Skip to content

dx_ctl_users

Jump to bottom
Marcin Przepiorowski edited this page Jul 3, 2024 · 14 revisions

SYNOPSIS

dx_ctl_users    [ -engine|d <delphix identifier> | -all ] [ -configfile file ]
                [-action import] <-file filename | -profile filename >
                -action lock|unlock|password|timeout|sshkey
                -username name|all
                [-password password]
                [-timeout timeout]
                [-sshkeyfile filename]
                [-help|?]
                [-debug]

DESCRIPTION

Control an users in Delphix Engine using a CSV file

ARGUMENTS

Delphix Engine selection - if not specified a default host(s) from dxtools.conf will be used.

  • -engine|d Specify Delphix Engine name from dxtools.conf file
  • -all Display databases on all Delphix appliance
  • -configfile file Location of the configuration file. A config file search order is as follow:
  • configfile parameter
  • DXTOOLKIT_CONF variable
  • dxtools.conf from dxtoolkit location

Options

  • -action import|lock|unlock|password|sshkey Action for a particular user or file Actions:

      - import (default) - read input file and run action from it parameters -file or -profile or both are required
  - lock - disable (lock) user account
  - unlock - enable (unlock) user account
  - password - change user password
  - timeout - change user timeout
  - sshkey - set a user SSH key

  • -username user|all Username for particular action. If word 'all' is specified action will run for all users from same domain as username defined in configuration file

  • -password pass New password for user. If not specified prompt will be displayed.

  • -timeout time Update a timeout for an user. Timeout is set in minutes

  • -sshkeyfile filename File with one or more SSH public key to set for user

  • -file filename CSV file name with user definition and actions. Field list as follow:

    command, username, firstname, lastname, email, workphone, homephone, mobilephone, authtype, principal, password, admin_priv, js_user, timeout, apiUser

    Allowed command values:

      C - create user
  D - delete user
  U - update user
  L - lock user
  E - enable user

    Allowed admin_priv values:

      Y - Delphix admin user
  N - Standard User
  S - Sysadmin user

    Allowed js_user values:

      Y - Self service (Jet Stream) user
  N - Standard User

    Allowed apiUser values:

      Y - User can login with local user/password if SSO is enabled
  N - User can't login with local user/password

  • -profile filename CSV file name with user profile definition. It can be generated using dx_get_users profile option. To revoke existing role from user, role name should be set to None in profile file. Allowed role names:

      - none
  - read
  - data
  - provisioner
  - owner

    Field list as follow:

    username, target_type, target_name, role

OPTIONS

  • -help Print this screen
  • -debug Turn on debugging

EXAMPLES

Add user to one engine using example users file

dx_ctl_users -d Landshark5 -file dxusers.csv.example
User testuser exist. Skipping
User testuser2 created.
User user11 doens't exist. Can't update
User testuser updated. Password for user testuser updated.
User testuser2 deleted.

Add user to one engine using users file and profile file

dx_ctl_users -d Landshark5 -file /tmp/users.csv -profile /tmp/profile.csv
User sysadmin exist. Skipping
User delphix_admin exist. Skipping
User dev_admin exist. Skipping
User qa_admin created.
User dev exist. Skipping
User qa exist. Skipping
Role OWNER for target Dev Copies set for dev_admin
Role PROVISIONER for target Sources set for dev_admin
Role PROVISIONER for target Dev Copies set for qa_admin
Role OWNER for target QA Copies set for qa_admin

Example csv user file:

#operation,username,first_name,last_name,email address,work_phone,home_phone,cell_phone,type(NATIVE|LDAP),principal_credential,password,admin_priv,js_user,timeout,apiUser # comment - create a new user with Delphix authentication C,testuser,Test,User,[email protected],,555-222-222,,NATIVE,,password,Y,N,60,N # comment - create a new user with LDAP C,testuser2,Test,User2,[email protected],555-111-111,555-222-222,555-333-333,LDAP,"[email protected]",,Y,N,60,N # update existing user - non-empty values will be updated, password can't be modified in this version U,user11,FirstName,LastName,[email protected],,,,,,, U,testuser,Test,User,[email protected],,555-222-333,,NATIVE,,password,,Y # delete user D,testuser2,,,,,,,,,,,

Example csv profile file:

#Username,Type,Name,Role
testusr,group,Break Fix,read
testusr,group,QA Copies,read
testusr,group,Sources,read
testusr,databases,ASE pubs3 DB,owner
testusr,databases,AdventureWorksLT2008R2,provisioner
testusr,databases,Agile Masking,data
testusr,databases,Employee Oracle DB,data


Lock user

 dx_ctl_users -d Landshark5 -action lock -username testuser
 User testuser locked(disabled)

Unlock user

 dx_ctl_users -d Landshark5 -action unlock -username testuser
 User testuser unlocked(enabled).

Change user password

dx_ctl_users -d Landshark5 -action password -username testuser
Password:
User testuser updated. Password for user testuser updated.

Setting timeout for all users

dx_ctl_users -d Landshark5 -action timeout -username all -timeout 30
User delphix_admin updated.
User dev updated.
User user updated.
User testuser updated.
User js updated.

Force delete example - JS user own container

dx_ctl_users -d Landshark5 -file /tmp/js.csv
Cannot delete user "js" because that user is the owner of a Jet Stream data container.
Problem with delete.
User js exist. Skipping

dx_ctl_users -d Landshark5 -file /tmp/js.csv -force
Waiting for all actions to complete. Parent action is ACTION-20156
Owner js removed
User js deleted.
User js created.

Setting a SSH key for user

dx_ctl_users -d 53 -action sshkey -username admin -sshkeyfile /tmp/id_rsa.pub
SSH key for admin set.

Delphix

Clone this wiki locally