[chef] Re: Controlling the Chef 12 Pivotal user

[Steven Danna < >]

Hi Michael,

The pivotal user can be updated using:

    EDITOR=favorite_editor chef-server-ctl user-edit pivotal

For instance, I used this command to change pioval's email address to
use an example.com domain.  I can see my change took effect by viewing
the user:

sudo chef-server-ctl user-show pivotal
display_name: Clark Kent
email:        

 
first_name:   Clark
[...SNIP...]

To re-iterate some points that were made in the twitter thread:

For user creation, deletion, and editing, `chef-server-ctl` is
currently the go-to tool. It should work from your chef-server
directly and the documentation can be found here:

https://docs.chef.io/ctl_chef_server.html

It supports basic CRUD operations for both organizations and users.
The knife-opc and knife-acl plugins can be used for in-organization
operations such as inviting existing users to an org, manipulating
groups, or manipulating ACLs. However, since users are global objects,
creating them requires permissions that only the pivotal has in most
installation.

Cheers,

Steven

On Tue, Mar 3, 2015 at 11:35 PM, Michael Weinberg 
<
 >
 wrote:
> Taking this off twitter
> (https://twitter.com/luckymike/status/572856407692746754) and to the list.
>
> It's unclear to me how one can manage the pivotal admin user. There's no
> user editing via chef-server-ctl or knife, and the user creation seems to
> occur deep within the chef-server-core installer. What is the approach for
> controlling that user creation and/or updating the user?
>
> My goal is to be able to handle all this by wrapping the
> chef-server-ingredient cookbook.
>
> Thanks in advance!
>
> --
> Michael F. Weinberg | Director of Operations
> http://heavywaterops.com ;| @heavywaterops