONFIGURING THE OFFICE 365 SERVICES ON MOODLE .......................................... 52
Configuring the plugins ......................................................................................................................................................... 52
Configuring the Office 365 single sign-on..................................................................................................................... 53
Integrating with Microsoft Office 365 .............................................................................................................................. 61
Integrating with OneNote .................................................................................................................................................... 63
ILLUSTRATING THE USER EXPERIENCE ....................................................................................................... 67
Signing in to Office 365 ......................................................................................................................................................... 67
Signing in into Moodle .......................................................................................................................................................... 69
Configuring the synchronization of the Moodle calendar with Office 365 ...................................................... 70
GOING FURTHER ............................................................................................................................................. 72
APPENDIX A MICROSOFT PLUGINS FOR MOODLE ................................................................................... 73
Microsoft Office 365 plugins ............................................................................................................................................... 73
2
Moodle + Office 365: Better together
Microsoft Services plugins .................................................................................................................................................... 73
3
Moodle + Office 365: Better together
Introduction
Moodle1 is an open source Web-based platform designed to provide all the tools required for classroom
management, where teachers and students have the ability to smoothly and easily collaborate on a dayto-day basis. As the recognized leading learning management system (LMS), Moodle is unsurprisingly used
in more universities and schools than any other LMS in the world to provide large populations of students
with dematerialized training content through a compelling and motivating environment.
Microsoft Office 3652 provides secure anywhere access to professional email, shared calendars, instant
messaging (IM), video conferencing, and document collaboration. It represents the cloud version of the
Microsoft communication and collaboration products with the latest version of the Microsoft desktop suite
for businesses of all sizes. Office 365 indeed notably includes:

Microsoft Office 365 ProPlus. Microsoft Office 365 ProPlus3 is the Office software that can be
installed locally on a device (computer, phone, or tablet) as a subscription. Depending on the device
type and related operating system, it includes the following programs: Access, Excel, InfoPath,
Skype for Business (formerly Lync), OneNote, Outlook, PowerPoint, Publisher, Word, etc. The
programs have the same features and functionality as other versions of Office. For example, Word
in Office 365 ProPlus works the same way it does in Office Professional 2013. This version of Office
is included in E3, E4, A3, Business and Business Premium plans4 and is therefore the logical
companion of Office 365 services.
The programs of the Office suite can be deployed easily in a click-to-run mode on a Windows
computer, either directly from the Office 365 portal or from the local network with your own
management tool.
Note
PROPLUS5.
For more information, see the Microsoft TechNet article GETTING STARTED GUIDE FOR DEPLOYING OFFICE 365
Note
For more information about the different types of licenses available for Office, go to the following
pages: CHOOSE AN OFFER6 and OFFERS AND PRICES FOR OFFICE 365 EDUCATION7.

Microsoft Exchange Online. Exchange Online offers cloud-based email, calendar, and contacts
with the most current antivirus and anti-spam solutions. It enables access to email on virtually any
mobile device and takes advantage of options for voice mail, unified messaging, and archiving.

Microsoft SharePoint Online/One Drive for Business. SharePoint Online is a cloud-based service
for creating sites that connect colleagues, partners, and customers using enterprise social
networking and collaboration like Yammer. OneDrive for Business is a large capacity personal
storage space hosted in the Microsoft Cloud, allowing users to access their documents anywhere
and to facilitate their sharing.

Microsoft Skype for Business Online. Skype for Business Online offers cloud-based IM, presence,
and online meeting experiences with screen sharing, voice and video conferencing.
Moodle: https://moodle.org/
Microsoft Office 365: https://products.office.com/en-us/business?legRedir=true&CorrelationId=cd5bede1-e0e0-4500-ba6ac1f072bfe749
3
OFFICE IN EDUCATION: http://products.office.com/en-us/student
4
OFFICE 365 PLAN OPTIONS: http://technet.microsoft.com/en-US/library/office-365-plan-options.aspx
5
GETTING STARTED GUIDE FOR DEPLOYING OFFICE 365 PROPLUS: http://technet.microsoft.com/en-us/library/jj839718(v=office.15)
6
CHOOSE AN OFFER: https://products.office.com/en-us/business/compare-office-365-for-business-plans
7
OFFERS AND PRICES FOR OFFICE 365 EDUCATION: http://products.office.com/en-US/academic/compare-office-365-educationplans?omkt=en-US
1
2
4
Moodle + Office 365: Better together
Note
For additional information on Office 365 in addition to the content of this paper, please refer to the
Office 365 Community web site (blogs, forums, wikis, etc.)8.
Serving nearly 80 million users worldwide, Moodle has already changed the face of classroom management.
With open-source plugins developed by Microsoft and available with their complete source code on the
GitHub forge9, Moodle now benefits from an integration path with Office 365. Combined with Office 365,
which is being embraced in a big way by the education world thanks to its business-class productivity tools
and the above Office 365 ProPlus benefit, Moodle becomes even more powerful to ultimately bring a better
and more productive classroom experience to teachers and students alike.
The Moodle with Office 365 integration is thus helping to reinvent productivity in education with:

Easy Access. Your Office 365 username and password now get you into Moodle with no additional
credentials to remember. Moodle is now also accessible from the new Office 365 app launcher,
meaning it’s just a few clicks away from any of your favorite Office 365 apps like Delve, Outlook
Web App, SharePoint and others.

Work Offline. Moodle courses can now include Office documents (Word, PowerPoint, Excel, etc.)
that can be edited on any device and even offline – no need to stop working if you don’t have an
Internet connection.

Mobile Friendly, Cross-Platform. Moodle calendar events can be synced with Office 365 and will
show up in all of your mobile devices that support Exchange – iOS, Android, Windows, etc.

Classroom Ready. Teachers and faculty can embed their interactive Office Mix10 lectures in
Moodle courses and manage Moodle assignment submissions through OneNote11 and store the
Moodle course documents on OneDrive12.
Note
For additional information, see the blog posts OFFICE 365
TRANSFORMING CLASSROOMS13 and OFFICE 365 AND MOODLE INTEGRATION14.
AND
MOODLE: AN OPEN APPROACH
TO
Objectives of this paper
This paper aims at providing the audience with a better understanding of the Moodle with Office 365
integration, how it works and can be easily deployed, along with the related configuration of the various
plugins.
For that purpose, this document also provides a complete end-to-end walkthrough to not only illustrate
how to smoothly rollout the Moodle with Office 365 solution but also as an opportunity to depict how the
Microsoft Azure15 platform can be a more than ideal candidate to host your Moodle platform.
Office 365 Community web site: http://community.office365.com/en-us/default.aspx
MSOpenTech/o365-moodle: https://github.com/MSOpenTech/o365-moodle
10
Office Mix: https://mix.office.com/
11
OneNote: http://www.microsoft.com/en-us/education/products/onenote/default.aspx#fbid=1jcPkOcMmIG
12
INTRODUCING ONENOTE CLASS NOTEBOOKS—A FLEXIBLE DIGITAL FRAMEWORK FOR TEACHING AND LEARNING:
http://blogs.office.com/2014/10/07/introducing-onenote-class-notebooks-flexible-digital-framework-teaching-learning/
13
OFFICE 365 AND MOODLE: AN OPEN APPROACH TO TRANSFORMING CLASSROOMS:
14
OFFICE 365 AND MOODLE INTEGRATION: http://blogs.technet.com/b/educloud/archive/2015/01/20/office-365-and-moodleintegration.aspx
15
MICROSOFT AZURE: http://azure.microsoft.com/en-us/overview/what-is-azure/
8
9
5
Moodle + Office 365: Better together
Note
Microsoft Azure is a flexible and open cloud computing platform hosted in Microsoft datacenters
delivering scalable and reliable Internet-scale services. It offers on-demand access to these services, so that users
only pay for what they use, while benefiting from almost unlimited capacities.
As an IaaS platform (Infrastructure as a Service), it enables you to deploy (complex) workloads (servers, networking
and storage infrastructure) in the cloud that you can control and manage on your terms. These capabilities will
be illustrated in this document.
Also, as a PaaS platform (Platform as a Service), it includes a number of features, which can be used individually
or composed together in a public or hybrid cloud fashion. As illustrated hereafter, the Azure services catalog
comprises compute, data, and application capabilities/augmentations for web sites, mobile back-ends, media
streaming, SQL/ NoSQL databases, caching, etc. which can be directly consumed and integrated in your solutions
regardless where they reside.
Note
Azure Active Directory16 is the service that Office 365 uses for identities and other necessary
information relating to them. This service can be synchronized and eventually federated with an existing onpremises identity infrastructure, such as Active Directory, another LDAP directory, etc, to unify user identities, but
these scenarios are not explained in this document.
For more information about Azure Active Directory (Azure AD), see the series of papers available at
http://aka.ms/aadpapers.
As such, this document describes all the steps that pertains to the Moodle + Office 365 solution, including:

How to build a suitable Azure-based test lab environment to later host your instance of the Moodle
platform as a set of virtual machines.

How to deploy a standard Moodle environment on that basis.

How to subscribe to and configure Office 365 with test users.

How to configure the above plugins for the Moodle and Office 365 integration.
Note
For additional information, see the document OFFICE 365 PLUGINS FOR MOODLE17.
Important note
The procedures, command lines etc. suggested in this context are provided as is for test
purposes only and are devoted to an ad hoc test lab environment. Prior testing, adaption, and validation are
required before any use in a production environment.
Every steps are explained so that Moodle with Office 365 projects can be more easily completed, and
consequently enabling teachers and students to realize the full potential of this integration.
The document concludes by illustrating the user experience for teachers and students.
Non-objectives of this paper
This document doesn’t provide a full description of the Moodle, Office 365 or Azure platforms. It rather
focuses on key aspects that aims at providing the readers an understanding on how to setup and leverage
the Moodle with Office 365 integration and solution.
It doesn’t provide neither guidance for setting up and configuring the solution in a production environment
– beyond highlighting key technical aspects - nor a complete technical reference for these platforms. See
the documentation that relates to each platform for any further information.
16
17
6
AZURE ACTIVE DIRECTORY: HTTP://azure.microsoft.com/en-us/services/active-directory/
OFFICE 365 PLUGINS FOR MOODLE: https://msopentech.com/wp-content/uploads/Office-365-plugins-for-Moodle-documentation.pdf
Moodle + Office 365: Better together
Organization of this paper
To cover the above objectives, this document is organized around the key milestones for the Moodle +
Office 365 solution, each of them being addressed in the following sections:

ERROR! REFERENCE SOURCE NOT FOUND..

PROVISIONING AN OFFICE 365 ENVIRONMENT.

PROVISIONING AN AZURE ENVIRONMENT.

SETTING UP THE MOODLE PLATFORM.

SETTING UP AND CONFIGURING THE OFFICE 365 SERVICES ON MOODLE.

