<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">On 05/03/2015 03:41 PM, Todd Morgan
wrote:<br>
</div>
<blockquote
cite="mid:CADfCXiu7X+=d9BC=RUspWdMn_W6OwHkMfFhRvGtt_5s+s0zTkA@mail.gmail.com"
type="cite">
<div dir="ltr">
<div>
<div>
<div>
<div>Hi everyone,<br>
</div>
I'm trying to setup a new Kallithea (0.2.1)
installation on Win2k12, which is working OK using a
vanilla installation as detailed previously.<br>
<br>
</div>
My problem is that now I need to bring on approximately 200+
users to this system but I need to do it in the least
obtrusive fashion, as this server will be replacing an
existing system.<br>
<br>
</div>
I have all of my users stored within CROWD and also available
within LDAP. Having each of my users manually register is not
a suitable option as this is supposed to be a seamless
transition. Can anyone please advise how this may be achieved
other than manually entering all the accounts :- )<br>
<br>
</div>
<ul>
<li>How can I automate the process of onboarding my users?</li>
<ul>
<li>ie they simply login to the application (if they need
to) and it works? and/or merely continue using the old
repository URL (now moved to Kallithea) using the existing
credentials and their clones just get updated as required.</li>
</ul>
<li>I saw two promising settings in the admin/permissions with
items for:</li>
<ul>
<ul>
<li>registration ' allow with automatic account
activation"</li>
<li>external auth account activation 'automatic activation
of external account'</li>
</ul>
<li>The second seems most useful. ie I add my external
authentication mechanism - crowd for example - and anyone
contained within crowd should be able to just login to
continue working.</li>
</ul>
</ul>
<p>In my attempts I found that even though I enabled the CROWD
plugin (restarted afterwards), I was still forced to create a
local account within Kallithea and then I was still forced to
input a local password (what is the point of external
authentication then??). Then when I attempted to login it was
using the local auth and not the crowd authentication. ie the
local auth was taking precedence. It could be a PEBKAC but
from the doco that I could find it looks like the accounts are
lazy loaded so the entire LDAP tree doesn't get input into
Kallithea. I am reasonably certain that the CROWD integration
was working as the account was given admin rights as it's
group membership was listed explicitly on the "admin groups"
within the crowd plugin and I didn't check it within the
normal admin ui for users.</p>
<p>If there is means of achieving this through configuration
perhaps there's a script that can be used?<br>
</p>
</div>
</blockquote>
<br>
"forced to create a local account" - forced how? If you create a
local user, I expect it to use local authentication.<br>
<br>
I don't know crowd - it is probably not widely used and there might
be bugs in the auth module. Max Roman <a class="moz-txt-link-rfc2396E" href="mailto:max@choloclos.se"><max@choloclos.se></a>
contributed a fix half a year ago so I assume it works for him. He
might be able to give some advice.<br>
<br>
LDAP is more widely used - you can perhaps give that a try and
either learn from it or use it. I don't know what advantages it
would have to use crowd directly instead of through ldap - you can
perhaps help improve the documentation when you know more.<br>
<br>
/Mads<br>
</body>
</html>