VCD’s Development in direction of Removing Community End users… Know Much more!

Posted on by Editorial Team
7 min read

[ad_1]

When it commenced?

Commencing from version 10.4.1, we declared the deprecation of nearby consumers in VMware Cloud Director. While they are however supported throughout this time period of deprecation, we strongly advise that people start off transitioning absent from them. Irrespective of this, VMware Cloud Director will proceed to give entire assist for neighborhood users right until the closing bulletins are built.

In version 10.4.1, you could use the person administration API to remap community customers or people from an present IDP to a new IDP source. You could use this element to remap community consumers to any IDP supported by VCD.

What was supported?

Migration of nearby users to SAML, LDAP, or OIDC was possible, provided that the Identity Service provider (IDP) is correctly configured and available inside the corporation. To execute the migration, API phone calls are essential to transfer the person information throughout the different Id Suppliers.

In addition, this attribute also allows cloud directors to migrate customers involving unique Id Companies (IDPs) that are supported and configured inside the VMware Cloud Director setting. For occasion, directors can use this element to migrate end users from LDAP to SAML, amid other IDP forms.

What prompted this final decision?

Nearby buyers have been a fundamental function of VCD due to the fact its inception with model 1.. They supply a uncomplicated way to securely keep usernames and passwords in a hashed format inside of VCD. Nonetheless, the absence of up to date password management guidelines these as password rotation, complexity demands, and 2FA/MFA options, among the other individuals, has highlighted some restrictions. As a final result, this challenge was initiated to tackle these concerns.

How is this announcement progressing?

In VMware Cloud Director 10.4.2, we have launched a bulk person remapping UI attribute to assist our customers in the changeover from locally-managed consumers to an externally-managed id company procedure. The objective of this aspect is to make the migration method smoother and much more simple for our people.

All about the feature…

This characteristic is known as Bulk Consumer Migration / Remapping.

  • VMware Cloud Director 10.4.2 features a person-friendly bulk user migration choice to simplify the system of remapping customers in between diverse Identification Companies (IDPs) from the UI.

User Migration is a 3-action approach:

Phase a) Export Consumer: Select the consumer you would like to migrate to a diverse Id Supplier (IDP) and export their information to a CSV file. You can also use filters to find the certain buyers you want to migrate.

Export People

Step b) Add CSV: Edit the person attributes in the CSV file, and then proceed to upload the file with the current info.

CSV file with user homes
In the picture, you can see the identify of the uploaded file, alongside with the count of all the consumers detected in the CSV file and a couple of other particulars.

Remember to choose be aware that in this release, only adjustments made to the username and providerType person homes will be regarded. Any modifications to other fields will not be deemed. Also, it’s crucial to observe that the electronic mail ID area is nevertheless optional and not necessary.

Stage c) Update Buyers: Complete the person update technique primarily based on the information and facts presented in the CSV file.

The picture shows both of those the progress of Person Migration and the rely of buyers who has either successfully migrated, failed to migrate, or skipped the migration process. The total period taken to total the process is also displayed.

Listed here are a couple of crucial issues to keep in mind:

  1. The consumer migration takes place sequentially, with every consumer staying migrated one at a time.
  2. There are presently no limits on the amount of customers that can be migrated at as soon as.
  3. Exiting the site for the duration of the migration procedure is not permitted and will consequence in a warning concept. If the warning is accepted, the migration job will be cancelled.
  4. While it is possible to halt the user migration choice, it is not doable to avoid consumers who have by now been migrated.
  5. At the moment, it is not possible to revert back to a local providerType utilizing this tool if users are suffering from login troubles immediately after the user migration approach.
  6. If a user is migrating to the IDP that by now exists in VCD, the migration engine will skip that individual user’s migration course of action. (The skipped buyers rely will enhance by 1).
  7. In the course of the person migration to an IDP, the UserID of the user is retained, guaranteeing that all objects owned by the person remain less than their ownership. This is performed quickly.
  8. In the celebration that a person is portion of a group, the same group will have to be designed manually on the source IDP, and the person will quickly associate with the team on their initially login.
  9. Modifications built to person particulars will acquire influence both right after the scheduled synchronization operation has finished or just after the consumer logs in for the to start with time. The biographical information and facts of the consumer will be retrieved from the IDP and applied to update the facts of the migrated person in VCD.

Troubleshooting:

  • The UI will toss an mistake if there are any form or syntax problems in the CSV file.
The providerType was inaccurately specified in the impression

Be sure to be encouraged that the providerType price will have to be possibly Community, LDAP, SAML, or OAUTH as these are the only supported IDPs in VCD.

Please be aware that VCD validates the CSV file 1st right before initiating any API phone calls to have out the process.

  • To watch information and facts on end users who ended up unable to migrate or skipped, you can obtain the Mistake Report.
  • In the occasion of glitches for specific people all through the migration system, you can take care of them and then rerun the migration system. Previously migrated end users will be skipped and not influenced.
  • For more details, make sure you refer to the basic VMware Cloud Director logs.

Situations/Thoughts

Migration normally takes much too long, and the development stops. Remember to make certain that the browser window containing the migration course of action is not minimized or produced inactive and remains energetic and in focus during. If the window is minimized or designed inactive, you will need to have to prevent the process and start off once more.
The migration process has finished but users’ information are not current from the IDP Be sure to wait for the synchronization procedure in between VCD and IDP to complete or perform a guide login working with the specified person qualifications.
Can I restart the migration approach with the similar CSV file? Which is right, any people that have previously been up to date will be skipped, and the method will resume from where it left off.
Can I restart the approach for the errored migrations? If an error occurs, a download connection is out there that supplies a CSV file containing facts of the mistakes. This file can be utilized to make vital corrections and then uploaded yet again.
Can I revert the course of action? Automating this system is not possible. Basically, it is a manual method.

Remember to be recommended that this report is intended for informational functions only and signifies our greatest effort to offer accurate and practical insights.

[ad_2]

Resource url

Avatar for Editorial Team
Editorial Team https://blognewscity.com

You May Also Like

More From Author