5 Replies Latest reply on Dec 26, 2012 7:26 PM by Bill Robinson

    clone/copy user

      What is the simplest way to copy users (with role selections) from

      user1 to user1@DOMAIN

      user2 to user2@DOMAIN

      etc ...

       

      We are currently migrating from SRP to AD authentication and I'm looking for some smart blcli command sort of:

      blcli RBACUser CloneByName User1 User1@DOMAIN

       

      But unfortunately in released set of command there is no such.

       

      Maybe anyone has same recommendation or suggestions?

        • 1. Re: clone/copy user

          You’ll need to use a combination of the below commands to do what you want by comparing which roles the user belongs to, add the user and then all the roles to the new user.

           

          RBACRole : listAllRoleNames

          RBACUser : belongsToRole

          RBACUser : createUser

          RBACUser : setAdkAuthenticationEnabled

          RBACUser : addRole

           

          The ideal solution would be to rename the user to the AD format and disable SRP auth and enable AD auth.  But, there is no BLCLI to rename a user.  I’m sure there are unreleased BLCLI commands that do this, but they are unsupported making them something I wouldn’t want to mess with when it comes to RBAC User objects in case something went wrong.

          1 of 1 people found this helpful
          • 2. Re: clone/copy user
            Bill Robinson

            you could also try renaming the existing account...

            • 3. Re: clone/copy user

              Bill, rename? which command I should use?

              But actually I want copy of user not move user.

              • 4. Re: clone/copy user

                Tim, Yo're right.

                 

                Unfortunately I have to use script with nested loop like below:

                 

                ---------------

                 

                USERS = blcli_execute RBACUser listAllUserNames

                ROLES = blcli_execute RBACRole listAllRoleNames

                 

                 

                for user in $USERS

                do

                          blcli_execute RBACUser createUser $NEW_USER "password" "description"

                          blcli_execute RBACUser setAdkAuthenticationEnabled $NEW_USER true

                          blcli_execute RBACUser setSrpAuthenticationEnabled $NEW_USER false

                 

                          for role in $ROLES

                          do

                                    belongsToRole = blcli_execute RBACUser belongsToRole $user $role

                                    if [ ${belongsToRole} == true ]

                                    then

                                              blcli_execute RBACUser addRole $NEW_USER $role

                 

                                    fi

                          done

                done

                 

                ---------------

                • 5. Re: clone/copy user
                  Bill Robinson

                  of course you need to use a loop, you're running a command to list all the role names.

                   

                  if you want to rename a role you should be able to do something like:

                   

                  blcli_execute RBACUser findByName

                  blcli_execute Utility storeTargetObject rbacUser

                  blcli_execute RBACUser setname

                  blcli_execute RBACUser update NAMED_OBJECT=rbacUser