ILLUSTRATING THE USER EXPERIENCE.
About the audience
This document is thus intended for system architects and IT professionals who are interested in
understanding the Moodle with Office 365 integration.
7
Moodle + Office 365: Better together
Building a test lab environment
A challenge in creating a useful test lab environment is to enable its reusability and extensibility. Because
creating a test lab can represent a significant investment of time and resources, your ability to reuse and
extend the work required to create the test lab is important. An ideal test lab environment would enable
you to create a basic lab configuration, save that configuration, and then build out multiple test lab
scenarios in the future by starting with the base configuration.
Moreover, another challenge people are usually facing with relates to the hardware configuration needed
to run such a base configuration that involves several (virtual) machines.
For these reasons and considering the above objectives, we have tried to streamline and to ease as much
as possible the way to build a suitable test lab environment with an “on-premises” Moodle platform, to
consequently reduce the number of instructions that tell you what servers to create, how to configure the
operating systems and core platform services, etc. and, at the end, to reduce the overall effort that is needed
for such an environment.
Thus, this document will leverage the following subscriptions:


An Azure subscription. Azure Virtual Machines18 will enable to host:

One intranet member server running Ubuntu Server 14.10 that will be configured as the
MySQL server

One Internet-facing member server running Ubuntu Server 14.1 that will configured as the
Moodle Server. Version 2.7 of Moodle will be deployed on this machine.
An Office 365 subscription. As per construction for the Moodle with Office 365 integration. Office
Enterprise E3 licenses allow to benefit from all the functionalities and notably to get Office 365
ProPlus.
Interestingly, every Office 365 subscription has an Azure AD directory underneath, i.e. a robust
identity and access management service that will be leveraged for the single sign-on (SSO)
capabilities of the Moodle with Office 365 integration.
18
8
AZURE VIRTUAL MACHINES: http://azure.microsoft.com/en-us/services/virtual-machines/
Moodle + Office 365: Better together
Considering the above choice and elements, the test lab environment we suggest to build will be as follows:
Azure Virtual Machines
Virtual Network
MySQL Server
Ubuntu Server 14.10
Moodle 2.7 Server
Ubuntu Server 14.10
Subnet #1
Subnet #2
Firewall
TCP endpoints
443 et 80
https://o2m.contoso123.fr
Microsoft Azure
SharePoint Online
Exchange Online
Microsoft Office 365
Single Sign-On
Username
Password
Moodle+Office365
user
Office 365 Identity Platform
Azure Active Directory
Authentication Service
Directory: nfr123.onmicrosoft.com
Domain
nfr123.onmicrosoft.com
contoso123.com
Status
Active
Active
Let’s start by provisioning the above Microsoft Office 365 and Azure subscriptions.
9
Moodle + Office 365: Better together
Provisioning an Office 365 environment
As mentioned above, and by essence, an Office 365 subscription is required for the suggested test lab
environment.
To sign up to a free 30-day Microsoft Office 365 Enterprise E3 trial, follow the instructions to the OFFICE 365
ENTERPRISE E3 TRIAL VERSION19.
Note
For more information, see the article SIGN IN TO OFFICE 36520.
For the course of this walkthrough, we’ve provisioned an Office 365 Enterprise (E3) tenant:
nfr123.onmicrosoft.com and created the vanity domain contoso123.fr underneath. You will have to
choose instead of them domain names of your choice whose name is currently not in use. Whenever
a reference to nfr123.onmicrosoft.com or contoso123.fr is made in a procedure, it has been replaced
by the corresponding domain name of your choice to reflect accordingly the change in naming.
At this stage, we assume that you already have an active Office 365 subscription.
Creating the Office 365 accounts
To illustrate the Moodle with Office 365 integration, some Office 365 test users will be necessary. These
users should have an Office 365 license assigned to access to the relevant Office 365 services.
The Moodle with Office 365 integration also requires an "System API" account with the appropriate
privileges to sustains the requirements of the integration, in particular with SharePoint Online for the
automatic creation of the collaborative workspaces for each Moodle course.
OFFICE 365 ENTERPRISE E3 TRIAL VERSION: https://portal.office.com/Signup/Signup.aspx?OfferId=B07A1127-DE83-4a6d-9F852C104BDAE8B4&dl=ENTERPRISEPACK&culture=en-US&country=US&ali=1#0
20
SIGN IN TO OFFICE 365: http://onlinehelp.microsoft.com/en-us/office365-enterprises/ff637600.aspx
19
10
Moodle + Office 365: Better together
This section will cover how to create the test users, create the "System API" account, and grant this system
account the adequate privileges on the SharePoint Online platform.
Creating the test users
For the purpose of our test lab environment, we will start by creating four test users: Teacher Martin,
Student 1, Student 2 and Student 3, each with an Office 365 E3 license assigned to benefit from the Office
365 services.
To create the above test users, proceed with the following steps:
11
1.
Open a browsing session and navigate to the Office 365 management portal at
https://portal.office.com.
2.
Sign in with an administration account of the Office 365 subscription.
3.
In admin shortcuts on the right of the user interface, click Add new users as highlighted above
in yellow.
Moodle + Office 365: Better together
12
4.
On the details page, specify the user information that pertains to the account to create, and then
click Next.
5.
On the settings page, fill in the additional information. The user must not be an Office 365
administrator. Set the appropriate location for the user depending on your geography, for example
France in our illustration. Click Next.
Moodle + Office 365: Better together
6.
On the assign licenses page, select Office 365 Enterprise E3 as well as all the available option
underneath, e.g. Office 365 ProPlus, Skype for Business Online, Office Online, etc. so that the
user can use all the available Office 365 functionality. Click Next.
7.
On the send results in email page, type an e-mail address where the user will receive the password
generated by the platform, for example “[email protected]” in our illustration. Users can later
change their password when they will sign-in for the first time. Click Create.
The user has now been created. The assigned password is displayed in results, so that you can
potentially communicate it to the user by a mean other than e-mail if needed for some reasons.
8.
Click Create another user.
9.
Repeat steps 4 to 7 for the other users to be created. At the end of these operations, click Finish.
When using the Office 365 platform in a production environment, the accounts can be created
automatically via identity management systems for example.
Moreover, it is also possible to use the same identities as the ones in your existing on-premises identity
infrastructure, such as Active Directory for example, or another LDAP directory, using synchronization and
single sign-on (a.k.a. federation) mechanisms if necessary.
Note
The newly generally available Azure AD Connect tool can be used for that purpose for example. This
is the one stop shop for connecting your on-premises directories to Azure AD, whether you are evaluating, piloting,
or in production. Azure AD Connect provides a single and unified wizard that streamlines the overall onboarding
process for both directory synchronization (single or multiple directories) AND single sign-on if you want to.
For additional information, see the Microsoft articles INTEGRATING
DIRECTORY21 and AZURE ACTIVE DIRECTORY CONNECT22.
YOUR ON-PREMISES IDENTITIES WITH
These scenarios are not further covered in this paper.
INTEGRATING YOUR ON-PREMISES IDENTITIES WITH AZURE ACTIVE DIRECTORY: https://azure.microsoft.com/enus/documentation/articles/active-directory-aadconnect/
22
AZURE ACTIVE DIRECTORY CONNECT: https://msdn.microsoft.com/en-us/library/azure/dn832695.aspx
21
13
Moodle + Office 365: Better together
AZURE ACTIVE
Note
For more information about these scenarios and their implementation in different types of
environments, see the AZURE AD/OFFICE 365 SINGLE SIGN-ON WITH AD FS IN WINDOWS SERVER 2012 R223 (Part 1 and Part
2bis) and AZURE AD/OFFICE 365 SINGLE SIGN-ON WITH SHIBBOLETH 224 whitepapers.
Creating the so-called "System API" account
Let's deal with the so-called "System API" account. You can call this account whatever you like. In our
example, we are going to create the account [email protected].
To create the account, follow the same procedure as the one illustrated in the previous section for the test
users. However, in this case, please ensure that the administrator's privileges are granted to the account
(on the settings page).
Do not allocate an Office 365 Enterprise E3 license to this account, since it does not need a mailbox nor the
other Office 365 services.
Configuring the SharePoint Online privileges
You now need to grant the "System API" account the appropriate privileges on the SharePoint Online
platform, so that this account can automatically create the necessary site for each Moodle course.
Proceed with the following steps:
23
24
1.
Open a browsing session and navigate to the Office 365 management portal.
2.
On the left pane, click SharePoint.
3.
In the SharePoint admin center, select the site collection that will host the Moodle sites, for
example https://nfr123.sharepoint.com in our illustration. Click Owners, and then Manage
Administrators.
AZURE AD/OFFICE 365 SINGLE SIGN-ON WITH AD FS IN WINDOWS SERVER 2012 R2: http://aka.ms/aadpapers
AZURE AD/OFFICE 365 SINGLE SIGN-ON WITH SHIBBOLETH 2: http://aka.ms/aadpapers
14
Moodle + Office 365: Better together
The manage administrators dialog opens up.
15
4.
In Site Collection Administrators, enter the name of the previously created "System API" account,
for example [email protected] our illustration, in addition to the Company
Administrator account that is already present.
5.
Click OK.
Moodle + Office 365: Better together
Provisioning an Azure environment
As mentioned before, an Azure subscription is also required for this test lab environment. If you do not
already have an Azure account, you can sign up for a free one-month trial25.
If you have an MSDN subscription, see AZURE BENEFIT FOR MSDN SUBSCRIBERS26 on the Azure Web site.
Note
Once you have completed your trial tenant signup, you will be redirected to the Azure account
portal27 and can proceed to the Azure management portal by clicking Portal at the top right corner of your screen.
At this stage, and regardless of the chosen option, we assume that you have an Azure subscription
in place to proceed with the steps in this guide.
Introducing virtual machines in Azure
Azure Virtual Machines28 provides support for virtual machines (VMs) provisioned from the cloud. At a
glance, a VM consists of a piece of infrastructure available to deploy an operating system and an
application. Specifically, this includes a persistent operating system (OS) disk, possibly some persistent data
disks, and internal/external networking “glue”/connectivity to hold it all together. With these infrastructure
ingredients, it enables the creation of a platform where you can take advantage of the reduced cost and
ease of deployment offered by Azure.
To mimic an on-premises deployment with a multi-VM workload as needed here, virtual networks are also
required. This is where Azure Virtual Networks come into play. Azure Virtual Networks29 let you provision
and manage virtual networks (VNET) in Azure. A VNET provides the ability to create a logical boundary and
place VMs inside it. VNET also provides the capability of connecting Azure Cloud Services30 (VMs, web roles,
and worker roles).
Azure Virtual Network provides control over the network topology, including configuration of IP addresses,
routing tables and security policies. A VNET has its own private address space. The address space is IPv4
only (but could be extended to IPv6 in a future release).
FREE ONE MONTH TRIAL: http://azure.microsoft.com/en-us/pricing/free-trial/
AZURE BENEFIT FOR MSDN SUBSCRIBERS: http://azure.microsoft.com/en-us/pricing/member-offers/msdn-benefits-details/
27
Azure account portal: https://account.windowsazure.com/Subscriptions
28
Azure Virtual Machines: https://www.windowsazure.com/en-us/services/virtual-machines/
29
Azure Virtual Networks: https://www.windowsazure.com/en-us/services/virtual-network/
30
Azure Cloud Services: https://www.windowsazure.com/en-us/services/cloud-services/
25
26
16
Moodle + Office 365: Better together
Note
Azure Virtual Network also allows to securely extend on-premises networks into the cloud. With the
ability to assign a private address range for its VNET, you can indeed treat it as an extension of your own corporate
private network address space by establishing appropriate gates (VPN gateway) between your on-premises
corporate private network and virtual network(s) in Microsoft Azure.
For that purpose, Azure Virtual Network enables to set up secure site-to-site connectivity between the
organization’s corporate VPN gateway and Azure, and then to connect the organization’s on-premises corporate
network to the organization’s Azure tenant by using a VPN gateway along with the industry-standard IPsec
protocol.
With such a capability, IT administrators can easily create a logically isolated private environment in Azure, and
connect it to the organization’s on-premises IT infrastructure by using a secure VPN tunnel. Once set up, the
isolated Azure environment can be viewed as a natural extension of the on-premises corporate network.
To synthetize, Azure Virtual Network allows you to create private network(s) of VMs in your Azure tenant
environment that you can assign IP addresses to (and then optionally connect to your data center through
a VPN gateway). Using this method, you can seamlessly connect on-premises (virtual) machines to VMs
running in your Azure tenant.
The fundamental requirements for deploying Moodle on VM(s) in Azure differ very little from deploying it
in VMs (and, to some extent, physical machines) on-premises.
Understanding the ongoing costs of virtual machines in Azure
Virtual machines in Azure incur an ongoing monetary cost when they are running. This cost is billed against
your free trial, MSDN subscription, or paid subscription.
Note
For more information about the costs of running Azure virtual machines, see VIRTUAL MACHINES PRICING
DETAILS31 and AZURE PRICING CALCULATOR32 on the Azure Web site.
To minimize the cost of running the test lab virtual machines, you can do one of the following:

