Permalink
Switch branches/tags
818-check 953-ce 997-ce 1010-ce 1012-ce 1015-ce 1050-ce 1050.ce 1062-ce 1092-ce 1104-ce 1110-ce 1113-ce 1114-ce 1122-ce 1149-ce 1157-ce 1178-ce 1194-reopen 1238-ce 1250-ce 1251-ce 1252-ce 1257-ce 1308-ce SUSTAIN-788/reaper-config TheLunaticScripter-patch-1 ap/compliance-migration ap/update-automate-api-docs ascii aws-example-backups backend-failure-recovery btm/audit_mode cdn/automate-upgrade-nopostun chef-12-eol chef-13-resource-cloning chef-14-more-resources chef-14-resources chef-14-updated-resources chef-14-windows-resources chef-server-file chef-server-full-path chef-zero chefdk-install-restructure compliance-ga cookbook-s3-external-url credentials-mgmt ctl-automate-fix-typo data-collector debian-eol-policy deprecation-chocolatey-uninstall deprecation-deploy dw/automate_rel_note_updates dw/automate_1.7_bug_fix dw/less_verbose dw/update_jquery edit-resource-syntax enable-request-logging-version-tags eol-links es-and-ls-tunables fips-chef-client fix-buildkite-failures fix-chef-overview fix-data-retention-edit-link fix-plural-reporting-install fix-typo habitat-prism-removal install-dk-dpkg-rpm jcd/rewrite-support-policy jdm/include_policy jjasghar/centos7_install jjasghar/erchef jjasghar/sudo jjh/data_bag_item_example_use_abstraction jm/chefdk_3_4_release_notes kagarmoe-patch-1 kagarmoe-patch-2 kg/API-reporting kg/AWS-Auto kg/Visibility-more kg/audit-tables kg/auto-notes kg/auto17x-sidebar kg/automate_compliance kg/automate18 kg/azureportal kg/callitchef kg/compliance-api-update kg/compliance-latest kg/compliance-update kg/data-summary kg/dc-stubs kg/es-data-coll kg/fix-redirects kg/github kg/gitignore kg/kibana kg/merge-conficts kg/node-visibility kg/omnibus-list kg/privacy_policy kg/redirect3 kg/redirects kg/redirects2 kg/release_automate_18x kg/release_notes_17 kg/rename-client-page kg/resource-nav kg/sidebar-edit kg/two-guides kg/update-compliance kg/visibility kg/workstaion-shell kg/17x-automate-ctl kg/17xAdmin-Setup kgarmoe/number9 knife-environment-create lcg/deprecate-run-command lcg/namespace_collisions link-cleanup manage-symlink-source master mj/warning1 mjdkfixin multi-servers-automate mwrock-2016-1 mwrock-2016 nb/before-notification-example nb/bookshelf-sql nb/chef-airgap nb/chefdk-1-5-release-notes nb/client-13-2-release-notes nb/knife-links nb/knife-node-status nb/next-steps-automate nb/release-notes-server-12-16-9 nb/release-notes-title-updates nb/removing-for nb/rhel-system-z-support nb/server-backup nb/sphinx-build-updates nginx-welcome-page ohai-7 openstack-redirect pdf_builder platforms-table-width-adjustment praj/SUSTAIN-600 praj/delete_runner private-supermarket-install pwm/adroll rel-notes-automate-1-8-38 rel-notes-automate-dec-17 rel-notes-chef-14-update rel-notes-client-12-22-3 rel-notes-client-13-7-16 rel-notes-client-13-8 rel-notes-dk-1-6-11 rel-notes-dk-2-4-17 rel-notes-server-12-17-15 rel-notes-server-12-17-33 release-notes-chef-14 release-notes-chef-dk-2-2-1 release-notes-client-12-21-31 release-notes-dk-2-3-3 release-notes-dk-2-3-4 release-notes-server-12-16-14 relnotes-client-13-6-4 relnotes-client-various relnotes-dk-2-5 remove-compliance-release-notes remove-knife-sort remove-prism remove-ref-links2 remove-selinux-note remove-sphinx-links-pt-2 remove-vsphere resource_cleanup_v6 resource_cleanup_v9 resource_hostname resource_macos_userdefaults resource_ohai_hint resource_openssl_dhparam resource_openssl_rsa_private_key resource_openssl_rsa_public_key resource_rhsm_errata revert-948-kg/redirects revert-950-kg/redirects2 revert-1053-documentation-ip revert-1075-kg/node-visibility revert-1194-dh/update_doc_windows_service revert-1302-revert-windows-service-chef-14 revert-chef-14-stuff revert-windows-service-chef-14 robb/add-more-details-to-supermarket-reqs schisamo/automate-updates server-security sh/clarify-FIPS-statement sh/clarify-attr-file-load sh/deprecate-hide-healthy sh/document-veil-data-collector sh/example-auto-attribs sh/reindex-w-option-note sh/remove-obsolete-type sh/resize-volumes-online sh/update-fips-mode-support sh/webui-IE-issue shain/fix_bk_code shain/terraform sidebar-removals sp/windows-2019 ssd/SUSTAIN-751-2 ssd/SUSTAIN-751 ssd/chef-backend-1.4-setting ssd/chef-backend-upgrade-directions ssd/es-stale-lock-option ssd/sustain-751 stuart/windows-8-eol supermarket-contribute supermarket-options supermarket-s3 syntax-fix-relnotes-1-8-3 systemd-unit-example template-cookstyle template-copy test-provider-rebase thomascate-add-node-cleanup tm/policyfiles tm/solo_updates trevorghess-patch-1 troubleshooting-syntax true-false-class use-runners-not-build-nodes web windows-dism-fix windows-task-copy-edits workstation-syntax-fix
Nothing to show
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
397 lines (274 sloc) 11 KB

