Replicação de Atribuições de Funções Predefinidas de um Ambiente para Outro.

Use os scripts desta seção para clonar atribuições de funções predefinidas de um ambiente para outro. É necessário que o usuário que está executado esses scripts tenha função de Administrador do Serviço nos dois ambientes.

Nota:

Se você estiver usando a versão PDF deste documento: para evitar quebras de linha ou informações de rodapé que impedirão a utilização desses scripts, copie-os script da Versão em HTML deste tópico.

Windows

  • Crie replicatepredefineroles.ps1 copiando o script a seguir.
    # Replicate predefined roles script
    
    param(
      [string]$epmusersource,
      [string]$epmpwdsource,
      [string]$epmurlsource,
      [string]$epmusertarget,
      [string]$epmpwdtarget,
      [string]$epmurltarget,
      [string]$proxyserverusername,
      [string]$proxyserverpassword,
      [string]$proxyserverdomain
    )
    
    $roleassignmentreport="roleassignmentreport.csv"
    
    function replicateroles
    {
        # Log into source environment
        echo "Logging into the source environment ${epmurlsource}"
        epmautomate login ${epmusersource} ${epmpwdsource} ${epmurlsource} ${proxyserverusername} ${proxyserverpassword} ${proxyserverdomain}
        echo "Creating Role Assignment Report: ${roleassignmentreport}"
        epmautomate roleAssignmentReport ${roleassignmentreport}
        echo "Downloading role assignment report"
        epmautomate downloadfile ${roleassignmentreport}
        epmautomate deletefile ${roleassignmentreport}
        epmautomate logout
    
        echo "Creating files to replicate role assignments"
    
        Get-Content ${roleassignmentreport} | ForEach-Object {
            $user=$_.split(',')[0]
            $rolename=$_.split(',')[4]
    
            if ($rolename -like '*User' -And $rolename -notlike '*Power User') {
                $rolenamearray=$rolename.split(" ")
                $arraysize=$rolenamearray.count
                $rolename="User"
                if ($arraysize.count -le 2) {
                    echo "${user}" | Out-File -Append -Encoding "UTF8" "role-${rolename}.csv" 
                }
            }
            elseif ($rolename -like '*Viewer') {
                $rolenamearray=$rolename.split(" ")
                $arraysize=$rolenamearray.count
                $rolename="Viewer"
                if ($arraysize -le 2) {
                    echo "${user}" | Out-File -Append -Encoding "UTF8" "role-${rolename}.csv" 
                }
            }
            elseif ($rolename -like '*Power User') {
                $rolenamearray=$rolename.split(" ")
                $arraysize=$rolenamearray.count
                $rolename="Power User"
                if ($arraysize -le 3) {
                    echo "${user}" | Out-File -Append -Encoding "UTF8" "role-${rolename}.csv" 
                }
            }
            elseif ($rolename -like '*Service Administrator') {
                $rolenamearray=$rolename.split(" ")
                $arraysize=$rolenamearray.count
                $rolename="Service Administrator"
                if ($arraysize -le 3) {
                    echo "${user}" | Out-File -Append -Encoding "UTF8" "role-${rolename}.csv" 
                }
            }
            elseif ($rolename -like 'Planner') {
                echo "${user}" | Out-File -Append -Encoding "UTF8" "role-User.csv" 
            }
        }
    
        # Add header and format
        $rolefiles = Get-ChildItem "role-*.csv"
        foreach ($rolefile in $rolefiles) {
            $rolefilecontent = Get-Content "$rolefile" 
            $headerline='User Login'
            Set-Content $rolefile -value $headerline,$rolefilecontent
            $txt = [io.file]::ReadAllText("$rolefile") -replace "`r`n","`n"
            [io.file]::WriteAllText("$rolefile", $txt)
        }
    
        # Log into target environment 
        echo "Logging into target environment ${epmurltarget}"
        epmautomate login ${epmusertarget} ${epmpwdtarget} ${epmurltarget} ${proxyserverusername} ${proxyserverpassword} ${proxyserverdomain}
    
        $rolefiles = Get-ChildItem "role-*.csv"
        foreach ($rolefile in $rolefiles) {
            $rolenamecsv=$rolefile.BaseName.split('-')[1]
            $rolename=$rolenamecsv.split('.')[0]
            epmautomate deletefile "${rolefile}" | Out-Null
            echo "Uploading file ${rolefile}"
            epmautomate uploadfile "${rolefile}"
            echo "Assigning ${rolename} roles"
            epmautomate assignRole "role-${rolename}.csv" "${rolename}"
            epmautomate deletefile "role-${rolename}.csv"
        }
        epmautomate logout
        rm deletefile*.log | Out-Null
    }
    
    function init
    {
        # delete ${role}.csv files
        $rolefiles = Get-ChildItem "role-*.csv"
        foreach ($rolefile in $rolefiles) {
            $rolefileexists=Test-Path $rolefile
            if ($rolefileexists) {
                rm "${rolefile}"
            }
        }
    }
    
    echo "Replicaton of predefined role assignments started"
    init
    replicateroles
    echo "Replicate predefined roles script completed"
    
  • Crie replicatepredefineroles.bat copiando o script a seguir.
    @ECHO OFF
    SET thisdir=%~dp0
    SET scriptpath=%thisdir%replicatepredefinedroles.ps1
    
    REM --- USER DEFINED VARIABLES
    REM --- CONNECTION INFORMATION: SOURCE SERVICE --------
    set epmusersource="example_IDM_Admin"
    set epmpwdsource="examplePassword"
    set epmurlsource="https://source_example.oraclecloud.com"
    
    REM --- CONNECTION INFORMATION: TARGET SERVICE ----------
    set epmusertarget="example_IDM_Admin"
    set epmpwdtarget="examplePassword"
    set epmurltarget="https://target_example.oraclecloud.com"
    
    REM --- INTERNET PROXY SETTINGS: DELETE IF NOT USING A PROXY SERVER ---
    set proxyserverusername=exampleProxyServerHost
    set proxyserverpassword=exampleProxyServerPassword
    set proxyserverdomain=exampleProxyServerDomain
    
    REM ---DELETE PROXY SERVER DIRECTIVES IF NOT USED ----------------
    
    PowerShell -NoProfile -ExecutionPolicy Bypass -Command "& '%scriptpath%' -epmusersource '%epmusersource%' -epmpwdsource '%epmpwdsource%' -epmurlsource '%epmurlsource%' -epmusertarget '%epmusertarget%' -epmpwdtarget '%epmpwdtarget%' -epmurltarget '%epmurltarget%' -proxyserverusername '%proxyserverusername%' -proxyserverpassword '%proxyserverpassword%' -proxyserverdomain '%proxyserverdomain%'"
  • Atualize replicatepredefineroles.bat conforme necessário. Na tabela a seguir, veja informações sobre os valores que você deverá definir par as propriedades desse arquivo.

Atualização de replicatepredefineroles.bat

Parâmetro Descrição
epmusersource Nome de usuário de um usuário com funções de Administrador do Domínio de Identidade e Administrador do Serviço no ambiente de origem.

Exemplos:

Windows: set epmusersource="jDoe"

Linux/UNIX: epmusersource="jDoe"

epmpwdsource Senha do usuário ou o caminho absoluto do arquivo de senha criptografada.

Exemplos:

Windows: set epmpwdsource="Example"

Linux/UNIX: epmpwdsource="Example"

epmurlsource URL do ambiente de onde os usuários serão copiados.

Exemplos:

Windows: set epmurlsource="https://example.oraclecloud.com"

Linux/UNIX: epmurlsource="https://example.oraclecloud.com"

epmusertarget Nome de usuário de um usuário com funções de Administrador do Domínio de Identidade e Administrador do Serviço no ambiente de destino.

Exemplos:

Windows: set epmusertarget="John.Doe"

Linux/UNIX: set epmusertarget="John.Doe"

epmpwdtarget Senha do usuário ou o caminho absoluto do arquivo de senha criptografada.

Exemplos:

Windows: set epmpwdtarget="Example1"

Linux/UNIX: epmpwdtarget="Example1"

epmurltarget URL do ambiente em que os usuários serão criados.

Exemplos:

Windows: set epmurltarget="https://example.oraclecloud.com"

Linux/UNIX: epmurltarget="https://example.oraclecloud.com"

proxyserverusername O nome do usuário para autenticar uma sessão segura no servidor proxy que controla o acesso à internet. Exclua todas as ocorrências dessa propriedade caso ela não seja usada.

Exemplos:

Windows: set proxyserverusername="Example"

Linux/UNIX: proxyserverusername="Example"

proxyserverpassword A senha para autenticar o usuário no servidor proxy. Exclua todas as ocorrências dessa propriedade caso ela não seja usada.

Exemplos:

Windows: set proxyserverpassword="examplePwd"

Linux/UNIX: proxyserverpassword="examplePwd"

proxyserverdomain O nome do domínio definido para o servidor proxy. Exclua todas as ocorrências dessa propriedade caso ela não seja usada.