Create the test lab environment and perform your needed testing and demonstration as quickly
as possible. When complete, delete the test lab virtual machines from the VIRTUAL MACHINES
page of the Azure management portal.

Shut down your test lab virtual machines into a de-allocated state from the VIRTUAL MACHINES
page of the Azure management portal as covered later in this document. However, you should
start your virtual machines in a specific order.
Adding the Azure trial to the Office 365 account
Once you have signed up33 and established your (test) organization with an account in Office 365 Enterprise
E3, you can then add an Azure trial subscription to your Office 365 account. This can be achieved by
accessing the Azure Sign Up page at https://account.windowsazure.com/SignUp with your Office 365
global administrator account. You need to select Sign in with your organizational account for that
purpose.
VIRTUAL MACHINES PRICING DETAILS: http://azure.microsoft.com/en-us/pricing/details/virtual-machines/
AZURE PRICING CALCULATOR: http://azure.microsoft.com/en-us/pricing/calculator/?scenario=virtual-machines
33
Office 365 Enterprise E3 Trial: http://office.microsoft.com/en-us/business/redir/XT104175934.aspx
31
32
17
Moodle + Office 365: Better together
Note
You can log into the Office 365 administrator portal and go to the Azure Signup page or go directly
to the signup page, select sign in with an organizational account and log in with your Office 365 global
administrator credentials. Once you have completed your trial tenant signup you will be redirected to the Azure
account portal34 and can proceed to the Azure management portal by clicking Portal at the top right corner of
your screen.
At this stage, you should have an Office 365 Enterprise E3 trial subscription with an Azure trial
subscription.
Preparing the local environment for Azure
Microsoft Azure PowerShell is the module for Windows PowerShell that you can use to control and
automate the deployment and management of the Moodle workload in Azure.
The configuration of Azure PowerShell on a local computer consists in:

Installing Azure PowerShell,

Verifying that Azure PowerShell can run scripts, and enabling scripts to run in Windows PowerShell,

Verifying that WinRM allows Windows PowerShell to connect, and configuring WinRM to support
basic authentication.
Note that this local computer must have Internet connectivity.
Installing Azure PowerShell
To install the Azure PowerShell module, proceed with the following steps:
34
35
1.
Open a browsing session and navigate to the Azure Downloads35 page.
2.
Scroll down to Command line tools.
3.
Click Install.
4.
When prompted to run or save the .exe installation file (WindowsAzurePowerShell.3f.3.3fnew.exe),
click Run. A Web Platform Installer 5.0 dialog opens up.
Azure account portal: https://account.windowsazure.com/Subscriptions
Azure Downloads: http://go.microsoft.com/fwlink/?LinkID=294711
18
Moodle + Office 365: Better together
19
5.
Click Install to continue.
6.
Click I Accept.
7.
At the end of the installation, click Finish to close the Web Platform Installer 5.0 wizard.
Moodle + Office 365: Better together
8.
Click Exit.
You can run then the cmdlets from the Azure PowerShell console.
Connecting to your Azure subscription
To connect to your Azure subscription with the Azure PowerShell console, proceed with the following steps:
1.
On the local computer, type "power" in the search function in the Start screen.
This search will return the list of applications containing the word "power," including Microsoft
Azure PowerShell. Click on the application to start the console of the same name.
2.
Run the following command in the Microsoft Azure PowerShell console:
Add-AzureAccount
A sign-in dialog opens up.
3.
20
Type the email address corresponding to your Azure account and click Continue. You’re redirected
to a Sign In page.
Moodle + Office 365: Better together
4.
Type the password associated with your account and click Sign in. Azure authenticates you, saves
the credential information, and then closes the dialog. A message states that your subscription is
now selected as the default subscription.
5.
Once connected to your default subscription, you can use the built-in Help system to list and get
help about the cmdlets in the Azure PowerShell module. To list the available cmdlets, run the
following command:
help azure
You can then display help about a specific cmdlet by typing help followed by the name of the
cmdlet, for example “help New-AzureVM”.
Note
For instructions, see the Microsoft TechNet articles HOW TO INSTALL AND CONFIGURE AZURE POWERSHELL36
and GET STARTED WITH AZURE CMDLETS37.
HOW TO INSTALL AND CONFIGURE AZURE POWERSHELL: http://www.windowsazure.com/en-us/manage/install-and-configure-windowspowershell/
37
GET STARTED WITH AZURE CMDLETS: http://msdn.microsoft.com/en-us/library/windowsazure/jj554332.aspx
36
21
Moodle + Office 365: Better together
Note
For more information about the cmdlets in the Azure PowerShell module, see the Microsoft MSDN
article AZURE MANAGEMENT CMDLETS38.
Enabling Windows PowerShell scripts
To verify that Azure PowerShell can run scripts, proceed with the following steps;
1.
Open an elevated Azure PowerShell command prompt, and run the following command:
Get-ExecutionPolicy
2.
If the value returned is anything other than RemoteSigned, you need to change the value to
RemoteSigned.
Note
A digital signature is required from a trusted publisher on scripts and configuration files that are
downloaded from the Internet (including email and instant messaging programs) so that they can run. However,
a digital signature isn’t required on scripts that you have written on the local computer (not downloaded from
the Internet). Finally, you can run scripts that are downloaded from the Internet and not signed, if the scripts are
unblocked, such as by using the Unblock-File cmdlet. For more information, see the Microsoft TechNet article
ABOUT_EXECUTION_POLICIES39.
Run the following command if needed:
Set-ExecutionPolicy RemoteSigned
When asked, press “Y” to confirm the operation.
Enabling WinRM for remote PowerShell shell
To verify that WinRM allows Windows PowerShell to connect, proceeds as follows:
1.
In the above elevated Azure PowerShell session, run the following command to check the status of
the WinRM service:
sc query winrm
2.
If the WinRM service isn’t running, start it with the following command:
net start winrm
3.
Run the following command:
winrm get winrm/config/client/auth
38
39
AZURE MANAGEMENT CMDLETS: http://msdn.microsoft.com/en-us/library/jj152841.aspx
ABOUT_EXECUTION_POLICIES: http://technet.microsoft.com/library/hh847748.aspx
22
Moodle + Office 365: Better together
4.
In the results, look for the value “Basic =”. If the value is “Basic = false”, you must change the value
to “Basic = true”.
If the value has to be changed, run the following command:
winrm set winrm/config/client/auth @{Basic="true"}
The value between the braces { } is case-sensitive. In the command output, verify the value “Basic
= true”.
5.
If you started the WinRM service in step 2, run the following command to stop it:
net stop winrm
You are now ready to setup the virtual machines needed for the Moodle platform.
This is the purpose of the next section.
Deploying the core Azure-based environment
By following the instructions outlined hereafter, you should be able to successfully prepare your Azurebased test lab environment for the Moodle platform. As stated before, the Moodle platform will be based
on individual virtual machines (VMs) running the Ubuntu Server 14.10 distribution.
Important note
Individual virtual machines (VMs) are needed to separate the services provided on the
network and to clearly show the desired functionality. This being said, the suggested configuration is neither
designed to reflect best practices nor does it reflect a desired or recommended configuration for a production
network. The configuration, including IP addresses and all other configuration parameters, is designed only to
work on a separate test lab networking environment.
Any modifications that you make to the configuration details provided in the rest of this document may affect or
limit your chances of successfully setting up the Azure-based test environment that will serve as the basis for the
Moodle with Office 365 integration. We recommend following this guide as-is first to familiarize yourself with the
steps involved, before attempting a deployment on an environment with a different configuration.
Microsoft has successfully built the suggested environment with Azure IaaS, and Ubuntu Server 14.10 virtual
machines.
For greatly ease the deployment of a typical Moodle environment, and rather than creating all of the above
resources manually from the Microsoft Azure management portal40, we will use a PowerShell script that will
perform all of the required actions automatically for.
The script New-MoodleEnvironment.ps1 provided with this paper (file Moodle-Office-365-Setup-Guide-(PSScripts).zip, available for download) can be used to deploy your own environment to host Moodle in
Microsoft Azure. This sample script is inspired by the scripts available in the Script center41.
To execute the script, connect your PowerShell session to your Azure subscription and execute the following
command:
.\New-TestLabEnvironment.ps1 -ServiceName "o2m-contoso" -Location "North Europe" -MoodleServerName "o2m-moodle" MoodleVMSize "Medium" -MysqlServerName "adfs1" -MysqlVMSize "Medium" -VNetAddressPrefix "10.0.0.0/16" Subnet1AddressPrefix "10.0.1.0/24" -Subnet2AddressPrefix "10.0.2.0/24"
The main actions taken by the script are described in detail in the following sections.
40
41
Microsoft Azure management portal: https://manage.windowsazure.com
AZURE SCRIPT CENTER: http://azure.microsoft.com/en-us/documentation/scripts/
23
Moodle + Office 365: Better together
Creating the virtual networks
XML configuration files containing all the network configurations of a subscription are used to create virtual
networks in Azure.
The configuration procedure is as follows.
1.
Export the network configuration of the subscription, if virtual networks have already been
configured.
2.
If the exported file is empty, create the basic structure of the XML configuration file.
3.
Check that the virtual network to be created does not already exist.
4.
Add the information on the virtual network to the XML configuration file, with the configuration of
the sub-networks.
5.
Import the configuration file into the subscription to update the configuration of the network.
The network configuration is exported by executing the following Get-AzureVNetConfig command:
Get-AzureVNetConfig -ExportToFile C:\temp\azure-vnet.xml
The configuration file for the virtual networks required by our Moodle platform is as follows:
<?xml version="1.0" encoding="utf-8"?>
<NetworkConfiguration xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchemainstance" xmlns="http://schemas.microsoft.com/ServiceHosting/2011/07/NetworkConfiguration">
<VirtualNetworkConfiguration>
<Dns />
<VirtualNetworkSites>
<VirtualNetworkSite name="m2o-contoso123vnet" AffinityGroup="m2o-contoso123aff">
<AddressSpace>
<AddressPrefix>10.0.0.0/8</AddressPrefix>
</AddressSpace>
<Subnets>
<Subnet name="m2o-contoso123vnet-subnet1">
<AddressPrefix>10.0.1.0/24</AddressPrefix>
</Subnet>
<Subnet name="m2o-contoso123vnet-subnet2">
<AddressPrefix>10.0.2.0/24</AddressPrefix>
</Subnet>
</Subnets>
</VirtualNetworkSite>
</VirtualNetworkSites>
</VirtualNetworkConfiguration>
</NetworkConfiguration>
The subscription is configured with the complete XML file by executing the following SetAzureVNetConfig command:
Set-AzureVNetConfig -ConfigurationPath C:\temp\azure-vnet.xml
Creating the affinity group
The affinity group is created by executing a simple New-AzureAffinityGroup Power Shell command, as
follows:
New-AzureAffinityGroup -Name $AffinityGroupName -Location $Location -Label $AffinityGroupName -ErrorVariable
lastError -ErrorAction SilentlyContinue
The variables $AffinityGroupName and $Location must be entered before executing the command.
In the proposed script New-MoodleEnvironment.ps1, these values are automatically generated according to
the input parameters of the script.
24
Moodle + Office 365: Better together
Creating the Cloud service
The Cloud service that will contain our virtual machines for the test lab environment is similarly created by
executing a PowerShell command.
It is important to properly attach our Cloud service to the affinity group that we have just created using the
AffinityGroup parameter.
New-AzureService -ServiceName $ServiceName -AffinityGroup $AffinityGroupName -ErrorVariable lastError -ErrorAction
SilentlyContinue
Creating the storage account
The storage account is created by the command New-AzureStorageAccount.
Here again, it is important to specify the affinity group to which our storage account must be linked.
New-AzureStorageAccount -StorageAccountName $StorageAccountName -AffinityGroup $AffinityGroupName
Deploying the MySQL virtual machine
For the deployment of the virtual machines, the proposed script New-MoodleEnvironment.ps1 starts by
asking for the identification information that will be used for the local administration account of the virtual
machines.
$credential = Get-Credential -Message "Please provide the administrator credentials for the virtual machines"
$username = $credential.GetNetworkCredential().username
$password = $credential.GetNetworkCredential().password
Then, a sequence of PowerShell commands:
1.
Create the virtual machine envelope with the command New-AzureVMConfig,
2.
Personalize the virtual machine with the command Add-AzureProvisioningConfig,
3.
Connect the VM to the right sub-network with the command Set-AzureSubnet,
4.
Add an additional 100 GB data disk with the command Add-AzureDataDisk.
$mysqlServerVM = New-AzureVMConfig -Name $MysqlServerName -InstanceSize $MysqlVMSize -ImageName $image.ImageName |
Add-AzureProvisioningConfig -Linux -LinuxUser $username -Password $password |
Set-AzureSubnet -SubnetNames $subnet2Name |
Add-AzureDataDisk -CreateNew -DiskSizeInGB 100 -DiskLabel 'mysqldatadrive' -LUN 0
Finally, the virtual machine is created with the command New-AzureVM, by specifying:

