Tuesday, 2020-09-15

« Monday, 2020-09-14 Index Wednesday, 2020-09-16 »
*** zenkuro has quit IRC01:24
*** apevec has joined #softwarefactory06:20
*** jpena|off is now known as jpena07:49
*** sshnaidm|afk is now known as sshnaidm08:04
*** harrymichal has joined #softwarefactory08:19
*** harrymichal has quit IRC08:43
*** harrymichal has joined #softwarefactory08:44
*** zenkuro has joined #softwarefactory09:08
sfbenderMerged software-factory/shake-factory master: Add pythonDocAction to generate pdocumentation  https://softwarefactory-project.io/r/1950009:14
*** harrymichal has quit IRC09:34
*** jpena is now known as jpena|lunch11:35
*** brendangalloway has joined #softwarefactory11:56
brendangallowayHello - we had to change the ldap server that softwarefactory authenticates against.  We updated the sfconfig.yaml to point to the new server and ran sfconfig --skip-install.  The settings update appears to have worked correctly, but now when we attempt to log in we get " Error: this username is already registered with a different Identity11:59
brendangallowayProvider".  Is there some way to migrate the existing users to authenticate against the new server?11:59
*** rfolco|ruck has joined #softwarefactory12:03
tristanCbrendangalloway: i think you would need to do a manual database modification to update user's idp. mhu do you recall if we already did such a thing?12:09
*** lpeens_netronome has joined #softwarefactory12:13
tristanCmhu: it seems like username <-> idp relation is defined in the cauth.auth_mapping tables, would an update to set the new idp domain enough to migrate users from one idp to another?12:18
*** brendangalloway has quit IRC12:18
mhutristanC, what's the use case? I think you'd also have to ensure the uid of the user in the new idp remains the same12:20
mhuthis table IIRC is used to manage user changes within sf, like using a different email that the github one for example12:21
mhuso we need a reference to the uid of the user on the idp12:21
tristanCmhu: it's for brendangalloway, it seems like he changed the ldap server and that resulted in loggin to be blocked because of the `this username is already registered with a different idp` error12:24
tristanCmhu: i guess the idp is the same, it's just a different server?12:24
*** sshnaidm has quit IRC12:25
mhutristanC, right, I didn't see the history12:26
mhuso yeah, if it were me I'd get in the db and alter the affected columns12:27
mhubut that's pretty hacky12:27
tristanCmhu: what other columns would be affected?12:28
mhucolumn, sorry12:28
tristanCmhu: alright, lets let him know when he comes back12:30
mhuI'm checking cauth to confirm12:30
mhudomain should be set to the "host" value in the LDAP config section12:32
mhuprovided, of course, that the users have kept the same ldap uids12:32
tristanCmhu: i guess the core issue is that we use the ldap url as an id instead of a generic name12:32
mhuin case you'd want to authenticate against several LDAP servers12:33
mhuif the uids have changed, they need to match the new dn of the user12:33
*** jpena|lunch is now known as jpena12:36
*** sshnaidm has joined #softwarefactory12:50
lpeens_netronomeHi. Just so there is some closure, I've been working with brendangalloway to fix our cauth issue, updating the idp domain column in the database with the new ldap_url did work for us, thanks for the help.13:44
tristanClpeens_netronome: thank you for the feedback, glad this fixed your issue :-)13:49
*** lpeens_netronome has quit IRC13:56
*** logan- has quit IRC14:00
*** logan_ has joined #softwarefactory14:00
*** logan_ is now known as logan-14:00
*** apevec has quit IRC14:12
*** jpena is now known as jpena|off16:56
*** apevec has joined #softwarefactory18:38
*** apevec has quit IRC18:49
*** rfolco|ruck has quit IRC22:51
« Monday, 2020-09-14 Index Wednesday, 2020-09-16 »

Generated by irclog2html.py 2.17.2 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!