Skip to content

Instantly share code, notes, and snippets.

Last active February 21, 2018 19:36
Show Gist options
  • Save afiune/ac5b4b7074ee9191a876d29ae73fe536 to your computer and use it in GitHub Desktop.
Save afiune/ac5b4b7074ee9191a876d29ae73fe536 to your computer and use it in GitHub Desktop.
Automate LDAP Bulking User Creation

LDAP Bulking User Creation Process

This is temporal automation to create multiple LDAP users in Chef Automate.


The minimum prerequisites to be able to use this automation are:

Create list of users file

The automation will ask you to provide a file with the list of users to create with the following format:


An example of this file at:

Run the automation

Once you have all the prerequisites in place, and the list of users to create, open a terminal and go to the directory that you have previously configured the delivery-cli to point to your Chef Automate Server.

Then run:

➜ ./bulk-user-creation.rb
Automate LDAP Bulking User Creation
Insert the user list file: user.list
Creating Users from 'user.list'
  user1: done.
  user2: done.
# LDAP Bulking User Creation Process
# The file format for the list of users must looks like:
# Where [ROLES] is a comma separated list of roles to
# grant to the user.
# Example of this file at:
# =>
puts "Automate LDAP Bulking User Creation\n"
# Verify we have the delivery-cli installed
raise "\nERROR: Unable to find the delivery-cli.\n" \
"Install the latest version of ChefDK from: "\
"" unless system("which delivery > /dev/null")
# Verify we can communicate to the Automate Server
# and that there is already a `.delivery/cli.toml`
user_out = %x( delivery api get users )
unless user_out =~ /"_links": {/
raise "\nERROR: Unable to interact with the Automate Server.\n" \
"Please make sure you are located in a directory where " \
"you have already ran the `delivery setup` command." \
# Input the list of users to create
print "Insert the user list file: "
list_file = gets.strip
raise "File '#{list_file}' not found" unless File.exist?(list_file)
puts "Creating Users from '#{list_file}'" do |line|
user_info = line.split('|')
username = user_info[0].strip
roles = user_info[1].strip.split(',').map { |r| '"' + r + '"' }.join(',')
print " #{username}: "
out1 = %x( delivery api post external-users -d '{"name": "#{username}"}' )
if out1 =~ /conflict|Conflict/
puts "already exists."
# Setting Roles to new user
out2 = %x( delivery api post authz/users/#{username} -d '{"grant": [#{roles}]}' )
if out2 =~ /error|Error/
puts "created but unable to grant roles."
puts "done."
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment