Red Hat SummitChapter 11. auth-source
Manipulate auth sources
Usage
hammer auth-source [OPTIONS] SUBCOMMAND [ARG] ...
# hammer auth-source [OPTIONS] SUBCOMMAND [ARG] ...Options
-
-h,--help– Print help
11.1. auth-source external
Manage external auth sources
Usage
hammer auth-source external [OPTIONS] SUBCOMMAND [ARG] ...
# hammer auth-source external [OPTIONS] SUBCOMMAND [ARG] ...Options
-
-h,--help– Print help
11.1.1. auth-source external info
Show an external authentication source
Usage
hammer auth-source external <info|show> [OPTIONS]
# hammer auth-source external <info|show> [OPTIONS]Options
-
--fields LIST– Show specified fields or predefined field sets only. (See below) -
--id VALUE -
--location VALUE– Set the current location context for the request -
--location-id NUMBER– Set the current location context for the request -
--location-title VALUE– Set the current location context for the request -
--name VALUE– Name to search by -
--organization VALUE– Set the current organization context for the request -
--organization-id NUMBER– Set the current organization context for the request -
--organization-title VALUE– Set the current organization context for the request -
-h,--help– Print help
Predefined field sets
| FIELDS | ALL | DEFAULT | THIN |
|---|---|---|---|
| Id | x | x | x |
| Name | x | x | x |
| Locations/ | x | x | |
| Organizations/ | x | x |
11.1.2. auth-source external list
List external authentication sources
Usage
hammer auth-source external <list|index> [OPTIONS]
# hammer auth-source external <list|index> [OPTIONS]Options
-
--fields LIST– Show specified fields or predefined field sets only. (See below) -
--location VALUE– Set the current location context for the request -
--location-id NUMBER– Scope by locations -
--location-title VALUE– Set the current location context for the request -
--order VALUE– Sort and order by a searchable field, e.g.<field> DESC -
--organization VALUE– Set the current organization context for the request -
--organization-id NUMBER– Scope by organizations -
--organization-title VALUE– Set the current organization context for the request -
--page NUMBER– Page number, starting at 1 -
--per-page VALUE– Number of results per page to return,allto return all results -
--search VALUE– Filter results -
-h,--help– Print help
Predefined field sets
| FIELDS | ALL | DEFAULT | THIN |
|---|---|---|---|
| Id | x | x | x |
| Name | x | x | x |
Search and order fields
-
id– integer -
location– string -
location_id– integer -
name– string -
organization– string -
organization_id– integer
11.1.3. auth-source external update
Update organization and location for Auth Source
Usage
hammer auth-source external update [OPTIONS]
# hammer auth-source external update [OPTIONS]Options
-
--id VALUE -
--location VALUE– Set the current location context for the request -
--location-id NUMBER– Set the current location context for the request -
--location-ids LIST– REPLACE locations with given ids -
--location-title VALUE– Set the current location context for the request -
--location-titles LIST -
--locations LIST -
--name VALUE -
--new-name VALUE -
--organization VALUE– Set the current organization context for the request -
--organization-id NUMBER– Set the current organization context for the request -
--organization-ids LIST– REPLACE organizations with given ids. -
--organization-title VALUE– Set the current organization context for the request -
--organization-titles LIST -
--organizations LIST -
-h,--help– Print help
11.2. auth-source ldap
Manage LDAP auth sources
Usage
hammer auth-source ldap [OPTIONS] SUBCOMMAND [ARG] ...
