Send netdisco-users mailing list submissions to
[email protected]
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.sourceforge.net/lists/listinfo/netdisco-users
or, via email, send a message with subject or body 'help' to
[email protected]
You can reach the person managing the list at
[email protected]
When replying, please edit your Subject line so it is more specific
than "Re: Contents of netdisco-users digest..."
Today's Topics:
1. Re: Adding users to Netdisco via script for database
(Michael Butash)
--- Begin Message ---
Is there a reason that netdisco can't simply pass an authentication attempt
to ldap when configured, run a ldap filter match for security group CN for
RW/RO authorization, and permit as a ND role vs. needing the user added and
permissions set directly to the db persistently? Having setup ND and other
multi-user applications over the years, it's always frustrating when their
tacacs, radius, ldap, or any extensible auth implementation still requires
a user manually added first. Seems adding a group filter match to remove
the need to keep dynamic users and priv level (none, ro, rw) at all
shouldn't require too much work.
If we had to manually add a user to every router/switch for a given user
coming or going even with tacacs/radius, we'd be lining up with pitchforks
and torches as engineers at the vendors, so why that here with ND?
Sort of defeats the whole point of doing extensible AAA IMHO, or at least
only gives half the necessary function. Beggars (and non-coding types like
me) can't be choosers, but would be nice that requirement removed to
pre-add users, and sounds like others would appreciate a better
authorization and privilege level methodology as well.
-mb
On Thu, Jan 24, 2019 at 6:30 AM Oliver Gorwits <[email protected]> wrote:
> Hi Gustaf and Michael
>
> I guess we can combine the two ... load users into Netdisco's DB that are
> preconfigured for LDAP access and for various user roles.
>
> The best way right now is using direct SQL as we don't have an API
> endpoint for this or a netdisco-do subcommand (action) written.
>
> Something like:
> https://nopaste.xyz/?050395c68956a89f#f6aop4tgtlX50FdT6XnReYhkkIhQXWqBUAjrCFcNqw0=
>
> Change the true/false values to your taste.
>
> hope that helps,
>
> regards,
> oliver.
>
> On Thu, 24 Jan 2019 at 07:11, Ankarloo, Gustaf <[email protected]>
> wrote:
>
>> Why not use the LDAP integration?
>>
>> *https://github.com/netdisco/netdisco/wiki/Configuration#ldap
>> <https://github.com/netdisco/netdisco/wiki/Configuration#ldap>*
>>
>>
>>
>>
>> *Med vänlig hälsning Gustaf*
>>
>> *Gustaf Ankarloo *| Technical Specialist
>>
>> Dedicated Infrastructure Services South
>>
>> GIS Scandinavia | *CGI* Sweden
>> Grafiska vägen 22, 400 20 Göteborg | Sweden
>> T: +46 31 761 14 57| M: +46 705 67 14 57
>> [email protected] | www.cgi.se <http://www.logica.se/>
>>
>> [image: Beskrivning: x10sctmp11]
>>
>>
>> CONFIDENTIALITY NOTICE: Proprietary/Confidential Information belonging to
>> CGI Group Inc. and its affiliates may be contained in this message. If you
>> are not a recipient indicated or intended in this message (or responsible
>> for delivery of this message to such person), or you think for any reason
>> that this message may have been addressed to you in error, you may not use
>> or copy or deliver this message to anyone else. In such case, you should
>> destroy this message and are asked to notify the sender by reply e-mail.
>>
>>
>>
>> *From:* Michael Dano <[email protected]>
>> *Sent:* Wednesday, 23 January, 2019 21:29
>> *To:* [email protected]
>> *Subject:* [Netdisco] Adding users to Netdisco via script for database
>>
>>
>>
>> We are attempting to come up with a way to automatically add and remove
>> users on our Netdisco system. We currently have a script that will allow us
>> to pull a list of users from our AD system and add them as users on our
>> Ubuntu servers. We would like to modify this script to automatically add
>> users into the netdisco database to give them access based one the AD
>> groups they belong too. Our issue is we are not quite sure what tables we
>> would need to add users in. We also want to know if the same table is the
>> one that would give them user or admin access, since some IT users would
>> need different levels access.
>>
>>
>>
>> Any assistance or direction on this would be greatly appreciated.
>>
>> *Mike Dano*
>>
>> *Infrastructure Administrator, *
>>
>> *Infrastructure Security & Support*
>>
>> Baker College System
>>
>> O: 810-766-4120| M: 810-650-0947
>>
>>
>> _______________________________________________
>> Netdisco mailing list
>> [email protected]
>> https://sourceforge.net/p/netdisco/mailman/netdisco-users/
>
> _______________________________________________
> Netdisco mailing list
> [email protected]
> https://sourceforge.net/p/netdisco/mailman/netdisco-users/
--- End Message ---
_______________________________________________
Netdisco mailing list - Digest Mode
[email protected]
https://lists.sourceforge.net/lists/listinfo/netdisco-users
