Replicating Users and Predefined Role Assignments

The scripts in this section helps you migrate users and predefined role assignments of an environment to another.

About the Scripts

You use two distinct scripts: one to replicate users across identity domains and another to replicate predefined role assignments of the users. The order for running these scripts is as follows:

  • Run the script for replicating users (replicateusers) and verify that all users are created in the target identity domain. The user running this script must have the Identity Domain Administrator and Service Administrator roles in both environments.
  • Run the script for replicating role assignments (replicatepredefinedroles).

Note:

  • If your passwords contain special characters, see Handling Special Characters
  • The scripts in this section work only for predefined roles: Service Administrator, Power User, User, and Viewer.

Running the Scripts

For information on creating the required scrips and batch files, see these topics:

Windows Steps

  1. Create replicateusers.bat, replicateusers.ps1, replicatepredefinedroles.bat, and replicatepredefinedroles.ps1 and save them in a local directory in which you have write and execute privileges.
  2. Update the batch files with information for the source and target environments, and internet proxy server, if needed.
  3. Run replicateusers.bat, which executes replicateusers.ps1. You must specify the default password to be assigned to replicated users as a command line parameter as follows:

    replicateusers.bat Pwd_for_users

  4. Run replicatepredefinedroles.bat to create role assignments identical to those that exist in the source environment.

Linux/UNIX Steps

  1. Create the replicateusers.sh and replicatepredefinedroles.sh scripts and save them in a local directory in which you have write and execute privileges.
  2. Update replicateusers.sh and replicatepredefinedroles.sh with information for the source and target environments, and internet proxy server, if needed.
  3. Run replicateusers.sh. You must specify the default password to be assigned to replicated users as a command line parameter as follows:

    ./replicateusers.sh Pwd_for_users

    If your password contains special characters, be sure to use the appropriate escape character. See Handling Special Characters.

  4. Run replicatepredefinedroles.sh script to create role assignments identical to those that exist in the source environment.