Index: lams_central/src/java/org/lamsfoundation/lams/web/LoginRequestServlet.java
===================================================================
diff -u -r4a2728da7ea82a98b92d3a8b08feb6efa4023b7d -r46e53a35659cb1f224bbe4bac0be42d9825eced0
--- lams_central/src/java/org/lamsfoundation/lams/web/LoginRequestServlet.java	(.../LoginRequestServlet.java)	(revision 4a2728da7ea82a98b92d3a8b08feb6efa4023b7d)
+++ lams_central/src/java/org/lamsfoundation/lams/web/LoginRequestServlet.java	(.../LoginRequestServlet.java)	(revision 46e53a35659cb1f224bbe4bac0be42d9825eced0)
@@ -142,8 +142,8 @@
 			Organisation org = orgMap.getOrganisation();
 			IUserManagementService userManagementService = integrationService.getService();
 			UserOrganisation uo = userManagementService.getUserOrganisation(user.getUserId(), org.getOrganisationId());
-			//GROUP_MANAGER role is to enable user to see the course's workspace folder
-			Integer[] roleIds = new Integer[]{Role.ROLE_AUTHOR,Role.ROLE_GROUP_MANAGER,Role.ROLE_LEARNER};
+			// make sure external user has minimal set of roles, i.e. learner
+			Integer[] roleIds = new Integer[]{Role.ROLE_LEARNER};
 			//we have to assign all the roles to the external user here, because once the user logged in, the roles
 			//are cached in JBoss, all the calls of request.isUserInRole() will be based on the cached roles
 			Map<String, Object> properties = new HashMap<String, Object>();
Index: lams_common/src/java/org/lamsfoundation/lams/integration/service/IntegrationService.java
===================================================================
diff -u -r206cb40e4252d7fb4c26b5468d2991d9a91812e5 -r46e53a35659cb1f224bbe4bac0be42d9825eced0
--- lams_common/src/java/org/lamsfoundation/lams/integration/service/IntegrationService.java	(.../IntegrationService.java)	(revision 206cb40e4252d7fb4c26b5468d2991d9a91812e5)
+++ lams_common/src/java/org/lamsfoundation/lams/integration/service/IntegrationService.java	(.../IntegrationService.java)	(revision 46e53a35659cb1f224bbe4bac0be42d9825eced0)
@@ -111,7 +111,7 @@
 	private void addMemberships(User user, Organisation org){
 		UserOrganisation uo = new UserOrganisation(user,org);
 		service.save(uo);
-		Integer[] roles = new Integer[]{Role.ROLE_AUTHOR, Role.ROLE_MONITOR, Role.ROLE_GROUP_MANAGER, Role.ROLE_LEARNER};
+		Integer[] roles = new Integer[]{Role.ROLE_AUTHOR, Role.ROLE_MONITOR, Role.ROLE_LEARNER};
 		for(Integer roleId:roles){
 			UserOrganisationRole uor = new UserOrganisationRole(uo,(Role)service.findById(Role.class,roleId));
 			service.save(uor);
@@ -138,7 +138,7 @@
 		org.setName(buildName(serverMap.getPrefix(), extCourseId));
 		org.setCode(extCourseId);
 		org.setParentOrganisation(serverMap.getOrganisation());
-		org.setOrganisationType((OrganisationType)service.findById(OrganisationType.class,OrganisationType.COURSE_TYPE));
+		org.setOrganisationType((OrganisationType)service.findById(OrganisationType.class,OrganisationType.CLASS_TYPE));
 		org.setOrganisationState((OrganisationState)service.findById(OrganisationState.class,OrganisationState.ACTIVE));
 		org.setLocale(getLocale(countryIsoCode, langIsoCode));
 		service.saveOrganisation(org, user.getUserId());
@@ -212,6 +212,7 @@
 		map.setExtUsername(extUsername);
 		map.setUser(user);
 		service.save(map);
+		addMemberships(user, serverMap.getOrganisation());
 		return map;
 	}