there is the zentyal framwork, that is event driven, but in any case i would suggest to take a top-down approach if possible.. from my perspective meaning that you create one master interface that is in controll and adding roles that comply to that structure,
for example, what would happen if in schooltool you change the suer from groep a to group b for example when %user% is a slow learner... will that also make him being in a diferent OU (with difeterent GPO's), a diferent classroom and diferent default printers.
as zentyal is all about managing a network, from samba4 and proxy ranging to email & jabber ccounts and logon hour restrictions)... creating virtical user managenment could potentially only make things more difficult...
note that im not a developer, but i would apreaciate mutch, an approach that resembles some what, how software like joomla, and wordpress are intergrated with loads of diferent user management scemes, from internal mysql based, via openID to Ldap and Kerberos...
i would really like to seccond Robb's bump, to see a discussion on how the two can work together without 'one' intefering with the other's 'work'