Exemplos:

Windows: set proxyserverdomain="exampleDom"

Linux/UNIX: proxyserverdomain="exampleDom"

Linux/UNIX

  • Crie replicatepredefineroles.sh copiando o script a seguir.
    #!/bin/sh
    
    # USER DEFINED VARIABLES
    # ENVIRONMENT VARIABLES
    javahome="/home/user1/jdk160_35"
    epmautomatescript="/home/exampleAdmin/epmautomate/bin/epmautomate.sh"
    
    #---- CONNECTION INFORMATION: SOURCE SERVICE ---------
    epmusersource="example_IDM_Admin"
    epmpwdsource="examplePassword"
    epmurlsource="https://source_example.oraclecloud.com"
    
    #---- CONNECTION INFORMATION: TARGET SERVICE ---------
    epmusertarget="example_IDM_Admin"
    epmpwdtarget="examplePassword"
    epmurltarget="https://target_example.oraclecloud.com"
    
    #--- INTERNET PROXY SETTINGS: DELETE IF NOT USING A PROXY SERVER ----
    proxyserverusername="exampleProxyServerHost"
    proxyserverpassword="exampleProxyServerPassword"
    proxyserverdomain="exampleProxyServerDomain"
    
    #---------------------
    
    roleassignmentreport="roleassignmentreport.csv"
    export JAVA_HOME=${javahome}
    
    replicateroles()
    {
        # Log into source service
        # ---DELETE PROXY SERVER DIRECTIVES IF NOT USED ----
        echo "Logging into source serviceat ${epmurlsource}"
        ${epmautomatescript} login ${epmusersource} ${epmpwdsource} ${epmurlsource} ${proxyserverusername} ${proxyserverpassword} ${proxyserverdomain}
        echo "Creating Role Assignment Report: ${roleassignmentreport}"
        ${epmautomatescript} roleAssignmentReport ${roleassignmentreport}
        echo "Downloading Role Assignment Report"
        ${epmautomatescript} downloadfile ${roleassignmentreport}
        ${epmautomatescript} deletefile ${roleassignmentreport}
        ${epmautomatescript} logout
    
        echo "Creating required files"
        while read line
        do
            user=$(echo "${line}" | cut -d',' -f1)
            rolename=$(echo "${line}" | cut -d',' -f5)
    
            if [[ "$rolename" == *"User" ]] && [[ "$rolename" != "*Power User" ]]
            then
                count=$(echo "${rolename}" | wc -w);
                rolename="User"
                if [[ $count -le 2 ]]
                then
                    echo "${user}" >> "role-${rolename}.csv" 
                fi
            elif [[ "$rolename" == *"Viewer" ]] 
            then
                count=$(echo "${rolename}" | wc -w);
                rolename="Viewer"
                if [[ $count -le 2 ]]
                then
                    echo "${user}" >> "role-${rolename}.csv" 
                fi
            elif [[ "$rolename" == *"Power User" ]] 
            then
                count=$(echo "${rolename}" | wc -w);
                rolename="Power User"
                if [[ $count -le 3 ]]
                then
                    echo "${user}" >> "role-${rolename}.csv" 
                fi
            elif [[ "$rolename" == *"Service Administrator" ]] 
            then
                count=$(echo "${rolename}" | wc -w);
                rolename="Service Administrator"
                if [[ $count -le 3 ]]
                then
                    echo "${user}" >> "role-${rolename}.csv" 
                fi
            elif [[ "$rolename" == "Planner" ]] 
            then
                    echo "${user}" >> "role-User.csv" 
            fi
        done < ${roleassignmentreport}
    
        # write header line
        for f in role-*.csv
        do
            sed -i '1iUser Login' "$f"
        done
    
        # Logging in the Target service
        echo "Logging into the target service ${epmurltarget}"
        ${epmautomatescript} login ${epmusertarget} ${epmpwdtarget} ${epmurltarget} ${proxyserverusername} ${proxyserverpassword} ${proxyserverdomain}
    
        for rolefile in role-*.csv
        do
            rolenamecsv=$(echo "$rolefile" | cut -d'-' -f2)
            rolename=$(echo "$rolenamecsv" | cut -d'.' -f1)
            ${epmautomatescript} deletefile "${rolefile}" > /dev/null 2>&1
            echo "Uploading file ${rolefile}"
            ${epmautomatescript} uploadfile "${rolefile}"
            echo "Assigning roles"
            ${epmautomatescript} assignrole "${rolefile}" "${rolename}"
            ${epmautomatescript} deletefile "${rolefile}"
        done
    
        ${epmautomatescript} logout
        rm deletefile*.log > /dev/null 2>&1
    }
    
    init()
    {
        # delete role-${role}.csv files
        for f in role-*.csv
        do
            rm "$f" > /dev/null 2>&1
        done
    }
    
    echo "Replicate Predefined Roles script started"
    init
    replicateroles
    echo "Replicate Predefined Roles script completed"
  • Atualize replicatepredefineroles.sh. Veja a tabela anterior para obter informações sobre os valores que você deve especificar. Além disso, você deve especificar os valores para estas propriedades:

    • javahome: o caminho absoluto para o diretório em que o Java está instalado.
    • epmautomatescript: a localização de epmautomatescript.sh; por exemplo, epmautomatescript="/home/user1/epmautomate/bin/epmautomate.sh"