# hammer auth-source ldap [OPTIONS] SUBCOMMAND [ARG] ...Options
-
-h,--help– Print help
11.2.1. auth-source ldap create
Create an LDAP authentication source
Usage
hammer auth-source ldap create [OPTIONS]
# hammer auth-source ldap create [OPTIONS]Options
-
--account VALUE -
--account-password VALUE– Required if onthefly_register is true -
--attr-firstname VALUE– Required if onthefly_register is true -
--attr-lastname VALUE– Required if onthefly_register is true -
--attr-login VALUE– Required if onthefly_register is true -
--attr-mail VALUE– Required if onthefly_register is true -
--attr-photo VALUE -
--base-dn VALUE -
--groups-base VALUE– Groups base DN -
--host VALUE– The hostname of the LDAP server -
--ldap-filter VALUE– LDAP filter -
--ldap-group-membership ENUMType of group membership to use, applicable only when server_type is posix, free_ipa or netiq. Option rfc4519 is only applicable when server_type is posix. Possible value(s):posix,rfc4519,nis_netgroups -
--location VALUE– Set the current location context for the request -
--location-id NUMBER– Set the current location context for the request -
--location-ids LIST– REPLACE locations with given ids -
--location-title VALUE– Set the current location context for the request -
--location-titles LIST -
--locations LIST -
--name VALUE -
--onthefly-register BOOLEAN -
--organization VALUE– Set the current organization context for the request -
--organization-id NUMBER– Set the current organization context for the request -
--organization-ids LIST– REPLACE organizations with given ids. -
--organization-title VALUE– Set the current organization context for the request -
--organization-titles LIST -
--organizations LIST -
--port NUMBER– Defaults to 389 -
--server-type ENUM– Type of the LDAP server Possible value(s):free_ipa,active_directory,posix,netiq -
--tls BOOLEAN -
--use-netgroups BOOLEAN– Use NIS netgroups instead of posix groups, applicable only when server_type is posix or free_ipa. Deprecated in favor of ldap_group_membership = nis_netgroups -
--usergroup-sync BOOLEAN– Sync external user groups on login -
-h,--help– Print help
11.2.2. auth-source ldap delete
Delete an LDAP authentication source
Usage
hammer auth-source ldap <delete|destroy> [OPTIONS]
# hammer auth-source ldap <delete|destroy> [OPTIONS]Options
-
--id VALUE -
--location VALUE– Set the current location context for the request -
--location-id NUMBER– Set the current location context for the request -
--location-title VALUE– Set the current location context for the request -
--name VALUE– Name to search by -
--organization VALUE– Set the current organization context for the request -
--organization-id NUMBER– Set the current organization context for the request -
--organization-title VALUE– Set the current organization context for the request -
-h,--help– Print help
11.2.3. auth-source ldap info
Show an LDAP authentication source
Usage
hammer auth-source ldap <info|show> [OPTIONS]
# hammer auth-source ldap <info|show> [OPTIONS]Options
-
--fields LIST– Show specified fields or predefined field sets only. (See below) -
--id VALUE -
--location VALUE– Set the current location context for the request -
--location-id NUMBER– Set the current location context for the request -
--location-title VALUE– Set the current location context for the request -
--name VALUE– Name to search by -
--organization VALUE– Set the current organization context for the request -
--organization-id NUMBER– Set the current organization context for the request -
--organization-title VALUE– Set the current organization context for the request -
-h,--help– Print help
Predefined field sets
| FIELDS | ALL | DEFAULT |
|---|---|---|
| Server/id | x | x |
| Server/name | x | x |
| Server/server | x | x |
| Server/ldaps | x | x |
| Server/port | x | x |
| Server/server type | x | x |
| Account/account username | x | x |
| Account/base dn | x | x |
| Account/groups base dn | x | x |
| Account/use netgroups | x | x |
| Account/ldap group membership | x | x |
| Account/ldap filter | x | x |
| Account/automatically create accounts? | x | x |
| Account/usergroup sync | x | x |
| Attribute mappings/login name attribute | x | x |
| Attribute mappings/first name attribute | x | x |
| Attribute mappings/last name attribute | x | x |
| Attribute mappings/email address attribute | x | x |
| Attribute mappings/photo attribute | x | x |
| Locations/ | x | x |
| Organizations/ | x | x |
11.2.4. auth-source ldap list