The Cloud service in which the machine is deployed,

The configuration that we have just created,

And the virtual network to which this virtual machine must be connected.
New-AzureVM -ServiceName $ServiceName -VMs $mysqlServerVM -VNetName $VNetName –WaitForBoot
25
Moodle + Office 365: Better together
Deploying the Moodle virtual machine
The same operations are repeated for the virtual machine that will host the Moodle Web site.
$moodleServerVM = New-AzureVMConfig -Name $MoodleServerName -InstanceSize $MoodleVMSize -ImageName $image.ImageName
|
Add-AzureProvisioningConfig -Linux -LinuxUser $username -Password $password |
Set-AzureSubnet -SubnetNames $subnet1Name |
Add-AzureDataDisk -CreateNew -DiskSizeInGB 100 -DiskLabel 'moodledatadrive' -LUN 0
New-AzureVM -ServiceName $ServiceName -VMs $moodleServerVM -VNetName $VNetName
-WaitForBoot
Creating the HTTP (80) and HTTPS (443) endpoints
Endpoints in Azure allow certain services available on our virtual machines to be exposed directly on the
Internet.
Since Moodle is primarily a web site, the HTTP and HTTPS services must be exposed for our Moodle site to
be accessible over the Internet.
By default, on Linux machines, Azure creates an endpoint to expose the SSH services on the Internet. This
provides access to the Linux environments hosted in Azure, without having to install a VPN infrastructure
with Azure, by passing directly over the public IP of the Cloud service.
Perform the following sequence of actions to create the endpoints on a virtual machine:
1.
Retrieve the required virtual machine by executing the command Get-AzureVM.
2.
Add the endpoint with the command Add-AzureEndpoint.
3.
Update the virtual machine with the command Update-AzureVM.
In the proposed script New-MoodleEnvironment.ps1, all of these actions are performed by the following
command block:
Get-AzureVM -ServiceName $ServiceName -Name $MoodleServerName |
Add-AzureEndpoint -Name "HttpsIn" -Protocol "tcp" -PublicPort 443 -LocalPort 443 -LBSetName "MoodleWebFarm"
-ProbePort 80 -ProbeProtocol "http" -ProbePath "/" |
Update-AzureVM
Once all these actions have been completed, our Azure environment and our virtual machines are ready to
install Moodle and the MySQL database.
Completing the DNS registrations
In order to access your Moodle platform with a domain name other than the one supplied by default by
Microsoft Azure (for example m2o-contoso123svc.cloudapp.net in our illustration), you must own an Internet
domain name.
For the purpose of this illustration, we have already acquired the public domain name contoso123.fr, which
is used for our entire test lab environment.
On the administration page of your Internet domain, add a CNAME (Alias) type record so that a name of
your choosing points to your Moodle site.
In our example, we want our Moodle site to be accessible at the address https://o2m.contoso123.fr.
26
Moodle + Office 365: Better together
To do this, we have to create a CNAME record in our domain contoso123.fr with the following information:

Host: o2m
Points to: m2o-contoso123svc.cloudapp.net
Log onto the Microsoft Azure Management portal to find out the domain name of your Azure platform.
Once connected to the portal, go to the Cloud service that hosts your Moodle platform.
At the bottom of the Cloud service dashboard page, you will find the DNS name of the service that can be
accessed over the Internet. This is the name that points to the public IP address allocated to your Cloud
service by Microsoft Azure.
27
Moodle + Office 365: Better together
28
Moodle + Office 365: Better together
Setting up the Moodle platform
Your Azure subscription should now be ready to install the Moodle platform at this stage.
This section describes in sequence the setup of:

The Apache server required by Moodle,

The MySQL server,

Moodle itself,

The Office 365 integration plugins for Moodle.
Setting up the Moodle server
This section assumes that the provided script New-MoodleEnvironment.ps1 has already been
executed with the suggested parameters configured. If this is not already the case, see section §
PROVISIONING AN AZURE ENVIRONMENT.
Setting up the Apache HTTP server
To setup the Apache HTTP server, proceed with the following steps:
1.
2.
3.
Log onto the Moodle server using the SSH client of your choice (for example, the PuTTY42) client:

Host name: m2o-contoso123svc.cloudapp.net

Port: 49909
Enter the following user name and password when invited to do so by the server:

User name: "moodleadmin"