knife opc

[edit on GitHub]

The knife opc subcommand is used to manage organizations and users in Chef Server 12.

Note

Administrator permissions are required to add, remove, or edit users. To manage organizations, or change a user's assignment to an organization, the pivotal key is required. To grant a user administrator permissions, use chef-server-ctl grant-server-admin-permissions USER_NAME on the Chef server. See chef-server-ctl for details.

Note

Review the list of common options available to this (and all) knife subcommands and plugins.

config.rb Configuration

Unlike other knife subcommands the subcommands in the knife-opc plugin make API calls against the root of your Chef server installation's API endpoint.

Typically the chef_server_url for your Chef server installation may look like this:

chef_server_url 'https://chef.yourdomain.com/organizations/ORG_NAME'

To configure knife-opc, set the chef_server_root option to the root of your Chef server installation:

chef_server_root 'https://chef.yourdomain.com/'

If your chef_server_url configuration ends with /organizations/ORG_NAME (as shown above), this setting will default to https://chef.yourdomain.com/.

Note

On Chef server 12, the majority of the commands provided by this plugin can be accessed via chef-server-ctl wrapper commands. See chef-server-ctl for details.

opc user list

Show a list of all users in your Chef server installation.

Syntax

This argument has the following syntax:

$ knife opc user list (options)

Options

This argument has the following options:

-w, --with-uri
Show corresponding URIs.

Example

$ knife opc user list
alice
pivotal
$ knife opc user list -w
alice: https://chef-server.fqdn/users/alice
pivotal: https://chef-server.fqdn/users/pivotal

opc user show

Shows the details of a user in your Chef server installation.

Syntax

This argument has the following syntax:

$ knife opc user show USER_NAME (options)

Options

This argument has the following options:

-l, --with-orgs
Show the organizations of which the user is a member.

Example

$ knife opc user show alice -l
display_name:  Alice Schmidt
email:         alice@chef.io
first_name:    Alice
last_name:     Schmidt
middle_name:
organizations: acme
public_key:    -----BEGIN PUBLIC KEY-----
[...]
-----END PUBLIC KEY-----


username:     alice

opc user create

Creates a new user in your Chef server installation. The user's private key will be returned in response.

Syntax

This argument has the following syntax:

$ knife opc user create USER_NAME FIRST_NAME [MIDDLE_NAME] LAST_NAME EMAIL PASSWORD (options)

Options

This argument has the following options:

-f FILENAME, --filename FILENAME
Write private key to FILENAME rather than STDOUT.

Example

$ knife opc user create arno arno schmidt arno@chef.io password
-----BEGIN RSA PRIVATE KEY-----
[...]
-----END RSA PRIVATE KEY-----

opc user delete

Deletes the given OPC user.

