How to import LDAP Users from file

Document ID : KB000009808
Last Modified Date : 14/02/2018
Show Technical Document Details
Introduction:

CA Release Automation offers the ability to import LDAP(s) users from a file. This article goes through an example of the file used to import two users. 

Background:

The file used throughout this example has been attached. There is likely a way to successfully create this file on Linux. But this file was specifically created on a Windows 10 Workstation. The product assumes that the users defined in this file already exist in LDAP. 

 

Attachments:

Example Import File: UserImportFile.txt

Users loaded from file: UsersLoadedFromFile.png

Properties for one of the LDAP users loaded from file: UsersLdapProperties.png

Environment:
CA Release Automation 6.2.0.3057ApacheDS 2.0.0-M23
Instructions:

In order to load the file you must login to the Automation Studio Java Applet. Once this is open go to the Administration -> User Management section. From there you will see a User Management option in the drop down menu to "Load from File". Clicking on this option will describe the syntax that it expects. The content of the attached file is as follows. 

Note: Since the formatting of html may introduce non-intended characters when copying/pasting, it is not recommended to copy the content below. If you want, download the file that is attached to this article. 

DevTeam1UserLDAPmyapacheds-server10389LDAPou=ReleaseAuto,ou=DevOps,ou=Engineering,dc=ts.ca,dc=comuid=DevTeam1User,ou=ReleaseAuto,ou=DevOps,ou=Engineering,dc=ts.ca,dc=com#

SupTeam1UserLDAPmyapacheds-server10389LDAPou=ReleaseAuto,ou=DevOps,ou=TechnicalSupport,dc=ts.ca,dc=comuid=SupTeam1User,ou=ReleaseAuto,ou=DevOps,ou=TechnicalSupport,dc=ts.ca,dc=com#

 

This is a tab-delimited file. So each entry, whether it has a value or not, must be followed by a tab. CA Release Automation expects the following information in the order specified (click the Load from File option to get more details on each of these expected fields):

1. User Name

2. Last Name

3. First Name

4. Email

5. Password

6. Authentication Method

7. LDAP Host

8. LDAP Port

9. LDAP SSL

10. LDAP Search Context

11. LDAP Security Context

12. Suffix

 

You will notice many spaces between DevTeam1User and the text "LDAP" immediately after it. You'll notice the same thing for SupTeam1User and the text "LDAP" after it. This is because these users are very basic users in my very basic test ApacheDS environment and they were not assigned a value for 2-4. And since we are using LDAP I am not expected to provide a value for #5 (Password). So, after typing in the User Name I pressed the tab key five times. Once after providing the User Name and then 4 more times to assign blank values for Last Name, First Name, Email, and Password. 

Once your file is setup appropriately, add it to the "Load from File" File field and click the "Load" button. You'll get a message similar to this: 

UsersLoadedFromFile.png

 

 

 

 

Additional Information:

It is important to note that importing the users from this file does not mean that user will be able to successfully log into CA Release Automation as that user. The import process does not verify the user account when it is importing it. Designing it to would require a username and password either for each user - or for a single user that has the ability to query all users. If your users have problems logging into CA Release Automation as their LDAP user after you loaded it with the file it might be related to any of the following:

1. Any/All of the data in the file (username, security context, search context, ldap hostname, ldap port, etc...). 

2. It could also might be related to using ldap vs ldaps (or vice versa). Maybe ldap is not enabled but ldaps is. If this is true then you will also need to import your ldaps certificate into the <DatamanagementServerInstallDirectory>/jre/lib/security/cacerts truststore and recycle CA Release Automation before attempting to authenticate as that user. 

If you do have trouble logging in as a user then the logs/nolio_dm_all.log might contain helpful information. Once you have the file open you can start by looking for a good place to begin reviewing the log. A good starting search string to get you in the relative area to look around further is:  com.nolio.platform.server.dataservices.services.auth

 

 

File Attachments:
TEC1198519.zip