Limited support This version of the product is in limited support. However, the documentation is available for your convenience. You will not be able to leave comments. Click here to view the documentation for the current version.

Creating user accounts in a batch by using shell scripts

If you can access the application server through a terminal console, you can create a text file with the required information to create individual users.

Before you begin

  • You must know the credentials for logging in as a service catalog administrator user.
  • You must have the access permissions to run shell scripts on the application server.
  • You must have access to work in the application installation folder.
  • You must understand the permissions groups explained in Overview-of-user-accounts-and-groups-for-BMC-Digital-Workplace-Catalog.


Related topics

Assigning-BMC-Digital-Workplace-Catalog-roles-to-user-accounts

Setting-up-a-Remedy-Mid-Tier-for-system-administration-of-the-BMC-Digital-Workplace-Catalog-server

Creating-user-accounts-by-using-Remedy-Mid-Tier

Copying-users-from-Remedy-ITSM-into-BMC-Digital-Workplace-Catalog

Location of shell scripts

The shell scripts are stored in a subfolder of the BMC Digital Workplace Catalog installation folder, by default, /opt/bmc/digitalworkplace. The scripts are located in installLocation/sb/rxscripts

The scripts in the rxscripts folder reference the following system scripts:

Script name and location

Description

./bin/setenv.sh

Sets the environment variables. Make sure that the values in this file match those in your system. This script must be run by prepending source as the current context.

./bin/login.sh {user} {password}

Logs in as the specified user.

./bin/users/create.sh {user_info.json}

Creates the user by reading the specified JSON file.

If the scripts are in the specified locations, proceed to the next section.

User account text files for shell scripts

A user account file is a set of key=value pairs encoded as a JSON object in a text file. Create the user text file on the server in installLocation/sb/rxscripts so that the user creation script can read it. Each file must contain the required information for a single user as a JSON string.

Example: To create a self-service request user account for Bob Baxter, compose the following text file and save it as bob_baxter.json:

Example: System notification user
{
 "fullName": "Bob Baxter",
 "loginName": "Bob@${rx_tenant_domain}",
 "emailAddress": "Bob@${rx_tenant_domain}",
 "licenseType": "Read",
 "groups": ["sbe-myit-users"],
 "forcePasswordChangeOnLogin": "false",
 "password": "Passw0rd!"
}

For more example JSON text files you can use to create accounts, see Example JSON text files with the information to create user accounts below.

To create a user account with a script

This procedure creates the user account from a JSON text file, such as the example in User account text files for shell scripts above.

  1. On the BMC Digital Workplace Catalog server, go to installLocation/sb/rxscripts

  2. Run the source ./bin/setenv.sh command to load the environment variables into the current shell context.

    Example
    source ./bin/setenv.sh

  3. Run the ./bin/login.sh command and pass the parameters to log in as the tenant administrator.

    Example
    ./bin/login.sh hannah_admin@calbroservices.com Passw0rd!
    • A successful login will display a login token composed of a long string of characters.
    • An unsuccessful login will display a JSON error message.

     

  4. For each JSON file, run the ./bin/users/create.sh command to load the specified JSON file to create user accounts.

    Example
    ./bin/users/create.sh ./system_notifications.json

    The system notifies you when the account is successfully created or if the process failed.

To create multiple user accounts with a script

The following script runs a loop to create several users at once from the JSON files that are saved in the installLocation/sb/rxscripts/data/users/myit_users folder.

  1. On the BMC Digital Workplace Catalog server, go to installLocation/sb/rxscripts

  2. Run the source ./bin/setenv.sh command to load the environment variables into the current shell context.

    Example
    source ./bin/setenv.sh

  3. Run the ./bin/login.sh command and pass the parameters to log in as the tenant administrator.

    Example
    ./bin/login.sh hannah_admin@calbroservices.com Passw0rd!

  4. Run a for loop on the command line to create a user record for each JSON file in the folder.

    Example
    for i in `ls ./data/users/myit_users`;do ./bin/users/create.sh ./data/users/myit_users/$i;done;

    Tip

    The ls ./folder_name command lists all files in the folder. The folder name is not included as part of the file name. You must specify the folder name in the command to run the create.sh script.

Example JSON text files with the information to create user accounts

When you create user accounts with shell scripts, the JSON files should follow the format of the code blocks in this section.

Required user for system notifications

Example: System notification user
{
 "fullName": "System Notification Account",
 "loginName": "sys_notification@${rx_tenant_domain}",
 "emailAddress": "sys_notification@${rx_tenant_domain}",
 "licenseType": "Read",
 "groups": ["sbe-myit-users"],
 "forcePasswordChangeOnLogin": "false",
 "password": "5Y5_n0tification!"
}

Standard user for BMC Digital Workplace requests

Example: BMC Digital Workplace self-service user
{
 "fullName": "Bob Baxter",
 "loginName": "Bob@${rx_tenant_domain}",
 "emailAddress": "Bob@${rx_tenant_domain}",
 "licenseType": "Read",
 "groups": ["sbe-myit-users"],
 "forcePasswordChangeOnLogin": "false",
 "password": "Passw0rd!"
}

Administrative roles to manage service catalogs

Users who are given access to log in to the BMC Digital Workplace Catalog console can also be granted Administrator rights. The Administrator permission group enables a user to log in to Remedy Mid Tier to perform administrative functions on the BMC Digital Workplace Catalog server.

Warning

Never add the Administrator group to users in the sbe-myit-users group, and never add the sbe-myit-users group to any administrative role (sbe-catalog-admins, sbe-internal-suppliers, sbe-asset-managers, sbe-agents).

Example: Service catalog administrator
{
 "fullName": "Mary Mann",
 "loginName": "Mary@${rx_tenant_domain}",
 "emailAddress": "Mary@${rx_tenant_domain}",
 "licenseType": "Fixed",
 "groups": ["Administrator", "sbe-catalog-admins"],
 "forcePasswordChangeOnLogin": "false",
 "password": "Passw0rd!"
}
Example: Internal service supplier administrator
{
  "fullName": "Ian Plyment",
  "loginName": "Ian@${rx_tenant_domain}",
  "emailAddress": "Ian@${rx_tenant_domain}",
  "licenseType": "Fixed",
  "groups": ["Administrator", "sbe-internal-suppliers"],
  "forcePasswordChangeOnLogin": "false",
  "password": "Passw0rd!"
}
Example: Asset manager
{
 "fullName": "Francie Stafford",
 "loginName": "Francie@${rx_tenant_domain}",
 "emailAddress": "Francie@${rx_tenant_domain}",
 "licenseType": "Fixed",
 "groups": ["Administrator", "sbe-asset-managers"],
 "forcePasswordChangeOnLogin": "false",
 "password": "Passw0rd!"
}

Service agent role to view the service requests of other users

Warning

Never add the Administrator group to users in the sbe-myit-users group, and never add the sbe-myit-users group to any administrative role (sbe-catalog-admins, sbe-internal-suppliers, sbe-asset-managers, sbe-agents).

Example: Service agent
{
 "fullName": "Jim Serven",
 "loginName": "Jim@${rx_tenant_domain}",
 "emailAddress": "Jim@${rx_tenant_domain}",
 "licenseType": "Fixed",
 "groups": ["Administrator", "sbe-catalog-agents"],
 "forcePasswordChangeOnLogin": "false",
 "password": "Passw0rd!"
}

For more information about the fields to be set, see Overview-of-user-accounts-and-groups-for-BMC-Digital-Workplace-Catalog.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*