Creating user accounts in a batch by using shell scripts
If you can access the application server through a terminal console, you can create a text file with the required information to create individual users.
Before you begin
- You must know the credentials for logging in as a service catalog administrator user.
- You must have the access permissions to run shell scripts on the application server.
- You must have access to work in the application installation folder.
- You must understand the permissions groups explained in Overview of user accounts and groups for BMC Digital Workplace Catalog.
Location of shell scripts
The shell scripts are stored in a subfolder of the BMC Digital Workplace Catalog installation folder, by default, /opt/bmc/digitalworkplace. The scripts are located in installLocation/sb/rxscripts.
The scripts in the rxscripts folder reference the following system scripts:
Script name and location | Description |
---|---|
./bin/setenv.sh | Sets the environment variables. Make sure that the values in this file match those in your system. This script must be run by prepending source as the current context. |
./bin/login.sh {user} {password} | Logs in as the specified user. |
./bin/users/create.sh {user_info.json} | Creates the user by reading the specified JSON file. |
If the scripts are in the specified locations, proceed to the next section.
User account text files for shell scripts
A user account file is a set of key=value pairs encoded as a JSON object in a text file. Create the user text file on the server in installLocation/sb/rxscripts so that the user creation script can read it. Each file must contain the required information for a single user as a JSON string.
Example: To create a self-service request user account for Bob Baxter, compose the following text file and save it as bob_baxter.json:
{
"fullName": "Bob Baxter",
"loginName": "Bob@${rx_tenant_domain}",
"emailAddress": "Bob@${rx_tenant_domain}",
"licenseType": "Read",
"groups": ["sbe-myit-users"],
"forcePasswordChangeOnLogin": "false",
"password": "Passw0rd!"
}
For more example JSON text files you can use to create accounts, see Example JSON text files with the information to create user accounts below.
To create a user account with a script
This procedure creates the user account from a JSON text file, such as the example in User account text files for shell scripts above.
On the BMC Digital Workplace Catalog server, go to installLocation/sb/rxscripts
Run the source ./bin/setenv.sh command to load the environment variables into the current shell context.
Examplesource ./bin/setenv.sh
Run the ./bin/login.sh command and pass the parameters to log in as the tenant administrator.
Example./bin/login.sh hannah_admin@calbroservices.com Passw0rd!
- A successful login will display a login token composed of a long string of characters.
- An unsuccessful login will display a JSON error message.
For each JSON file, run the ./bin/users/create.sh command to load the specified JSON file to create user accounts.
Example./bin/users/create.sh ./system_notifications.json
The system notifies you when the account is successfully created or if the process failed.
To create multiple user accounts with a script
The following script runs a loop to create several users at once from the JSON files that are saved in the installLocation/sb/rxscripts/data/users/myit_users folder.
On the BMC Digital Workplace Catalog server, go to installLocation/sb/rxscripts
Run the source ./bin/setenv.sh command to load the environment variables into the current shell context.
Examplesource ./bin/setenv.sh
Run the ./bin/login.sh command and pass the parameters to log in as the tenant administrator.
Example./bin/login.sh hannah_admin@calbroservices.com Passw0rd!
Run a for loop on the command line to create a user record for each JSON file in the folder.
Examplefor i in `ls ./data/users/myit_users`;do ./bin/users/create.sh ./data/users/myit_users/$i;done;
Tip
The ls ./folder_name command lists all files in the folder. The folder name is not included as part of the file name. You must specify the folder name in the command to run the
create.sh
script.
Example JSON text files with the information to create user accounts
When you create user accounts with shell scripts, the JSON files should follow the format of the code blocks in this section.
Required user for system notifications
{
"fullName": "System Notification Account",
"loginName": "sys_notification@${rx_tenant_domain}",
"emailAddress": "sys_notification@${rx_tenant_domain}",
"licenseType": "Read",
"groups": ["sbe-myit-users"],
"forcePasswordChangeOnLogin": "false",
"password": "5Y5_n0tification!"
}
Standard user for BMC Digital Workplace requests
{
"fullName": "Bob Baxter",
"loginName": "Bob@${rx_tenant_domain}",
"emailAddress": "Bob@${rx_tenant_domain}",
"licenseType": "Read",
"groups": ["sbe-myit-users"],
"forcePasswordChangeOnLogin": "false",
"password": "Passw0rd!"
}
Administrative roles to manage service catalogs
Users who are given access to log in to the BMC Digital Workplace Catalog console can also be granted Administrator rights. The Administrator permission group enables a user to log in to Remedy Mid Tier to perform administrative functions on the BMC Digital Workplace Catalog server.
Warning
Never add the Administrator group to users in the sbe-myit-users group, and never add the sbe-myit-users group to any administrative role (sbe-catalog-admins, sbe-internal-suppliers, sbe-asset-managers, sbe-agents).
{
"fullName": "Mary Mann",
"loginName": "Mary@${rx_tenant_domain}",
"emailAddress": "Mary@${rx_tenant_domain}",
"licenseType": "Fixed",
"groups": ["Administrator", "sbe-catalog-admins"],
"forcePasswordChangeOnLogin": "false",
"password": "Passw0rd!"
}
{
"fullName": "Ian Plyment",
"loginName": "Ian@${rx_tenant_domain}",
"emailAddress": "Ian@${rx_tenant_domain}",
"licenseType": "Fixed",
"groups": ["Administrator", "sbe-internal-suppliers"],
"forcePasswordChangeOnLogin": "false",
"password": "Passw0rd!"
}
{
"fullName": "Francie Stafford",
"loginName": "Francie@${rx_tenant_domain}",
"emailAddress": "Francie@${rx_tenant_domain}",
"licenseType": "Fixed",
"groups": ["Administrator", "sbe-asset-managers"],
"forcePasswordChangeOnLogin": "false",
"password": "Passw0rd!"
}
Service agent role to view the service requests of other users
Warning
Never add the Administrator group to users in the sbe-myit-users group, and never add the sbe-myit-users group to any administrative role (sbe-catalog-admins, sbe-internal-suppliers, sbe-asset-managers, sbe-agents).
{
"fullName": "Jim Serven",
"loginName": "Jim@${rx_tenant_domain}",
"emailAddress": "Jim@${rx_tenant_domain}",
"licenseType": "Fixed",
"groups": ["Administrator", "sbe-catalog-agents"],
"forcePasswordChangeOnLogin": "false",
"password": "Passw0rd!"
}
For more information about the fields to be set, see Overview of user accounts and groups for BMC Digital Workplace Catalog.
Comments
[{"messageType":"ERROR","messageText":"Entry does not exist in database","moreInfo":"","messageNumber":302,"messageAppendedText":"Group, name=sbe-catalog-agents"}] Successfully created 0 users, done!
Hi Ariel, thanks for commenting. Edit:
Yes, ${rx_tenant_domain} needs to be replaced with the tenant domain. Can you please retry the scripts using the actual tenant domain and let us know if you still get an error?Please see my comment below.Hi Tashfeen,
I'm still getting authentication error: ERROR (8790): Unknown system error. [ERROR (623): Authentication failed; appadmin@devemtec.com]
Hi Ariel, thanks for confirming. In that case, please do the following:
${rx_tenant_domain}
as-is in the JSON template. Don't provide a value for it, the value will be automatically derived based on the following steps.devemtec.com
source ./bin/setenv.sh
Please let us know if that resolves your issue. Thanks again for reaching out.
Log in or register to comment.