migrate feature

[braggepj]

I'm hitting the issue of not being able to invite ldap users too. So I thought I would try adding the users through the API with a dummy password, and set the option ckanext.ldap.migrate = true so that when the people go to log in, they would do so with their actual ldap password, and their account would migrate over to be an ldap account.

But instead, I find that a new account gets created and new user id has "1" tacked on to the end. This is not how I interpreted the documentation. Can someone help explain what's happening? Is this a viable approach to add LDAP users in bulk?

[avowkind]

I have the same issue - wanting to invite ldap users. I would also want to prepopulate the users table with usernames and dummy passwords and then have the accounts migrated on first sign in. This is important as I need to be able to add the users to groups before their first sign in.

[edit]: I have an idea of how we are gettng the incrementing usernames.
My LDAP sign in returns an uppercase username ABCXYZ. get_or_create_ldap_user in _helpers.py calls ckan_user_exists to find the user in the ckan user table if they are not already found in the ldap_user table. This calls get_user_dict(user_name) which calls get_action(u'user_show') which I think is case sensitive. So if there is no match a new user is created. However, get_unique_user_name normalises the username to lowercase so it finds the existing user and generates user+1. Subsequent sign ins find the LDAP username string in the ldap_user table, get the user id and thence to the original username user+1.

So in order to pre-create ldap users we would need to ensure an exact match of usernames with the LDAP cn. Sadly I tried this and started getting a 500 error on sign in so there's a subsequent failure down the line.