Password: "Contoso123! "
Switch to thesuper user (root) mode with the following command:
moodleadmin@m2o-moodle:~$ sudo –s
42
PuTTY: http://www.putty.org/
29
Moodle + Office 365: Better together
4.
Update the packages of the Linux distribution.
root@m2o-moodle:~$ apt-get update
5.
Install the Apache HTTP server
root@m2o-moodle:~$ apt-get install apache2
Note
Version 2.4.10 of the Apache HTTP server is installed with this Linux distribution.
Setting up the PHP script language and its extensions
To now setup the PHP script language and its extensions, proceed with the following steps:
1.
From the previous SSH connection, install the PHP script language with the following command:
root@m2o-moodle:~$ apt-get install php5
Note
2.
Version 5.5.12 of the PHP script language is installed with this Linux distribution.
Install the PHP cURL extension.
root@m2o-moodle:~$ apt-get install php5-curl
Note
The PHP cURL extension facilitates communications with many servers using numerous protocols
and allows data to be exchanged between Moodle platforms over the MNet network43.
3.
Install the PHP XML -RPC extension.
root@m2o-moodle:~$ apt-get install xmlrpc
Note
4.
The PHP XML-RPC extension allows procedure calls to be made on a remote computer.
Install the PHP GD extension.
root@m2o-moodle:~$ apt-get install php5-gd
Note
5.
The PHP GD extension is used to create and handle various image formats.
Install the PHP INTL extension.
root@m2o-moodle:~$ apt-get install php5-intl
Note
and times.
6.
The PHP INTL extension is used to internationalize PHP scripts, and in particular the numbers, dates
Install the PHP OPcache extension.
root@m2o-moodle:~$ apt-get install php5-opcache
43
MNET: https://docs.moodle.org/27/en/MNet
30
Moodle + Office 365: Better together
Note
The OPcache extension improves the performance of PHP by storing the bytecode of the
precompiled scripts in shared memory. The installation of this extension is not compulsory, but is strongly
recommended by Moodle44.
7.
Install the PHP LDAP extension.
root@m2o-moodle:~$ apt-get install php5-ldap
Note
The PHP LDAP extension activates the integration of the LDAP protocol by PHP. LDAP is a
communications protocol used to interrogate and modify directory services.
8.
Install the PHP MySQL extension.
root@m2o-moodle:~$ apt-get install php5-mysql
Note
The PHP MySQL extension allows for connections to MySQL databases from PHP scripts.
Setting up the additional packages required by Moodle
To install the additional packages required by Moodle, proceed with the following steps:
1.
From the previous SSH connection, install TeX Live.
root@m2o-moodle:~$ apt-get install texlive
Note
TeX Live provides a LaTeX environment. LaTeX is a system used to create documents and
mathematical equations. It is widely used in scientific circles. LaTeX is required by Moodle's standard document
creation plugins.
2.
Install Aspell and its English dictionaries.
root@m2o-moodle:~$ apt-get install aspell
root@m2o-moodle:~$ apt-get install aspell-us
Note
Aspell is a spell checker required by Moodle's standard document creation plugins. The required
English libraries can be found here: http://ftp.gnu.org/gnu/aspell/dict/en/.
3.
Install NTP.
root@m2o-moodle:~$ apt-get install ntp
Note
NTP (Network Time Protocol) is a protocol that synchronizes the local clock in a computer with a
reference time over a computer network.
4.
Install Sendmail.
root@m2o-moodle:~$ apt-get install sendmail
44
OPCACHE: https://docs.moodle.org/27/en/OPcache
31
Moodle + Office 365: Better together
Note
Sendmail is used to send and receive e-mail.
Setting up Moodle from the server
It is also possible to install Moodle directly, in the same way as we installed the HTTP server, by executing
the following two commands. But this option is not recommended in so far as, in this case, we cannot
control the versions of Moodle (e.g., 2.7 vs. 2.8) and SQL (e.g., MySQL vs. PostgreSQL) that are installed.
The versions depend on the chosen Linux distribution.
root@m2o-moodle:~$ cd /var/www/html
root@m2o-moodle:/var/www/html$ apt-get install moodle
We are rather going to install Moodle using the versions available on the official Moodle web site45.
To do that, proceed with the following steps:
1.
Still from the same SSH connection, create the directory src.
root@m2o-moodle:~$ mkdir /src
root@m2o-moodle:~$ cd /src
Note
2.
Moodle will be downloaded into this directory in the next step.
Download version 2.7 of Moodle in tgz format.
root@m2o-moodle:/src$ wget https://download.moodle.org/download.php/direct/stable28/moodle-latest-27.tgz
Note
At the time of writing, the most recent version of Moodle was version 2.8, which was first released
on November 10, 2014. Version 2.7 was first released in May 12, 2014. We have chosen to install version 2.7 of
Moodle, because it is an LTS version (Long-Term Support), which means that it will be maintained by Moodle for
3 years, instead of 18 months for regular versions. Moreover, not all the plugins developed by the Moodle
community are compatible with version 2.8 of Moodle.
Note
The links used to download the latest version of Moodle and the versions of Moodle that are still
maintained are respectively available on the LATEST RELEASE46 and OTHER SUPPORTED RELEASES47 pages of the official
Moodle site (see the link behind the button Download tgz).
3.
Extract the Moodle files from the archive.
root@m2o-moodle:/src$ tar -xzf moodle-latest-27.tgz
4.
Move the Moodle directories to a directory that is accessible on the web.
root@m2o-moodle:/src$ mv moodle /var/www/moodle
Creating the moodledata directory
moodledata is the directory where Moodle stores the files created or downloaded from the platform. All
the content created by users will be stored in this directory, and in particular the courses, documents,
images and videos hosted on the platform.
The official Moodle site: https://moodle.org
LATEST RELEASE: https://download.moodle.org/releases/latest
47
OTHER SUPPORTED RELEASES: https://download.moodle.org/releases/supported
45
46
32
Moodle + Office 365: Better together
To create this directory, proceed with the following steps:
1.
Still from the same SSH connection, create a secure directory called moodledata.
root@m2o-moodle:~$ mkdir /var/moodledata
Note
For security reasons, the moodledata directory must not be directly accessible from the web.
Therefore, it must not be created in the directory /var/www/.
Note
2.
moodledata is the default name of this directory, but it can be renamed.
Authorize the HTTP server to use the moodledata directory.
root@m2o-moodle:~$ chown www-data:www-data -R /var/moodledata
root@m2o-moodle:~$ chmod g+rws -R /var/moodledata
Note
Depending on the Linux distribution in use, the Apache user and the default Apache group can be
called www-data, nobody or apache.
Note
The command chown (change owner) is used to change the owner of the directory, while the
command chmod (change mode) changes the privileges of the directory. At this point, we add (+) read (r) and
write (w) privileges to the moodledata directory and its sub-directories (-R), and make sure that Moodle keeps
these privileges for all the files that are created or deposited in the directory, irrespective of the Moodle user who
creates or downloads the files.
Setting up and configuring the database server
Moodle supports various types of database servers:

MySQL,

PostgreSQL,

Microsoft SQL Server,

MariaDB,

Oracle.
It is advisable to use a MySQL database server. Even if the core of Moodle is compatible with Microsoft SQL
Server, this is not the case for all the plugins developed by the Moodle community. This is the reason why
we will opt to use a MySQL database server in our test lab environment.
Setting up the database server
To setup the database server, proceed with the following steps:
1.
33
Log onto the MySQL server using the SSH client of your choosing (for example PuTTY):

Host name: m2o-contoso123svc.cloudapp.net

Port: 59337
Moodle + Office 365: Better together
2.
3.
Enter the following user name and password when invited to do so by the server:

User name: "moodleadmin"

