TCA disables the import of AD users and groups, and communicates with the AD for determining user's group membership.
Patch TCA via the following steps:
- Download the relevant patch JAR files from the
keycloak-2.3-patch-jars.zip
file:
- the 3 files included in the zip are:
-
hybridity-appliance-management-0.1.0.war
-
web-server-0.1.0.war
-
keycloak-adapter-1.0.jar
-
Copy the JAR files to TCA Manager Shell as follows:
scp hybridity-appliance-management-0.1.0.war admin@<tca-m-ip>: /opt/vmware/hybridity-appliance-management-0 .1.0.war
scp web-server-0.1.0.war admin@<tca-m-ip>: /opt/vmware/web-server-0 .1.0.war
scp keycloak-adapter-1.0.jar admin@<tca-m-ip>: /opt/vmware/Adapters/1 .0 /keycloak-adapter-1 .0.jar
scp keycloak-adapter-1.0.jar admin@<tca-m-ip>: /opt/vmware/Services/workflow_service_1 .0 /keycloak-adapter-1 .0.jar
|
-
Restart the relevant services
sudo systemctl restart tca-keycloak
sudo systemctl restart appliance-management
sudo systemctl restart web-engine
|
- Clean up the imported users and groups
-
Inside the TCA Manager SSH terminal, log into the DB Postgres shell as follows:
export PGPASSWORD=$( cat /common/pgsql/passwords/keycloak_user ) && psql -U keycloak_user keycloak
|
-
Delete Imported Groups via the following 2 queries:
keycloak=> delete from "group_attribute" ;
DELETE 53
keycloak=>
keycloak=> delete from "keycloak_group" ;
DELETE 53
|
- The TCA user should be able to configure Active Directory on appliance management successfully.