How to handle changes to active directory sAMAccountName
our IT team is using full names/abbreviated names in sAMAccountName however they plan to switch to initials.
We have been talking about how to proceed with such a change for TC. We tested it shortly and seems TC is deleting and creating users.
Currently we have createUsers and deleteUsers set to true
teamcity.options.createUsers=true
teamcity.options.deleteUsers=true
Would it help to disable both and setting teamcity.options.users.synchronize to true?
My immediate thought would go to tampering with the database 😢
Please sign in to leave a comment.
Hi Joseph,
there is a couple possibilities at hand here, depending on how you want to handle the synchronization.
If the users should keep in TeamCity the old username, you can set up in the LDAP properties a property that keeps a reference to the old username, then set up your LDAP sync settings in the ldap-config.properties file so that said property is used to sync the users with TeamCity via the teamcity.users.username property.
The other option would be to, after the upgrade to the LDAP server, use the REST API to change the users' usernames accordingly. Some samples on handling users via the REST API are available here: https://confluence.jetbrains.com/display/TCD10/REST+API#RESTAPI-Users.
Could you check whether this options would be applicable for your situation?
I just want users to keep their user profile, selected project view, and still be able to log in after the upgrade. With their new ldap login.
What properties do I have to change to make it work? and we might want to do both actually to ensure we can enable createusers and deleteusers afterward.
I have checked the REST API and definitely better then messing with database :|