On 05/03/2015 03:41 PM, Todd Morgan wrote:
Hi everyone,
I'm trying to setup a new Kallithea (0.2.1) installation on
Win2k12, which is working OK using a vanilla installation as detailed
previously.
My problem is that now I need to bring on approximately 200+ users to
this system but I need to do it in the least obtrusive fashion, as
this server will be replacing an existing system.
I have all of my users stored within CROWD and also available within
LDAP. Having each of my users manually register is not a suitable
option as this is supposed to be a seamless transition. Can anyone
please advise how this may be achieved other than manually entering
all the accounts :- )
* How can I automate the process of onboarding my users?
o ie they simply login to the application (if they need to) and
it works? and/or merely continue using the old repository URL
(now moved to Kallithea) using the existing credentials and
their clones just get updated as required.
* I saw two promising settings in the admin/permissions with items for:
+ registration ' allow with automatic account activation"
+ external auth account activation 'automatic activation of
external account'
o The second seems most useful. ie I add my external
authentication mechanism - crowd for example - and anyone
contained within crowd should be able to just login to
continue working.
In my attempts I found that even though I enabled the CROWD plugin
(restarted afterwards), I was still forced to create a local account
within Kallithea and then I was still forced to input a local password
(what is the point of external authentication then??). Then when I
attempted to login it was using the local auth and not the crowd
authentication. ie the local auth was taking precedence. It could be a
PEBKAC but from the doco that I could find it looks like the accounts
are lazy loaded so the entire LDAP tree doesn't get input into
Kallithea. I am reasonably certain that the CROWD integration was
working as the account was given admin rights as it's group membership
was listed explicitly on the "admin groups" within the crowd plugin
and I didn't check it within the normal admin ui for users.
If there is means of achieving this through configuration perhaps
there's a script that can be used?
"forced to create a local account" - forced how? If you create a local
user, I expect it to use local authentication.
I don't know crowd - it is probably not widely used and there might be
bugs in the auth module. Max Roman <[email protected]> contributed a fix
half a year ago so I assume it works for him. He might be able to give
some advice.
LDAP is more widely used - you can perhaps give that a try and either
learn from it or use it. I don't know what advantages it would have to
use crowd directly instead of through ldap - you can perhaps help
improve the documentation when you know more.
/Mads
_______________________________________________
kallithea-general mailing list
[email protected]
http://lists.sfconservancy.org/mailman/listinfo/kallithea-general