Syntax

This argument has the following syntax:

$ knife opc user delete USER_NAME [-d] [-R]

Options

This argument has the following options:

-d, --no-disassociate-user
Don't disassociate the user first.
-R, --remove-from-admin-groups
If the user is a member of any org admin groups, attempt to remove from those groups. Ignored if --no-disassociate-user is set.

Example

$ knife opc user delete arno
Do you want to delete the user arno? (Y/N) Y
Checking organization memberships...
Deleting user arno.

opc user edit

Will open $EDITOR to edit a user. When finished editing, knife will update the given Chef server user.

Syntax

This argument has the following syntax:

$ knife opc user edit USER_NAME

Example

$ EDITOR=ed knife opc user edit arno
639
1,%p
{
  "username": "arno",
  "email": "arno@chef.io",
  "display_name": "arno schmidt",
  "first_name": "arno",
  "last_name": "schmidt",
  "middle_name": "",
  "public_key": "-----BEGIN PUBLIC KEY-----\n[...]\n-----END PUBLIC KEY-----\n\n"
}
/email/s/chef.io/opscode.com/p
"email": "arno@opscode.com",
wq
643
Saved arno.
$ knife opc user show arno
display_name: arno schmidt
email:        arno@opscode.io
first_name:   arno
last_name:    schmidt
middle_name:
public_key:   -----BEGIN PUBLIC KEY-----
[...]
-----END PUBLIC KEY-----


username:     arno

opc user password

Command for managing password and authentication for a user.

Syntax

This argument has the following syntax:

$ knife opc user password USER_NAME [PASSWORD | --enable_external_auth]

The last argument should either be a string to use as password or --enable_external_auth instead of a password to enable external authentication for this user.

Example

$ knife opc user password arno newpassword
{"username"=>"arno", "email"=>"arno@opscode.com", "display_name"=>"arno schmidt", "first_name"=>"arno", "last_name"=>"schmidt", "middle_name"=>"", "public_key"=>"-----BEGIN PUBLIC KEY-----\n[...]\n-----END PUBLIC KEY-----\n\n", "password"=>"newpassword", "recovery_authentication_enabled"=>true}
Authentication info updated for arno.

opc org list

Show a list of all organizations in your Chef server installation.

Syntax

This argument has the following syntax:

$ knife opc org list (options)

Options

This argument has the following options:

-w, --with-uri
Show corresponding URIs.
-a, --all-orgs
Display auto-generated hidden orgs.

Example

$ knife opc org list -w -a
acme: https://chef-server.fqdn/organizations/acme

opc org show

Shows the details of an organization in your Chef server installation.

Syntax

This argument has the following syntax:

$ knife opc org show ORG_NAME

Example

$ knife opc org show acme
full_name: Acme
guid:      cc9f9d0d4f6e7e35272e327e22e7affc
name:      acme

opc org create

Creates a new Chef server organization. The private key for the organization's validator client is returned.

Syntax

This argument has the following syntax:

$ knife opc org create ORG_NAME ORG_FULL_NAME (options)

Options

This argument has the following options:

-f FILENAME, --filename FILENAME
Write private key to FILENAME rather than STDOUT.
-a USER_NAME, --association_user USER_NAME
Associate USER_NAME with the organization after creation.

Example

$ knife opc org create acme2 "The Other Acme" -a arno
-----BEGIN RSA PRIVATE KEY-----
[...]
-----BEGIN RSA PRIVATE KEY-----

opc org delete

Deletes the given Chef server organization.

Syntax

This argument has the following syntax:

$ knife opc org delete ORG_NAME

Example

$ knife opc org delete acme2
Do you want to delete the organization acme2? (Y/N) Y
full_name: The Other Acme
guid:      2adec1140cf777a15d82d9099304da71
name:      acme2

opc org user add

Adds a user to an organization. Requires that the named organization and user both exist.

Syntax

This argument has the following syntax:

$ knife opc org user add ORG_NAME USER_NAME

Example

$ knife opc org user add acme2 alice

opc org user remove

Removes a user from an organization. Requires that the named organization and user both exist, and that the user is currently associated with the organization.

Syntax

This argument has the following syntax:

$ knife opc org user remove ORG_NAME USER_NAME

Example

$ knife opc org user remove acme2 alice