we would like to change our authentication mechanism from LDAP to SAML via Azure AAD / Entra ID. We’ve tested the SAML setup successfully, but with SAML we are forced to use the email address as our user ID. Right now, we use a different user ID, so the old users would be removed and new users would be added during migration. Thus, customized user setting such as bookmarks or views will be lost.
Is there a way to copy the current customizing settings from the old to the “new” users? Maybe by copying the .mk files from /omd/sites/sitename/var/check_mk/web/olduserID/ to …/newuserID on OS level? Do we have to face any issues using this procedure?
This is the correct location. Normally you only need to copy the files starting with “user_…” to the new user ID. Before start i would do a backup of the “~/var/check_mk/web/” folder and then restore the corresponding files to the new location after ID switch.
Bit then for example I loose the customized views, start_url und ui_theme… I copied the whole folder instead, which seems to work well. All I am missing now are the language and notification settings (temporarily disable notifications). Where do I find them on os?
Some files whithin these directories contain the owner (or something) of a view (for example), so you must also change that to the new userId.
I also found that the files ~/etc/check_mk/conf.d/wato/contacts.mk and ~/etc/check_mk/multisite.d/wato/users.mk contain some user information. Maybe you must also adapt them.
(This was at least true for cmk 2.1. For other versions I don’t know.)
This topic was automatically closed 365 days after the last reply. New replies are no longer allowed. Contact an admin if you think this should be re-opened.