Refresh the Authentication configuration using API powershell script

book

Article ID: 199492

calendar_today

Updated On:

Products

CA Test Data Manager (Data Finder / Grid Tools)

Issue/Introduction

We are facing an issue for quite long now where users cannot login into the TDM Portal often after a restart of the server. The workaround is to login into the Portal using the "administrator" account, then go to the Configuration/Authentication section and click Next button, then click Finish button, then click OK button.

Once done, users can now login into the Portal again. We had a case opened for this issue but now closed because it seems you guys can't reproduce it on your side.  

What we would like is to automate this workaround using API script in Powershell. Do you think this can be done and if so, how can we do it?

Environment

Release : 4.9

Component : CA Test Data Manager

Resolution

The approach I would take is follow the steps as you described using chrome while enabling chrome developer by press F12.
Any activity that requests access to the backend will be monitored and logged in the chrome developer under the network tab

I have constructed a powershell script that will create a token for you and call the 'PUT' rest calls you need to make changes to the script to use your own payloads as we have seen in chrome developer I

have included my own payload

 

line 130; you should enter your ldap password

 

The first payload in my case is

$payload1 = @{
   authorityName = "Default";
   hostName = "broadcom.net";
   port = "636";
   userDN = "CN=<<FIRST_NAME>>(177)<<LAST_NAME>>,OU=Bracknell,OU=Berkshire,OU=GB,OU=Users,OU=Accounts,DC=<<COMPANY_NAME>>,DC=net";
   password = null;
   baseDN = "DC=<<COMPANY_NAME>>,DC=net";
   globalTDMGroup = null;
   tlsAttributes = @{
      useTLS = true
   };
   userAttributes = @{
      userObjectClass = "person";
      userIdAttribute = "cn";
      userOrganization = ""
   };
   groupAttributes = @{
      groupObjectClass = "group";
      groupIdAttribute = "cn";
      groupOrganization = "";
      groupMemberAttribute = "member"
   };
   ldapAdvanceConfiguration = @{
      referralStrategy = "follow"
   };
   message = null;
   updtTime = 1600264754000;
   customUserFilter = null;
   authenticationMode = "AD/LDAP";
   adminGroup = "";
   testerGroup = ""
};

 

the second payload

$payloaddefault = @{
   authorityName = "Default";
   hostName = "<<COMPANY_NAME>>.net";
   port = "636";
   userDN = "CN=<<FIRST_NAME>>(177)<<LAST_NAME>>;OU=Bracknell;OU=Berkshire;OU=GB;OU=Users;OU=Accounts;DC=<<COMPANY_NAME>>;DC=net";
   password = "********";
   baseDN = "DC=<<COMPANY_NAME>>;DC=net";
   globalTDMGroup = "";
   tlsAttributes = @{
      useTLS = "true"
   };
   userAttributes = @{
      userObjectClass = "person";
      userIdAttribute = "cn";
      userOrganization = ""
   };
   groupAttributes = @{
      groupObjectClass = "group";
      groupIdAttribute = "cn";
      groupOrganization = "";
      groupMemberAttribute = "member"
   };
   ldapAdvanceConfiguration = @{
      referralStrategy = "follow"
   };
   message = "AD/LDAP server settings are configured successfully.";
   updtTime = 1600264754000;
   customUserFilter = ""
}

Should I put our LDAP service account username and password, we use in the Authentication section in the Portal, into this line here for each payload?

 

userDN = "CN=<<FIRST_NAME>>(177)<<LAST_NAME>>,OU=Bracknell,OU=Berkshire,OU=GB,OU=Users,OU=Accounts,DC=<<COMPANY_NAME>>,DC=net";
   password = null;

I did not need to enter the password but you need to enter the accountname.
 
However in the second payload @ like 130  , you should enter the password ... (replacing the asterisk)
   password = "********";
 
You will likely need to do some more tweaking but it is a good starting point