Password: "Contoso123! "
Switch to super user (root) mode.
moodleadmin@m2o-mysql:~$ sudo –s
4.
Update the packages of the Linux distribution.
root@m2o-mysql:~$ apt-get update
5.
Install the MySQL server.
root@m2o-mysql:~$ apt-get install mysql-server
6.
34
Enter the administrator password of the database server, for example "Contoso123!" in our
illustration and press ENTER.
Moodle + Office 365: Better together
7.
Confirm the administrator password of the database server, for example "Contoso123!" in our
illustration and press ENTER.
Configuring the database server
To configure the database server, proceed with the following steps:
1.
From the previous SSH connection, log onto the database server as the administrator.
root@m2o-mysql:~$ mysql -uroot -p
2.
Type the password, for example “Contoso123!" in our illustration.
Enter password:
3.
Log onto the MySQL database.
mysql> connect mysql;
4.
Authorize the Moodle server to connect to the MySQL database.
mysql> CREATE USER 'moodleadmin'@'10.0.1.4' IDENTIFIED BY 'moodleazure';
mysql> GRANT ALL PRIVILEGES ON * . * TO 'moodleadmin'@’10.0.1.4' IDENTIFIED BY 'moodleazure' WITH GRANT OPTION
MAX_QUERIES_PER_HOUR 0 MAX_CONNECTIONS_PER_HOUR 0 MAX_UPDATES_PER_HOUR 0 MAX_USER_CONNECTIONS 0 ;
Note
moodleadmin is the username of the virtual machine hosting the Moodle server. 10.0.1.4 is the
public IP address of the virtual machine hosting the Moodle server. moodleazure is the password that the Moodle
server uses to log onto the MySQL database.
5.
Update the access privileges to the database to apply the recent changes.
mysql> FLUSH PRIVILEGES ;
6.
Quit the MySQL database.
mysql> quit ;
35
Moodle + Office 365: Better together
Opening the MySQL server on the virtual network
Since the MySQL server is installed in packages, by default, it is configured as local. Consequently, it must
be made accessible from the virtual network between the two virtual machines.
Proceed with the following steps:
1.
Still working from the same SSH connection, edit the MySQL database configuration file.
root@m2o-mysql:~$ vi /etc/mysql/my.cnf
2.
Find the line bind-address and replace the value 127.0.0.1 with 10.0.2.4 to open the MySQL
database on the virtual network.
bind-address= 10.0.2.4
Note
3.
10.0.2.4 is the public IP address of the virtual machine hosting the MySQL server.
Restart the database to apply the new configuration.
root@m2o-mysql:~$ service mysql restart
Note
The following command can be executed on the Moodle server to check that the MySQL can be
accessed from the Moodle server by the user moodleadmin we configured in step 4. If everything is functioning
correctly, we can enter the password moodleazure to access the mysql> invite.
root@m2o-moodle:~$ mysql –hm2o-mysql –umoodleadmin p
Pointing the domain name o2m.contoso123.fr to the Moodle
server
The virtual hosting service (or vhost) should be activated on the Moodle server in order to point the domain
name o2m.contoso123.fr to the Moodle server. Virtual hosting can also address several instances of Moodle
hosted on a shared Apache HTTP server (e.g., a production instance of Moodle and a qualification instance
of Moodle).
If you have logged off the Moodle server, log on again by repeating steps 1 to 3 in section § SETTING UP THE
APACHE HTTP server.
36
Moodle + Office 365: Better together
4.
Activate the virtual hosting service on the Apache HTTP server.
root@m2o-moodle:~$ cd /etc/apache2/mods-enabled
root@m2o-moodle:/etc/apache2/mods-enabled$ ln -s ../mods-available/vhost_alias.load
Note
The command ln creates a symbolic link (-s) with the target file vhost_alias.load in the current
directory. To deactivate the hosting service, simply delete the symbolic link. In this way, the target file is not deleted
and can be used again to reactivate the service.
5.
Restart the Apache HTTP server.
root@m2o-moodle:~$ service apache2 restart
6.
Create a virtual hosting configuration file for Moodle.
Note
Use the default virtual hosting configuration file as a starting point.
root@m2o-moodle:~$ cd /etc/apache2/sites-available
root@m2o-moodle:/etc/apache2/sites-available$ cp 000-default.vhost 030-moodle27.conf
root@m2o-moodle:/etc/apache2/sites-available$ vi 030-moodle27.conf
7.
Add the name of the server above the line ServerAdmin webmaster@localhost.
ServerName o2m.contoso123.fr
8.
Replace the default root directory with /var/www/moodle27.
DocumentRoot /var/www/moodle27
9.
Add a permanent HTTP redirection in order to force the HTTPS connection on all the pages of the
platform.
Redirect Permanent / https://o2m.contoso123.fr/
37
Moodle + Office 365: Better together
10. Add the following lines after the root file in order to configure access control.
<Directory /var/www/moodle27>
Options -Indexes +FollowSymLinks +Multiviews
AllowOverride None
Allow from all
</Directory>
Note
The -Indexes option prevents the list of files from being displayed. The +FollowSymLinks option
allows symbolic links to the followed. The +Multiviews option authorizes file variants (for example, in the event
of multiple languages). It is optional. The AllowOverride None directive prevents access rights from being
overridden using .htaccess files. It is very important to deactivate this directive in order to protect the security of
a Moodle platform. Finally, the Allow from all directive allows users to access the platform from the web.
11. Edit the log files as shown below in order to reflect the virtual hosting instance.
ErrorLog ${APACHE_LOG_DIR}/error_moodle27.log
CustomLog ${APACHE_LOG_DIR}/access_moodle27.log combined
12. Save the changes and exit the text editor.
:wq
38
Moodle + Office 365: Better together
13. Activate the new configuration.
root@m2o-moodle:~$ cd /etc/apache2/sites-enabled
root@m2o-moodle:/etc/apache2/sites-enabled$ ln -s ../sites-available/030-moodle27.conf
Note
The .conf file extension is essential for the configuration to be properly applied.
Installing the SSL/TLS certificate
To install the SSL/TLS certificate, proceed with the following steps:
1.
From the same SSH connection, activate the SSL/TLS service on the Apache HTTP server.
root@m2o-moodle:/etc/apache2/sites-enabled$ cd /etc/apache2/mods-enabled
root@m2o-moodle:/etc/apache2/mods-enabled$ ln -s ../mods-available/ssl.load
root@m2o-moodle:/etc/apache2/mods-enabled$ ln -s ../mods-available/ssl.conf
root@m2o-moodle:/etc/apache2/mods-enabled$ ln -s ../mods-available/socache_shmcb.load
2.
Create an SSL virtual hosting configuration file.
root@m2o-moodle:/etc/apache2/mods-enabled$ cd /etc/apache/sites-available
root@m2o-moodle:/etc/apache2/sites-available$ cp 030-moodle27.conf 030-moodle27-ssl.conf
root@m2o-moodle:/etc/apache2/sites-available$ vi 030-moodle27-ssl.conf
Note
3.
Use the virtual hosting configuration file that we have just created as a starting point.
Edit the first line as shown below so that the virtual hosting functions in HTTPS.
<VirtualHost *:443>
Note
4.
443 is the HTTPS port.
Edit the log files as shown below in order to reflect the SSL virtual hosting instance.
ErrorLog ${APACHE_LOG_DIR}/error_moodle27-ssl.log
CustomLog ${APACHE_LOG_DIR}/access_moodle27-ssl.log combined
5.
Add the lines before the </VirtualHost> tag.
SSLEngine on
SSLCertificateFile /home/moodleadmin/star_contoso123_fr.crt
SSLCertificateKeyFile /home/moodleadmin/star_contoso123_fr.key
SSLCertificateChainFile /home/moodleadmin/DigiCertCA.crt
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
BrowserMatch "MSIE [2-6]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
Note
star_contoso123_fr.crt is the wildcard SSL/TLS certificate of the domain *.contoso123.fr,
star_contoso123_fr.key is the private key and DigiCertCA.crt is the associated SSL/TLS chain certificate.
Note
For more information about the added SSL/TLS parameters, see the comments in the default SSL
configuration file default-ssl.conf in the same directory.
39
Moodle + Office 365: Better together
6.
Save the change and exit the text editor.
7.
Activate the new configuration.
:wq
root@m2o-moodle:/etc/apache2/sites-available$ cd /etc/apache2/sites-enabled
root@m2o-moodle:/etc/apache2/sites-enabled$ ln -s ../sites-available/030-moodle27-ssl.conf
8.
Restart the Apache HTTP server to activate the SSL service and to apply the new configuration.
root@m2o-mysql:/etc/apache2/sites-enabled$ service apache2 restart
9.
Run an Apache configuration test to check that the configuration files are OK.
root@m2o-moodle:/etc/apache2/sites-enabled$ apachectl configtest
Note
If everything is OK, the command returns Syntax OK.
Opening the rights on the Moodle configuration files
To open the rights on the Moodle configuration files, proceed with the following steps.
1.
Whilst still working from the same SSH connection, authorize the editing of the Moodle
configuration files so that the platform can be installed from the web.
root@m2o-moodle:/etc/apache2/sites-enabled$ cd /var/www
root@m2o-moodle:/var/www$ chmod o+w moodle27
Note
For security reasons, remember to cancel this write authorization, once the platform has been
installed from the web.
2.
Apply a write authorization to the plugin directories, so that the plugins can be installed.
root@m2o-moodle:/var/www$ cd /var/www/moodle27
root@m2o-moodle:/var/www/moodle27$ chown www-data:www-data mod
root@m2o-moodle:/var/www/moodle27$ chown www-data:www-data blocks
root@m2o-moodle:/var/www/moodle27$ chown www-data:www-data auth
root@m2o-moodle:/var/www/moodle27$ chown www-data:www-data filter
root@m2o-moodle:/var/www/moodle27$ chown www-data:www-data user/profile/field
root@m2o-moodle:/var/www/moodle27$ chown www-data:www-data local
root@m2o-moodle:/var/www/moodle27$ chown www-data:www-data mod/assign/submission
root@m2o-moodle:/var/www/moodle27$ chown www-data:www-data mod/assign/feedback
root@m2o-moodle:/var/www/moodle27$ chown www-data:www-data repository
root@m2o-moodle:/var/www/moodle27$ chmod g+w mod blocks auth user/profile/field local mod/assign/submission
mod/assign/feedback repository filter
Note
This operation is necessary for each type of plugin to be installed. In this case, the write authorization is only
applied in the plugin directories corresponding to the types of plugins that we intend to install in our demonstration.
40
Moodle + Office 365: Better together
Setting up and configuring Moodle from the web
At this point of the installation of the test lab environment, make sure that the DNS record of the domain
name o2m.contoso123.fr points to the Moodle server. If this is the case, you can continue. If not, repeat
the previous steps.
Setting up Moodle from the web
Proceed as follows to install Moodle from the web:
1.
Go to https://o2m.contoso123.fr.
2.
Select English (en) – or the language of your choice-, and then click Next.
3.
Type "/var/moodledata/moodle27" in Data directory, and then click Next.
4.
Select Enhanced MySQL (native, mysqli) in Type, and then click Next.
5.
Enter:
a.
"m2o-mysql" in Database server,
b. "moodle27" in Database name,
c.
"moodleadmin" in Database user,
d. "moodleazure" in Database password,
e.
6.
"3306" in Database port.
Click Next.
Note
Keep the default value mdl_ in the Tables prefix field.
Note
3306 is the default port of the MySQL database.
7.
Read the conditions of use of Moodle, and then click Continue. Moodle then checks the
prerequisites for the installation. Every status must be OK in order to continue.
8.
Click Continue. Moodle is then installed component by component. This may take a few minutes.
9.
Once all the components have been installed, click Continue.
Creating the administrator account of the Moodle platform
At this point of the installation, we are going to create the administrator account of the Moodle platform.
Proceed with the following steps:
1.
In the Installation dialog, fill in at least the empty compulsory fields of the administrator profile,
i.e. New password ("CustomAdminPassword") and email address ("[email protected]").
Note
You can also personalize the other fields of the platform administrator profile on this page. These
settings can be changed at a later date.
2.
41
Click Save profile.
Moodle + Office 365: Better together
Configuring the front page
We are now going to configure the Moodle front page.
Proceed with the following steps:
1.
In New settings – Settings for the next front page, enter at least the compulsory empty fields of
the home page, i.e. the Complete site name ("Contoso University" in our illustration) and the
Abbreviated site name ("Contoso University").
Note
2.
These settings can be changed at a later time.
Click Save changes.
The setup of a standard Moodle platform is now complete at this stage.
You are redirected to the platform's home page.
Locking the Moodle configuration files
On the Moodle server, you must now protect the Moodle configuration files against being modified from
the Moodle web for security reasons.
If you have logged off the Moodle server, log on again by repeating steps
APACHE HTTP
server.
Enter the following commands from the SSH console:
root@m2o-moodle:~$ cd /var/www
root@m2o-moodle:/var/www$ chmod o-w moodle27
42
Moodle + Office 365: Better together
1 à 3 in section § SETTING UP THE
Setting up the Microsoft resources for Moodle
The integration between Office 365 and Moodle is based on two sets of Microsoft plugins for Moodle.

Office 365 integration plugins. This set of six plugins integrates Moodle with Word Online,
OneDrive for Business, the Outlook calendar and other functionality, such as Office Mix. This set of
plugins uses the Azure AD directory to provide a single sign-on (SSO) service with Office 365.

Microsoft Services plugins. This set of seven plugins completely integrates Moodle and OneNote
to improve the management of assignments, submissions to assignments for the students and the
teachers' comments on the assignments submitted.
Note
INTRODUCING ONENOTE CLASS NOTEBOOKS—A FLEXIBLE
describes the use of digital OneNote notebooks for teaching.
DIGITAL FRAMEWORK FOR TEACHING AND LEARNING48
There are several methods to install the Moodle plugins:

From the directory of Moodle plugins (i.e., from Moodle.org),

From a ZIP file,

From a FTP client,

Directly on the Moodle server.
The first method is the preferred one since it guarantees to have the latest version of the plugin that is
compatible with the version of Moodle that we have installed.
This method however requires to freely register on the Moodle.org site. We will use this method to install
our test lab environment.
Creating a free account on Moodle.org
To create a free account on Moodle.org, proceed with the following steps.
1.
Open a browsing session and navigate to https://moodle.org/?lang=us.
Note
48
The Moodle.org site is based on Moodle.
Introducing OneNote Class Notebooks—a flexible digital framework for teaching and learning.
43
Moodle + Office 365: Better together
44
2.
Click Log in in the top right of the screen.
3.
Click Create new account.
Moodle + Office 365: Better together
4.
Complete at least the mandatory fields: Username, Password, Email address, Email (again), First
name and Last name, and answer the security question.
5.
Click Create new account.
Note
A request for confirmation of the registration is sent to the email address entered in the form. Click
on the link in this email address to activate the account.
Setting up the plugins from the Moodle plugins directory
Now that the Moodle.org account is active, we can install the Moodle plugins.
Proceed with the following steps:
45
1.
Log onto the site https://moodle.org using the username and the password defined in the previous
section.
2.
Navigate to the Moodle platform https://o2m.contoso123.fr and, if necessary, sign-in with the
administrator account again by clicking Log in in the top right of the screen.
3.
Under ADMINISTRATION on the left pane, click Site administration, plugins, and then Installer
plugins.
Moodle + Office 365: Better together
46
4.
Click Install plugins from the Moodle plugins directory. You should then be redirected to the
Moodle.org site.
5.
Click Log in.
Moodle + Office 365: Better together
6.
Log in using the username and the password defined in the previous section.
Note
This step establishes the link between the Moodle platform o2m.contoso123.fr and the Moodle.org
account that we have just created.
7.
47
Enter Office 365 in the search field and click Search plugins.
Moodle + Office 365: Better together
48
8.
Click the plugin OpenIDConnect.
9.
Click Install now.
Moodle + Office 365: Better together
10. Click Install now on the line Université Contoso.
11. Click Continue. Moodle checks the plugin before installing it. All the tests must be OK in order to
continue.
12. Click Install plugin.
13. Repeat the steps 8 to 12 for the 12 other Microsoft plugins.
Microsoft Office 365 Integration (local_o365)
Office 365 Integration (local_office365)
Office365 Connection (profilefield_o365)
OneDrive for Business (repository_office365)
OpenIDConnect Management (profilefield_oidc)
Microsoft Account (local_msaccount)
Microsoft OneNote (local_onenote)
Microsoft OneNote (repository_onenote)
Microsoft Services (local_microsoftservices)
OneNote block (block_onenote)
OneNote Feedback (assignfeedback_onenote)
OneNote submissions (assignsubmission_onenote)
oEmbed Filter (filter_oembed)
Note
For more information about the role of each one of the plugins listed above, see APPENDIX A MICROSOFT
PLUGINS.
49
Moodle + Office 365: Better together
Note
All these plugins are accessible from the results49 that is made in step 7, apart from the oEmbed
Filter plugin, for which a new search must be run50. In step 8, it is possible to open the download page of each
plugin in a new tab to make the installation of the plugins easier.
Note
by others.
The database cannot be updated before installing all the plugins because some of them are required
14. Once the last plugin has been installed, click Update the database now.
15. Once all the updates have been completed, click Continue.
Moodle displays the list of the newly available settings, following the installation of the new
plugins. There is no need to apply these settings at this point.
Navigate to https://o2m.contoso123.fr to return to the home page of the Moodle platform and ignore
these settings for the time being.
Starting cron on the HTTP server
cron is a program that automatically executes scripts or commands, on a given date and at a given time
specified in advance. Moodle uses cron to schedule its maintenance operations.
To start cron, proceed with the following steps:
1.
If you have logged off the Moodle server, log on again by repeating steps 1 to 3 in section § SETTING
UP THE APACHE HTTP server.
2.
Edit the cron configuration file.
root@m2o-moodle:~$ crontab -e
3.
Select the vim text editor.
4.
Add the following line at the end of the file.
*/10 * * * * /usr/bin/wget -q -O /dev/null https://o2m.contoso123.fr/admin/cron.php
The results of the Office 365 query on Moodle.org:
https://moodle.org/plugins/search.php?s=Office+365&search=Search+plugins
50
OEMBED FILTER: https://moodle.org/plugins/view/filter_oembed
49
50
Moodle + Office 365: Better together
Note
5.
This command executes the Moodle cron PHP script every 10 minutes.
Save changes and exit the text editor.
:wq
51
Moodle + Office 365: Better together
Setting up and configuring the Office 365
services on Moodle
The Office 365 services complete the Moodle learning platform by increasing the productivity of students
and teachers.
The set of Office 365 integration plugins completely enables an integration path with Word Online,
OneDrive for Business, OneNote and the Outlook calendar, as we have already mentioned.
This section discusses their implementation in our test lab environment.
Note
For more information, see the corresponding Moodle documentation51.
Configuring the plugins
The first step consists in activating and configuring the OpenID Connect authentication plugin that allows
for single sign-on between the Office 365 platform and Moodle.
Log onto Moodle as the platform administrator, and proceed with the following steps.
51
1.
Go to Site administration  Plugins  Authentication.
2.
Click Manage authentication.
3.
Locate the OpenID Connect authentication plugin and click on the "eye" to activate it.
4.
Click on Settings. The OpenID Connect page opens.
OFFICE 365: https://docs.moodle.org/27/en/Office365
52
Moodle + Office 365: Better together
5.
Complete the fields:
a.
In Provider Name, enter a name that can be used to select an authentication provider.
This is usually the name of the organization. For example in our illustration, enter
"Contoso123”.
b. In Auth Endpoint, enter "https://login.windows.net/common/oauth2/authorize".
c.
In Token Endpoint, enter "https://login.windows.net/common/oauth2/token".
d. In Redirect URI, enter the address of your Moodle site followed by /auth/oidc, for
example in our illustration "https://o2m.contoso123.fr/auth/oidc/".
6.
Click Save changes.
7.
Leave the OpenID Connect page open. We will return to it later.
Configuring the Office 365 single sign-on
To enable Moodle to authenticate Office 365 identities, you have to configure the Azure AD directory used
by your Office 365 subscription so that it authorizes your Moodle application to use the identities declared
in it.
The Azure management portal allows you to manage your Azure Active Directory. To begin with, we are
going to link the Azure AD directory used by the Office 365 tenant with the Azure subscription that contains
the Moodle environment. This will enable you to manage all the Azure resources from a single portal.
Proceed with the following steps:
1.
In a new tab in the browser, navigate to the Microsoft Azure management portal at
https://manage.windowsazure.com and sign-in.
2.
Click "+" and select: APPLICATION SERVICES  ACTIVE DIRECTORY  DIRECTORY  CUSTOM
CREATE
The Add directory dialog opens up.
53
Moodle + Office 365: Better together
54
3.
Select Use existing directory.
4.
Check I am ready to log off.
5.
Authenticate yourself with an Office 365 account.
6.
Click Continue.
Moodle + Office 365: Better together
7.
Log off, then log on again with your Azure account.
Registering an application in the Azure portal
The next step in the configuration of single sign-on (SSO) between Moodle and Office 365 consists in
registering the Moodle application in the Azure AD directory, so that it can be granted certain privileges.
To register the Moodle application, proceed with the following steps:
1.
If you are not already logged
https://manage.windowsazure.com.
onto
the
Microsoft
2.
Select ACTIVE DIRECTORY on the left pane and select your Azure AD directory.
3.
In the top menu, click APPLICATIONS. If no applications have been installed yet, this page only
displays the Add an application link. Click this link or ADD at the bottom of the tray.
The What do you want to do? dialog box opens.
4.
55
Click Add an application my organization is developing.
Moodle + Office 365: Better together
Azure
portal,
log
on
at
5.
On the Tell us about your application page, specify a name for your application, for example
“O2m.Contoso123” in our illustration. Leave WEB APPLICATION WEB AND/OR WEB API selected
for the type, and then click the arrow icon in the bottom right.
1.
On the App properties page, specify:
a.
In SIGN-ON URL the redirection address of your Moodle instance previously configured
for the OpenID Connect protocol, for example “https://o2m.contoso123.fr/auth/oidc/” in
our illustration.
b. In APP ID URI the main address of your Moodle
“https://o2m.contoso123.fr” in our illustration.
2.
instance, for example
Click the check mark icon in the bottom right, and then click OK.
Configuring the application that provides identities to Moodle
Once the application has been added, you simply need to perform a few configuration steps to allow
Moodle to use the Azure AD/Office 365 identities.
Proceed with the following steps:
1.
56
In the Microsoft Azure management portal, select the Moodle application that you have just
created.
Moodle + Office 365: Better together
57
2.
Click CONFIGURE and scroll down to Client ID.
3.
Copy the value of the field. You will need it to finalize the configuration of the OpenID Connect
plugin in Moodle. This will correspond to an eponym field.
4.
Scroll down to keys.
5.
In Keys, select 1 year for the duration.
6.
A new key is created.
Moodle + Office 365: Better together
Click SAVE at the bottom of the tray to save the newly created key.
58
1.
Copy the value of the key. You will need it to finalize the configuration of the OpenID Connect
plugin in Moodle. This will correspond to a Client Secret field.
7.
Back in the OpenID Connect configuration page of your Moodle instance, copy the above values
to the related target Client ID and Client Secret fields.
2.
Click Save changes.
3.
Back in the Microsoft Azure management portal, in the above Moodle configuration page, scroll
down to permissions to other applications.
Moodle + Office 365: Better together
4.
Click Add application. A Permissions to other applications opens up.
5.
Click the "+" on the right of both Office 365 Exchange Online and Office 365 SharePoint Online.
6.
Click the check mark icon at the bottom right to close the dialog.
7.
Click Delegated Permissions next to Office 365 Exchange Online, and then select:
a.
Read and write users calendars
b. Read users calendars
59
Moodle + Office 365: Better together
8.
Likewise, click Delegated Permissions next to Office 365 SharePoint Online, and then select:
a.
Read and write user files
b. Read user files
c.
Have full control of all site collections
d. Read and write items and lists in all sites collections
9.
e.
Read and write items in all site collections
f.
Read items in all site collections
Click Application Permissions next to Windows Azure Active Directory, and then select:
a.
Read directory data
10. Finally, click Delegated Permissions next to Windows Azure Active Directory, and then select:
a.
Read directory data
b. Enable sign-on and read users’ profiles
c.
60
Access your organization’s directory
Moodle + Office 365: Better together
11. Click SAVE at the bottom of the tray.
Adding a user to the application
Once the Moodle application has been configured in Azure AD, you must then assign users to it so that
Azure AD can allow them an access.
Proceed with the following steps:
1.
Still in the Moodle application page in the Azure management portal, click USERS.
2.
In USERS, select the Office 365 user(s) who should be able to access this application, namely in our
illustration, the test users Teacher Martin, Student 1, Student 2 and Student 3 created earlier in
this document, see section § CREATING THE TEST USERS.
3.
Click ASSIGN at the bottom of the tray.
4.
Click YES to confirm.
Integrating with Microsoft Office 365
Proceed with the following steps:
61
1.
In Moodle, go to the ADMINISTRATION  Plugins  Local plugins page.
2.
Click Microsoft Office 365 Integration.
Moodle + Office 365: Better together
3.
Click Set User of the System API User option.
4.
Enter an Office 365 administrator type user. It is preferable to use a specific account for this
purpose. In our illustration, we have already created an Office 365 administrator account called
[email protected].
5.
Check Sync users from Azure AD to synchronize the Azure AD users with the Moodle instance.
6.
For the Application Permissions part, click Update to check that the permissions have been
correctly set on Azure AD.
7.
In AAD Tenant, enter the default domain of the subscription. For example, if the subscription is
contoso123.onmicrosoft.com, enter "contoso123.onmicrosoft.com".
8.
In OneDrive for Business URL, enter the complete qualified DNS name (FQDN) of the OneDrive
for Business spaces. If the SharePoint Online tenant is contoso123.sharepoint.com, like in our
illustration, enter "contoso123-my.sharepoint.com".
9.
Click Save changes.
10. In SharePoint Link, enter the complete address of the SharePoint site you want to use for Moodle.
For example, if the main SharePoint site collection is nfr123.sharepoint.com, like in our example,
enter "https://nfr123.sharepoint.com/moodle".
62
Moodle + Office 365: Better together
11. If the site does not exist in the target SharePoint Online environment, Moodle will create the site
automatically. To do this, your "System API" account that was configured in section § CREATING THE
SO-CALLED "SYSTEM API" ACCOUNT must be the administrator of the parent site or of the target site
collection.
12. Once Moodle has finished creating the site in SharePoint, the element in the Moodle configuration
page turns green. The integration of the Office 365 plugins is now complete.
13. Click Save changes.
Integrating with OneNote
The set of Microsoft Services plugins enable a complete integration between Moodle and OneNote in order
to improve the management of assignments, submissions to assignments for the students’ and the
teachers' comments on the assignments submitted.
This section looks at their implementation in our Azure-based test lab environment.
Note
For more information, see the corresponding Moodle documentation52.
Proceed with the following steps for the OneNote integration:
52
1.
Go to the Moodle administration site and click Site administration  Plugins  Activity module
 OneNote submission.
2.
Check Enable by default.
3.
In OneNote page size, select Taille limite de dépôt Site (80 Mo).
4.
Click Save changes.
5.
Go to the Moodle administration site and click Site administration  Plugins  Activity module
 Assignments  Feedback plugins  OneNote feedback.
6.
Tick Enable by default.
MICROSOFT SERVICES: https://docs.moodle.org/27/en/MicrosoftServices#Introduction
63
Moodle + Office 365: Better together
7.
Click Save changes.
8.
Open a new tab on your browser, go to https://login.live.com and sign in with you Microsoft
account.
9.
Navigate to the site https://account.live.com/developers/applications/create
10. In Application name, type a name to identify the Moodle site, for example "Moodle" in our
illustration.
11. Select a language, for example English (United States) in our illustration.
12. Click I accept.
13. Under Settings on the left, select API settings.
64
Moodle + Office 365: Better together
14. Check No under Mobile or desktop client application.
15. Check Yes under Restrict JWT issuing.
16. Specify the root domain, for example "o2m.contoso123.fr" in our illustration.
17. Specify the redirection address, which is "http://o2m.contoso123.fr/admin/oauth2callback.php" in
our illustration.
18. Click Save.
19. Under Settings on the left, now select App Settings.
20. Copy the value Client ID and Client secret (v1). This should sound somehow familiar. You will
unsurprisingly need these values to finalize the configuration of the Microsoft Account plugin.
21. Navigate to the Moodle administration site and click Site administration  Plugins  Local
plugins  Microsoft Account.
65
Moodle + Office 365: Better together
22. Paste the information that you’ve just copied in the corresponding fields.
23. Click Save changes.
At the end of this step, the installation, configuration and integration with Office 365 have been
completed.
66
Moodle + Office 365: Better together
Illustrating the user experience
Signing in to Office 365
The easiest way to connect to Office 365 is to use the Office 365 user portal.
Proceed with the following steps:
67
1.
Open a browsing session and navigate to the Office 365 user portal at https://portal.office.com:
2.
Sign in with the credentials, i.e. e-mail address and password, of one of the previously created test
users.
3.
Once authenticated, you’re redirected to the home page of the portal, which shows all the available
Office 365 applications.
Moodle + Office 365: Better together
68
4.
Click the apps launcher in the upper left corner of the page.
5.
Click My apps to access other applications assigned to you. Since you have completed at this stage
the integration of the Moodle environment with your Office 365 subscription, the latter appears in
the list of the available applications that you can access, if you have signed in with one of the test
user.
6.
The Contoso University app can be pinned in the app launcher for quick access to Moodle from
Office 365. Right-click Contoso University, and then select Pin to app launcher.
Moodle + Office 365: Better together
Signing in into Moodle
Interestingly, you can alternatively sign-in into Moodle directly by using one of the Office 365 test accounts
created earlier in this document, and all of this without having to navigate first through the Office 365
portal.
Proceed with the following steps:
69
1.
Open a browsing session and navigate to the Moodle site, for example https://o2m.contoso123.fr
in our configuration.
2.
Click Log in in the upper right corner.
1.
Click Log in in the upper right corner.
Moodle + Office 365: Better together
2.
3.
Under Log in using your account in, click Office 365. You should now be automatically
redirected to the Azure AD portal.
Enter your Office 365 credentials, and then click Sign in. Once authenticated, you are redirected
towards the Moodle site, while being connected to it.
Configuring the synchronization of the Moodle calendar with
Office 365
The synchronization of the Moodle calendar is not configured by default and is left to the user's initiative.
To synchronize, log into Moodle with a user account. Proceed as follows:
1.
70
In Moodle, navigate to View profile.
Moodle + Office 365: Better together
2.
On the Office 365 Connection line, click Manage.
3.
At the bottom, click Outlook Calendar Sync.
4.
Check the various types of calendar to be synchronized, then click on Save to complete the
configuration.
Once the synchronization has been activated, all the new events assigned to this user will be automatically
sent to their Office 365 calendar.
71
Moodle + Office 365: Better together
Going further
We wanted this paper to be readily usable by readers - for tests and experiments - and to show how to
facilitate the rapid extension of the Moodle services with Office 365.
In this document, we decided to execute Moodle on virtual machines hosted in Microsoft Azure. Such an
approach allows to rapidly and smoothly create a test lab environment that is suited to the needs of
tests/fine-tuning, and that can be quickly and dynamically resized for production purposes and changes of
scale.
With the virtual machines and all the features that relates to a IaaS platform, we’ve only scratch the surface
in terms of services that Microsoft Azure can provide to sustain your need. We’ve shortly mentioned earlier
in this document some of the PaaS, such as web applications53 or managed databases54. These services
optimize the services provided by your Moodle solution, allowing you to focus on the content of the
teaching platform and the corresponding services. The whitepaper ENABLING HYBRID CLOUD TODAY WITH
MICROSOFT TECHNOLOGIES55 depicts some augmentations that may make sense in your own environment.
For more information on the additional capacities of Microsoft Azure, or for any questions about this paper,
Moodle, Azure or Office 365, please contact us.
Thank you for reading this paper.
See you soon!
AZURE APP SERVICE – WEB APPS: http://azure.microsoft.com/en-us/services/app-service/web/
Azure SQL Database: http://azure.microsoft.com/en-us/services/sql-database/
55
ENABLING HYBRID CLOUD TODAY WITH MICROSOFT TECHNOLOGIES: http://www.microsoft.com/en-us/download/details.aspx?id=39052
53
54
72
Moodle + Office 365: Better together
Appendix A Microsoft plugins for Moodle
Microsoft Office 365 plugins
This is a Shell plugin that functions using dependencies with all the other Office 365 plugins. It helps to
maintain the consistency with the other plugins.