List all LDAP authentication sources
Usage
hammer auth-source ldap <list|index> [OPTIONS]
# hammer auth-source ldap <list|index> [OPTIONS]Options
-
--fields LIST– Show specified fields or predefined field sets only. (See below) -
--location VALUE– Set the current location context for the request -
--location-id NUMBER– Scope by locations -
--location-title VALUE– Set the current location context for the request -
--order VALUE– Sort and order by a searchable field, e.g.<field> DESC -
--organization VALUE– Set the current organization context for the request -
--organization-id NUMBER– Scope by organizations -
--organization-title VALUE– Set the current organization context for the request -
--page NUMBER– Page number, starting at 1 -
--per-page VALUE– Number of results per page to return,allto return all results -
--search VALUE– Filter results -
-h,--help– Print help
Predefined field sets
| FIELDS | ALL | DEFAULT | THIN |
|---|---|---|---|
| Id | x | x | x |
| Name | x | x | x |
| Server | x | x | |
| Port | x | x | |
| Ldaps? | x | x |
Search and order fields
-
id– integer -
location– string -
location_id– integer -
name– string -
organization– string -
organization_id– integer
11.2.5. auth-source ldap update
Update an LDAP authentication source
Usage
hammer auth-source ldap update [OPTIONS]
# hammer auth-source ldap update [OPTIONS]Options
-
--account VALUE -
--account-password VALUE– Required if onthefly_register is true -
--attr-firstname VALUE– Required if onthefly_register is true -
--attr-lastname VALUE– Required if onthefly_register is true -
--attr-login VALUE– Required if onthefly_register is true -
--attr-mail VALUE– Required if onthefly_register is true -
--attr-photo VALUE -
--base-dn VALUE -
--groups-base VALUE– Groups base DN -
--host VALUE– The hostname of the LDAP server -
--id VALUE -
--ldap-filter VALUE– LDAP filter -
--ldap-group-membership ENUMType of group membership to use, applicable only when server_type is posix, free_ipa or netiq. Option rfc4519 is only applicable when server_type is posix. Possible value(s):posix,rfc4519,nis_netgroups -
--location VALUE– Set the current location context for the request -
--location-id NUMBER– Set the current location context for the request -
--location-ids LIST– REPLACE locations with given ids -
--location-title VALUE– Set the current location context for the request -
--location-titles LIST -
--locations LIST -
--name VALUE -
--new-name VALUE -
--onthefly-register BOOLEAN -
--organization VALUE– Set the current organization context for the request -
--organization-id NUMBER– Set the current organization context for the request -
--organization-ids LIST– REPLACE organizations with given ids. -
--organization-title VALUE– Set the current organization context for the request -
--organization-titles LIST -
--organizations LIST -
--port NUMBER– Defaults to 389 -
--server-type ENUM– Type of the LDAP server Possible value(s):free_ipa,active_directory,posix,netiq -
--tls BOOLEAN -
--use-netgroups BOOLEAN– Use NIS netgroups instead of posix groups, applicable only when server_type is posix or free_ipa. Deprecated in favor of ldap_group_membership = nis_netgroups -
--usergroup-sync BOOLEAN– Sync external user groups on login -
-h,--help– Print help
11.3. auth-source list
List all auth sources
Usage
hammer auth-source <list|index> [OPTIONS]
# hammer auth-source <list|index> [OPTIONS]Options
-
--fields LIST– Show specified fields or predefined field sets only. (See below) -
--location VALUE– Set the current location context for the request -
--location-id NUMBER– Scope by locations -
--location-title VALUE– Set the current location context for the request -
--order VALUE– Sort and order by a searchable field, e.g.<field> DESC -
--organization VALUE– Set the current organization context for the request -
--organization-id NUMBER– Scope by organizations -
--organization-title VALUE– Set the current organization context for the request -
--page NUMBER– Page number, starting at 1 -
--per-page VALUE– Number of results per page to return,allto return all results -
--search VALUE– Filter results -
-h,--help– Print help
Predefined field sets
| FIELDS | ALL | DEFAULT | THIN |
|---|---|---|---|
| Id | x | x | x |
| Name | x | x | x |
| Type of auth source | x | x |
Search and order fields
-
id– integer -
location– string -
location_id– integer -
name– string -
organization– string -
organization_id– integer
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}