Re: [ovirt-users] Automated users/groups creation and updating them

[Martin Perina]

On Wed, Jun 1, 2016 at 11:54 AM, Alexis HAUSER <
alexis.hau...@telecom-bretagne.eu> wrote:

> Hi,
>
>
> I'm trying to find what are the different ways / approaches to automated
> users/groups creation, based on a LDAP/AD database.
>
> This is my first problematic : when a LDAP/AD provider is joined, and a
> user is created in ovirt from this provider, the user heritates a part of
> the attributes from this LDAP database. Now if I change one attribute on
> the LDAP side (for example "first name"), it isn't updated on the ovirt
> user.
> Would there be other way to update this information than creating /
> deleting the user ?
>

​Those informations should be updated after next login of the user. We did
synchronization in the past, but we decided not to do that any more due to
performance/sync issues.
​


>
> My second problematic is what should I use to automate creation of users.
>
> It seems possible with :
> - shell scripting : using ovirt-aaa-jdbc-tool
>

​This is usable only for users/groups in database​

​provided by aaa-jdbc extension
​

> - python SDK
> - java SDK
> - rest API
>
> Which one of these approaches would be the most simple ? I'm more familiar
> with shell scripting than other languages. That would be nice to find a way
> with it.
>
> Concerning ovirt-aaa-jdbc-tool, I've heard it was only adding/deleting
> users from the internal DB, not the others. In that case, is there a way in
> shell scripting to interact with other profiles than internal ?
>

​You can create as many aaa-jdbc profiles as needed, please take a look at
README.administrator inside aaa-jdbc package
​


>
> Is there files somewhere containing users and their informations I could
> modify ?
>
> What would happen if a user is in use and it is modified/deleted at the
> same time ?
>
> I know it makes a lot of questions, but I can't really get started before
> having those answers.
>

​We do not support modifying content of LDAP server, to do that you need to
use tools provided by your LDAP provider.

Martin Perina

​


> ___
> Users mailing list
> Users@ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

[ovirt-users] Automated users/groups creation and updating them

[Alexis HAUSER]

Hi,


I'm trying to find what are the different ways / approaches to automated 
users/groups creation, based on a LDAP/AD database.

This is my first problematic : when a LDAP/AD provider is joined, and a user is 
created in ovirt from this provider, the user heritates a part of the 
attributes from this LDAP database. Now if I change one attribute on the LDAP 
side (for example "first name"), it isn't updated on the ovirt user.
Would there be other way to update this information than creating / deleting 
the user ?

My second problematic is what should I use to automate creation of users.

It seems possible with : 
- shell scripting : using ovirt-aaa-jdbc-tool
- python SDK
- java SDK
- rest API

Which one of these approaches would be the most simple ? I'm more familiar with 
shell scripting than other languages. That would be nice to find a way with it.

Concerning ovirt-aaa-jdbc-tool, I've heard it was only adding/deleting users 
from the internal DB, not the others. In that case, is there a way in shell 
scripting to interact with other profiles than internal ?

Is there files somewhere containing users and their informations I could modify 
?

What would happen if a user is in use and it is modified/deleted at the same 
time ?

I know it makes a lot of questions, but I can't really get started before 
having those answers.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users