Does adding active directory authentication help at all if you are not using the webui?


#1

I have another question regarding adding users from AD into chef without the UI. I am thinking that there is no usefulness unless you have the webui installed?

Thanks


#2

That is correct, user passwords are only used with the web interface.


#3

Thanks coderanger, so I would just create users manually using chef-server-ctl user-create? Associate them to the organization, export their client.pem key and email it to them? Which I remember is what the webui does when you invite a user?

Thanks again


#4

Yep, that’s the easiest option probably.


#5

Thanks again, hopefully last question :slight_smile: so using chef-server-ctl user-create what is the password entered used for?


#6

Nothing, the name and email are also unused.


#7

is the password used for anything?


#8

I mean it ends up in the user record in the database, but not much in the non-premium features uses the APIs that involve it so functionally speaking no. If you use oc-id for a private supermarket it would be used there I guess.


#9

There’s nothing using this information currently. You could leverage that for systems in and around Chef. Chef is often a piece of your automation infrastructure, not the whole solution.