biemond-orawls icon indicating copy to clipboard operation
biemond-orawls copied to clipboard

Published 20 hours ago verified publisher icon biemond

how to add a user to an existing group without deleting the current members

Open ltutar opened this issue 8 years ago • 5 comments

When I have the following yaml:

user_instances:
  'testuser1':
    ensure:                 'present'
    password:               'weblogic1'
    authenticationprovider: 'DefaultAuthenticator'
    realm:                  'myrealm'
    description:            'my test user'

# this will use default as wls_setting identifier
group_instances:
  'Administrators':
    ensure:                 'present'
    authenticationprovider: 'DefaultAuthenticator'
    description:            'TestGroup'
    realm:                  'myrealm'
    users:
      - 'testuser1'

The puppet run will remove the user weblogic from the Administrators group.

I get

Notice: /Stage[main]/Profiles::Wls/Wls_group[Administrators]/users: removing ["weblogic"] 
Notice: /Stage[main]/Profiles::Wls/Wls_group[Administrators]/description: description changed 'Administrators can view and modify all resource attributes and start and stop servers.' to 'TestGroup'

I could not find an option in the module to add the user to a group when creating the user or the option to add the user to a group without removing the existing members.

ltutar avatar Apr 19 '16 12:04 ltutar

Yeah,

because of this https://github.com/biemond/biemond-orawls/blob/master/files/providers/wls_group/modify.py.erb#L31

maybe we can add a param so you can skip it but don't know if puppet will see it as a change on the next puppet run

best way is to only add weblogic user the user attribute of the group or also add the weblogic user to users

biemond avatar Apr 19 '16 12:04 biemond

I would rather have a notation like the puppet 'user' reference type. See https://docs.puppet.com/puppet/latest/reference/type.html#user-attribute-groups My yaml would then be

user_instances:
  'testuser1':
    ensure:                 'present'
    password:               'weblogic1'
    authenticationprovider: 'DefaultAuthenticator'
    realm:                  'myrealm'
    description:            'my test user'
    groups:                     
             - 'Administrators'
            -  'TestGroup'

ltutar avatar Apr 19 '16 12:04 ltutar

I know that is more handy but it is not the wls way

I don't think I can support both ways because of the autorequire between group and user

biemond avatar Apr 19 '16 14:04 biemond

I understand. I would find

maybe we can add a param so you can skip

handy. Otherwise, I have the keep track of a users array parameter somewhere containing all of the users.

ltutar avatar Apr 19 '16 14:04 ltutar

i have a same issue. Can it be something like a switch that can be toggled to managed wls group or not so that we can add custom users outside the default build?

rrod157 avatar Mar 26 '19 07:03 rrod157