Octopus Server Migration - change from domain authentication to username pass

(ali) #1

Hi there,

I had asked a question about the master key and migration earlier which you guys helped me with - thank you for that!
I thought id create a new discussion in regards to changing from Domain authentication to username pass.

I know we can switch between the two, but my question is, could we convert those existing users in octopus that were created by authenticating against the domain to standalone octopus users? and keep everything intact i.e. api keys etc?

Any help would be much appreciated.

Ali

(Dean Malone) #2

Hi Ali,

Thanks for getting in touch.

In Octopus Deploy you can have more than one identity provider associated with Octopus user accounts. There is no need to convert or create new accounts, rather you can just enable the username/password authentication provider and everything will remain intact.

Octopus.Server.exe configure --usernamePasswordIsEnabled=true

However you will need to set passwords for all the Octopus user accounts (that require interactive login) before attempting to login using username/passwords. The password can be set by the users themselves (once logged in using the current Domain authentication) or by an Octopus administrator.

Once you have verified all users have set a password and can login using that password, you can then disable the Domain authentication if no longer needed.

Octopus.Server.exe configure --activeDirectoryIsEnabled=false

Please let me know how you go with this, or if you have any further questions.

Regards,
Dean.

(Ali) #3

Hi Dean,

Thank you for your help. This works. I have tested it with my user account.

One questions, is there a way to rename usernames? Can we do it on the DB itself if octopus doesnt allow it?

This is because the username previously had old domain name which id like to remove.

so from first.last@domain.local i would like first.last

Thanks

(Dean Malone) #4

Hi Ali,

To change the usernames you can use the API.

Here is a C# script using Octopus.Client to get you started. Just modify to suit your environment, and execute with performUpdate set to false to verify the changes first. Once you are happy with the changes set performUpdate to true to actually perform the username updates via the API.

var octopusServer = "http://localhost";
var apiKey = "API-xxxxxxxxxxxxxxxxxxxxxxxxxx";

var client = new Octopus.Client.OctopusClient(new Octopus.Client.OctopusServerEndpoint(octopusServer, apiKey));
var repo = new Octopus.Client.OctopusRepository(client);

var n = 0;
var performUpdate = false; // change to true to actually save the username changes
            
var users = repo.Users.FindAll();
foreach (var user in users)
{
    if (user.Username.Contains('@'))
    {
        // Changing username from first.last@domain.local to first.last
        var usernameParts = user.Username.Split('@');                    
        var newUsername = usernameParts[0]; // ignore the @domain.local part
        Console.WriteLine($"Changing user {user.Username} to {newUsername}");

        if (performUpdate)
        {
            user.Username = newUsername;
            repo.Users.Modify(user);
        }
        n++;
    }
    else
    {
        Console.WriteLine($"Skipping user {user.Username}");
    }
}
Console.WriteLine($"Updated {n} users");

Hope that helps!

Regards,
Dean.

(Ali) #5

Hi Dean,

Thanks for the script.

I am having a bit difficulty running it.

So i tried installing nuget package but running script gave me errors about no project sultion.

i have cloned the octopus client repo but still cant manage to run it… a little help?

Much appreciate it

(Dean Malone) #6

Hi Ali,

I’m sorry this is causing issues. I suggest running the code in a .NET console app. Create a new project in Visual Studio and select Console App (.NET Framework) as the project type.

Add the nuget package Octopus.Client either via the Nuget Package Manager UI or via Package Manager Console using Install-Package Octopus.Client

Insert the code from above into the Main function in Program.cs

static void Main(string[] args)
{
    << insert script here >>
}

Hit F5 to run.

Please let me know how you go with this, or if you have any further questions.

Regards,
Dean.

(system) closed #8