Strange cptool / ExternalAccount behavior
Hello, all.
One of our External systems uses the user's last name as part of it's authentication, even if the last name has a space or apostrophe in it!!
So, for example, the cptool command would be
cptool set user joeiscool ExternalAccount = 'otherSystem|Is Cool|1111'
Everything is fine when I run it as is above.
However, if I use "cptool process file" .... and have
set user joeiscool ExternalAccount = 'otherSystem|Is Cool|1111'
as one of the commands in the file, I get an error:
ERROR: External Account must have the following format:
externalSystemName|ExternalSystemID|ExternalSystemCredential
(credential can be blank, but you must have both '|' symbols)
Note that if you are running from a command line, you may need to enclose the ExternalAccount in single quotes:
That's one problem
The second, is that last names with apostrophes are messing up everyone!
How would names with apostrophes (') be handled like
set user BobOReilly ExternalAccount='otherSystem|O'Reilly|2222'
Because of the apostrophes, now I have a bunch of users with an External Account of
'otherSystem
instead of
otherSystem
:(
What is the best way to remove particular ExternalAccount (s) from a user's setting?
for example, note the 'voyager and the voyager accounts below.
[lumadmin@luminis4-1]$ cptool get user hopkinca ExternalAccount
{ sct : 111 }, { 'voyager : Abbe }, { voyager : Abbe }
Thanks for any input you can provide!!
- hopkinca's blog
- Login or register to post comments
Hack Your Knowledge
Recent blog posts
- Luminis IV GCF Single Sign On with OSX=Failure PC=Working
- Cisco 4710 - Load Balancer
- First CPIP - ERROR
- Luminis Developer Job Available w/ Stable Organization
- Luminus Developer Job
- SSO to SSB mixed content error in IE
- Avoid email sending when add or delete user from group
- Luminis components
- Luminis 4 & Groupwise 7
- Luminis Developer Needed for Position w/ Stable Organization
Developer Links
Poll
- Login or register to post comments
- Older polls
Syndicate
Comments
set user <user> ExternalAccount and cptool process file ''
I found that it wasn't the apostrophes in the names that were causing problems, it was this:
instead of having a file for cptool process file to process like this:
set user user1 ExternalAccount='someAccount|somename|somepassword'
set user user2 ExternalAccount='someAccount|somename2|somepassword'
etc
etc
I changed it to remove the single quotes around the external account so it looks like this:
set user user1 ExternalAccount=someAccount|somename|somepassword
set user user2 ExternalAccount=someAccount|somename2|somepassword
etc
etc
(notice lack of single quotes)
This works even if somename has an apostrophe in it.
Turns out you don't need the single quotes, at least when you are processing these commands in batch using cptool process file ......
Thanks, Bill, for pointing me in the right direction!
But I'm still having problems creating accounts when the external account uses a credential with a space in it. -a ................... in ExternalAccount area.
And I still don't know how to remove bad ExternalAccount info in a user's ExternalAccount info ..... (see it when I run cptool get user
removing bad ExternalAccount info
I'm just trying this out just now, but it looks like you can use ldapmodify to clean up those accounts. It seems to work...
Use an ldif file like this:
This doesn't remove the pdsPssEntry attribute (that has the encrypted password), but that doesn't *seem* to matter (maybe someone can correct me if it does). I'm not done testing yet but it looks good. Let me know if this works for you.