OpenID Connect (https://moodle.org/plugins/view/auth_oidc). The OpenID Connect plugin
delivers the single sign-in (SSO) functionality using configurable identity providers.

Microsoft Office 365 Integration (https://moodle.org/plugins/view/local_o365). This plugin
provides the libraries and services that feed the other Office 365 plugins. As well as implementing
the Office 365 APIs, this plugin also handles a broad variety of Moodle events in order to fully
integrate Office 365 in a Moodle environment.

OneDrive for Business (https://moodle.org/plugins/view/repository_office365). This plugin
provides access to OneDrive for Business as a data repository. It can also access SharePoint sites
configured by local_o365 for each Moodle course, which can be used by teachers as a shared data
repository.

Office 365 Connection (https://moodle.org/plugins/view/profilefield_o365). This plug establishes
a link with the user profiles in order to access the Office 365 management functions.

OpenIDConnect Management (https://moodle.org/plugins/view/auth_oidc). This plug
establishes a link with the user profiles in order to access the OpenID Connect management
functions.

oEmbed Filter (https://moodle.org/plugins/view/filter_oembed). The hyperlinks of the oEmbed
protocol that point to the supported sites are replaced by an embedded version. This filter directs
students to videos on external sites without exiting Moodle and prevents them from being
distracted by other content. The following sites are currently supported: YouTube*, Vimeo*, Ted*,
SlideShare, Screenr, Issuu, Poll Everywhere, Soundcloud and Microsoft Mix
*Also supports optional "lazy" downloads. With these sites, a thumbnail of the video is displayed, which is immediately
replaced by the video itself when the user clicks on it. This shortens the time taken to download and reduces
consumption of network bandwidth.
Microsoft Services plugins
All the Microsoft Services plugins depend on this Shell plugin. It is used to maintain all the other plugins.
73

Microsoft OneNote Block (https://moodle.org/plugins/view/block_onenote). This plugin provides
a container for the Microsoft account sign-in button and the action buttons used with Microsoft
OneNote.

Microsoft Account API Local Plugin (https://moodle.org/plugins/view/local_msaccount). This
plugin provides a simple client API for authentications based on OAuth2 and to manage access
tokens for the Microsoft accounts. It also provides help functions that allow calls to the REST APIs
using the Microsoft account.

Microsoft OneNote Online API Local Plugin (https://moodle.org/plugins/view/local_onenote).
This plugin provides a client API that is common with the other Microsoft plugins so that Moodle
users can use Microsoft OneNote Online. This includes operations such as browsing the notebooks,
sections and pages. Students can submit their assignments in OneNote and the teachers can
Moodle + Office 365: Better together
respond by sending their feedback on the assignments. It uses the Microsoft Account local plugin
for authentication and the OneNote Online REST API.

Microsoft
OneNote
Assignment
Feedback
Plugin
(https://moodle.org/plugins/view/assignfeedback_onenote). This plugin allows teachers to grade
assignments and comment on the assignments submitted by students using OneNote. It includes
a view of a student's assignments in OneNote, the creation of the corresponding OneNote page
with the comments on the submitted assignment, saving the comments in OneNote in Moodle in
the form of a zipped file containing the HTML and any images contained in the submitted
assignment and the recreation of the OneNote page from the zipped file in Moodle, if necessary.

Microsoft
OneNote
Assignment
Submission
Plugin
(https://moodle.org/plugins/view/assignsubmission_onenote). This plugin provides the
functionality specific to a student working on an assignment in OneNote. It includes the creation
of a OneNote page corresponding to the assignment, saving the student's work in OneNote in
Moodle in the form of a zipped file containing the HTML and any images contained in the
assignment and the recreation of the OneNote page from the zipped file in Moodle, if necessary.
It uses the Microsoft OneNote API Local plugin to perform certain operations.

Microsoft OneNote Repository Plugin (https://moodle.org/plugins/view/repository_onenote).
This plugin allows users to browse the content in OneNote Online, such as the notebooks, sections
and pages using the Moodle file picker UI. It also allows them to download the content onto their
own OneNote page. It uses the Microsoft OneNote API Local plugin to perform certain operations.

oEmbed Filter (https://moodle.org/plugins/view/filter_oembed). The hyperlinks of the oEmbed
protocol that point to the supported sites are replaced by an embedded version. This filter directs
students to videos on external sites without exiting Moodle and prevents them from being
distracted by other content. The following sites are currently supported: YouTube*, Vimeo*, Ted*,
SlideShare, Screenr, Issuu, Poll Everywhere, Soundcloud and Microsoft Mix
*Also supports optional "lazy" downloads. With these sites, a thumbnail of the video is displayed, which is immediately
replaced by the video itself when the user clicks on it. This shortens the time taken to download and reduces
consumption of network bandwidth.
74
Moodle + Office 365: Better together