We have attempted to import some ldap groups into RA using the REST Api's but they're showing up as local groups (not ldap). How can we use the Rest API calls to import ldap users?
How can we use the Rest API calls to import ldap users?
CA Release Automation v6.6
Directory-servers
From Swagger API Doc/Tester run the GET for: /administration/v5/directory-servers
curl -X GET --header "Accept: */*" "http://localhost:32804/datamanagement/ra/administration/v5/directory-servers"
http://localhost:32804/datamanagement/ra/administration/v5/directory-servers
Response Body
{
"list": [
{
"directoryServerConnection": {
"adminUserName": "uid=admin,ou=system",
"isSSL": false,
"directoryServerType": "LDAP",
"adminPassword": "0953532E2AA8D152",
"serverName": "myldapserver",
"serverPort": 10389
},
"directoryServerAuth": {
"userDnPattern": "o=test",
"userSearchBase": "o=test",
"userFilter": "uid={0}",
"groupSearchBase": "ou=groups,ou=system",
"groupFilter": "(|(member={0})(uniquemember={0}))"
},
"directoryServerImportDetails": {
"userSearchPattern": "cn={0}*",
"groupSearchPattern": "cn={0}*"
},
"serverAttributeMapping": {
"uniqueUserName": "uid",
"email": "mail",
"firstName": "cn",
"lastName": "lastName"
},
"name": "test1",
"id": "6430000"
}
]
}
Response Code:
200
Response Headers
{
"pragma": "no-cache",
"date": "Thu, 21 Mar 2019 21:59:52 GMT",
"cache-control": "no-cache no-store must-revalidate",
"expires": "Thu, 01 Jan 1970 00:00:00 GMT",
"server": "Unknown",
"transfer-encoding": "chunked",
"content-type": "application/json"
}
Once we have a directory server id we can run the following:
GET /administration/v5/directory-servers/{directory-serverId}/users-search
curl -X GET --header "Accept: */*" "http://localhost:32804/datamanagement/ra/administration/v5/directory-servers/6430000/users-search"
http://localhost:32804/datamanagement/ra/administration/v5/directory-servers/6430000/users-search
Response Body
{
"list": [
{
"dn": "uid=DevTeam1User,ou=ReleaseAuto,ou=DevOps,ou=Engineering,ou=mytest2,o=test",
"email": "",
"firstName": "DevTeam1User",
"lastName": "",
"directoryServerId": "6430000",
"isLocalUser": false,
"username": "DevTeam1User",
"password": "***"
},
{
"dn": "uid=SupTeam1User,ou=ReleaseAuto,ou=DevOps,ou=TechnicalSupport,ou=mytest2,o=test",
"email": "",
"firstName": "SupTeam1User",
"lastName": "",
"directoryServerId": "6430000",
"isLocalUser": false,
"username": "SupTeam1User",
"password": "***"
}
]
}
Response Code
200
Response Headers
{
"pragma": "no-cache",
"date": "Thu, 21 Mar 2019 22:07:10 GMT",
"cache-control": "no-cache no-store must-revalidate",
"expires": "Thu, 01 Jan 1970 00:00:00 GMT",
"server": "Unknown",
"transfer-encoding": "chunked",
"content-type": "application/json"
}
Now that we have the details for the user we can run:
POST: /administration/v5/users/import
This requires the data from the previous call. So let’s say that we want to import the DevTeam1User then the call would look like this:
curl -X POST --header "Content-Type: application/json" --header "Accept: */*" -d "{
\"list\": [
{
\"dn\": \"uid=DevTeam1User,ou=ReleaseAuto,ou=DevOps,ou=Engineering,ou=mytest2,o=test\",
\"email\": \"\",
\"firstName\": \"DevTeam1User\",
\"lastName\": \"\",
\"directoryServerId\": \"6430000\",
\"isLocalUser\": false,
\"username\": \"DevTeam1User\"
}
],
\"role\": {\"type\":\"superuser\"}
}" "http://localhost:32804/datamanagement/ra/administration/v5/users/import"
Response Body
{
"totalResultsCount": 1,
"list": [
{
"dn": "uid=DevTeam1User,ou=ReleaseAuto,ou=DevOps,ou=Engineering,ou=mytest2,o=test",
"email": "",
"firstName": "DevTeam1User",
"lastName": "",
"directoryServerId": "6430000",
"directoryServerName": "test1",
"isLocalUser": false,
"username": "devteam1user",
"role": {
"type": "superuser"
},
"password": "***",
"id": "6600000"
}
]
}
Response Code:
200
Response Headers:
{
"pragma": "no-cache",
"date": "Thu, 21 Mar 2019 22:21:12 GMT",
"cache-control": "no-cache no-store must-revalidate",
"expires": "Thu, 01 Jan 1970 00:00:00 GMT",
"server": "Unknown",
"transfer-encoding": "chunked",
"content-type": "application/json"
}