[DOCS-10005] OM 3.4 importing users/roles Created: 17/Mar/17 Updated: 03/Aug/17 Resolved: 02/Aug/17 |
|
| Status: | Closed |
| Project: | Documentation |
| Component/s: | Ops Manager |
| Affects Version/s: | ops-manager-3.4 |
| Fix Version/s: | None |
| Type: | Task | Priority: | Major - P3 |
| Reporter: | Annette Morrissey (Inactive) | Assignee: | Anthony Sansone (Inactive) |
| Resolution: | Done | Votes: | 0 |
| Labels: | docs-cloudmgr-opsmgr-security | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Participants: | |
| Days since reply: | 6 years, 30 weeks, 6 days ago |
| Story Points: | 0.3 |
| Description |
|
Can we clarify in the docs that existing roles/users are not overwritten by newly imported deployments if Sync = Yes and Enforce Consistent Set = No. From the docs:
The question was raised by a customer - when adding a deployment for automation are duplicate roles overwritten by the new deployment. The answer is no, the roles are not overwritten. Can we make that explicit in the docs? |
| Comments |
| Comment by Dennis Kuczynski [ 13/Jul/17 ] |
|
annette.morrissey Yes, whatever ends up in the AutomationConfig auth.usersWanted and roles structures should be reflected by any managed automation processes. I may have just misunderstood the intent of the docs change. tony.sansone By "All non-imported and existing users and roles remain int he MongoDB deployment." Do you just mean that all non-imported users are left alone and that conflicting users will match what ends up in the automation config? |
| Comment by Annette Morrissey (Inactive) [ 13/Jul/17 ] |
|
Hi Dennis /tony.sansone This arose from one of the customers questions on the case
Myself and barry.mcconville worked on the case. Our understanding was that users in the "usersWanted" list would be maintained, not overwritten. Is this incorrect? Thanks |
| Comment by Dennis Kuczynski [ 16/Jun/17 ] |
|
I just confirmed. If a user or role exists in the automation config, (Sync Yes) – the automation agent should adjust the users and roles on the mongods to match the value in the automation config. So duplicates should be overwritten. annette.morrissey what was observed in that support ticket? |
| Comment by Dennis Kuczynski [ 16/Jun/17 ] |
|
tony.sansone and annette.morrissey This sounds like a bug. If a User or Role is set to Sync it should reflect the value in the automation configuration. Let me check the current behavior. |