I modified the create users functions from the Clone portal sample to create users in our new stack from the old portal. The script seems good, works for a few users then starts hitting 500 errors all the others (600+).
Error:
java.lang.Exception: The server at 'https://mynewportal.com:7443/arcgis/sharing/rest/community/createUser' returned an error. Unable to signup user. ["Unable to add user."]
(Error Code: 500)
Anybody have any ideas what I might be doing wrong? I thought it was a certificate issue, but that looks ok.
Thanks for any input!
from arcgis.gis import GIS
source_password = '*'
target_password = '*'
source = GIS("https://ouroldportal.com/arcgis", "arcgisportaladmin", source_password)
target = GIS("https://ournewportal.com/portal", "arcgisportaladmin", target_password)
target_admin_username = 'arcgisportaladmin'
source_users = source.users.search('!esri_ & !arcgisportaladmin', max_users=700)
for user in source_users:
print(user.username + "\t:\t" + str(user.role)+ "\t:\t" + str(user.idpUsername))
print (len(source_users))
# filter out system and initial administrator accounts
target_users = target.users.search('!esri_ & !arcgisportaladmin & !system_publisher', max_users=700)
print (target_users)
for source_user in source_users:
try:
target_user = target.users.get(source_user.username)
if target_user is not None:
print('Deleting user: ' + target_user.fullName)
target_user.reassign_to(target_admin_username)
target_user.delete()
except:
print('User {} does not exist in Target Portal'.format(source_user.username))
def copy_user(target_portal, source_user, pw):
# See if the user has firstName and lastName properties
try:
first_name = source_user.firstName
last_name = source_user.lastName
except:
# if not, split the fullName
full_name = source_user.fullName
first_name = full_name.split()[0]
try:
last_name = full_name.split()[1]
except:
last_name = 'NoLastName'
source_level = source_user.level
if source_level == str("1"):
source_role = 'org_viewer'
if source_level == str("2"):
source_role = 'org_user'
if source_user.provider == 'enterprise':
source_password = None
if source_user.provider == 'arcgis':
source_password = pw
try:
# create user
target_user = target_portal.users.create(username = source_user.email,
firstname = first_name,
lastname = last_name,
email = source_user.email,
role =source_role,
provider =source_user.provider, level=source_level, password=source_password)
# update user properties
target_user.update(source_user.access, source_user.preferredView,
source_user.description, source_user.tags,
source_user.get_thumbnail_link(),
culture=source_user.culture, region=source_user.region)
return target_user
except Exception as Ex:
print(str(Ex))
print("Unable to create user "+ source_user.username)
return None
for user in source_users:
print("Creating user: " + user.username)
copy_user(target, user, 'TestPassword@123')
Note: It is only happening on enterprise users. All "arcgis" users are created fine. The 1st enterprise user is created then all others fail....
Hi James - have you made any progress on this issue? I am following the esri "clone portal users" example and run into a similar error:
https://server.com:7443/arcgis/sharing/rest/community/createUser' returned an error. The user account cannot be created as the role assigned to it does not exist.
I am also trying to do this with IWA for a new Portal in 10.6.1. I am trying to migrate users, content, etc from the old Portal to the new Portal. I am even hard coding 'org_user' and that does not work. I print out the different built-in roles as well to make sure I am using the correct name.
Thanks,
Randy
We were experiencing the exact same issues. I was able to add the first enterprise user successfully but then all following users failed with the error message Unable to signup user. ["Unable to add user."]. Did you ever solve this? We are on 10.6.1 fully patched.
The only way we could get this working with enterprise was to add the idp_username to the list or parameters.
Have you ever resolved this? Exactly the same happened here, I could create a first user, but then I get the 500. yes, via idp_username it works, but it also allows to create users that are non-existent in the active directory which is really wierd!