Docker BBB Greenlight v3 openID Connect admin rights
727 views
Skip to first unread message
Leo Leonidas
May 14, 2023, 9:21:11 AM5/14/23
to BigBlueButton-Setup
Hello guys,
freshly deployed docker based bbb with greenlight v3, set the .env variables for OpenID Connect and created an admin account with "docker compose exec greenlight bundle exec rake admin:create". Don't know if I need that admin account or not as I don't see how to login with it.
Side note: I got freeipa with keycloak running for my user management.
If I now visit the bbb website and click on "sign in", I get redirected to my own private keycloak instance. I can login with my own user, works as expected and wanted. The question is, how can I give that regular user admin rights?
Detlef Köppel
May 14, 2023, 10:24:01 AM5/14/23
to bigbluebu...@googlegroups.com
The administrator can change the roles.
login users: ad...@example.com
Passwd Administrator1!
Please change after first login
Detlef
Von: bigbluebu...@googlegroups.com <bigbluebu...@googlegroups.com> im Auftrag von Leo Leonidas <leonid....@freenet.de>
Gesendet: Sonntag, 14. Mai 2023, 16:21
An: BigBlueButton-Setup <bigbluebu...@googlegroups.com>
Betreff: [bigbluebutton-setup] Docker BBB Greenlight v3 openID Connect admin rights
Gesendet: Sonntag, 14. Mai 2023, 16:21
An: BigBlueButton-Setup <bigbluebu...@googlegroups.com>
Betreff: [bigbluebutton-setup] Docker BBB Greenlight v3 openID Connect admin rights
--
You received this message because you are subscribed to the Google Groups "BigBlueButton-Setup" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bigbluebutton-s...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/bigbluebutton-setup/fe5f544c-f70c-4ba7-b25a-f1a0c29c75ffn%40googlegroups.com.
You received this message because you are subscribed to the Google Groups "BigBlueButton-Setup" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bigbluebutton-s...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/bigbluebutton-setup/fe5f544c-f70c-4ba7-b25a-f1a0c29c75ffn%40googlegroups.com.
Leo Leonidas
May 14, 2023, 10:40:07 AM5/14/23
to BigBlueButton-Setup
Hi Detlef, thanks for the quick reply. I guess I wasn't that clear on my initial post.
"If I now visit the bbb website and click on "sign in", I get redirected to my own private keycloak instance. I can login with my own user, works as expected and wanted."
So if I'm redirected to my own keycloak instance, there is no "ad...@example.com" there. This admin user lives inside big blue button eco system, right? But my keycloak instance was there before big blue button, or should this "... admin:create" command create this admin user inside my keycloak instance?
I don't know what to expect here.
A: the "admin create" command should create the admin user inside keycloak or B: I have to somehow tell greenlight: use OpenID Connect for my keycloak instance logins and greenlights own inner login mechanism when wanting to login as admin user.
Is this btw the only way to give a user admin rights (login with this admin account and set on other users)?
Detlef Köppel
May 14, 2023, 10:51:28 AM5/14/23
to bigbluebu...@googlegroups.com
docker exec -it greenlight-v3 bundle exec rake admin:create['name','email','password']
Check this ???
Von: bigbluebu...@googlegroups.com <bigbluebu...@googlegroups.com> im Auftrag von Leo Leonidas <leonid....@freenet.de>
Gesendet: Sonntag, 14. Mai 2023, 17:40
An: BigBlueButton-Setup <bigbluebu...@googlegroups.com>
Betreff: Re: [bigbluebutton-setup] Docker BBB Greenlight v3 openID Connect admin rights
An: BigBlueButton-Setup <bigbluebu...@googlegroups.com>
Betreff: Re: [bigbluebutton-setup] Docker BBB Greenlight v3 openID Connect admin rights
To view this discussion on the web visit https://groups.google.com/d/msgid/bigbluebutton-setup/122b737f-d53f-461f-b5f2-1895ca293517n%40googlegroups.com.
Leo Leonidas
May 14, 2023, 11:15:10 AM5/14/23
to BigBlueButton-Setup
Executing your command:
docker compose exec greenlight bundle exec rake admin:create['name','email','password']Gives me the following error:
Unable to create user: 'name'
Failed to pass the following validations:
["Email is invalid", "Password is invalid"]
Failed to pass the following validations:
["Email is invalid", "Password is invalid"]
Should that really be "admin:create" or was your intention to somehow list the users?
Detlef Köppel schrieb am Sonntag, 14. Mai 2023 um 16:51:28 UTC+2:
docker exec -it greenlight-v3 bundle exec rake admin:create['name','email','password']Check this ???Gesendet von Outlook für Android
Leo Leonidas
May 14, 2023, 11:55:38 AM5/14/23
to BigBlueButton-Setup
Ah I guess you really wanted me to create a new user. But I've done that like already said in my initial post.
I've executed:
docker compose exec greenlight bundle exec rake admin:create
And it showed me the following credentials, so that was done already.
# ad...@example.com
# Administrator1!
# ad...@example.com
# Administrator1!
The question is still, should this admin account be synced somehow to my keycloak instance or is it just living in the bbb eco system?
And is this the only way to give a user admin rights (login with this admin account and set the permissions other users)?
Leo Leonidas
May 14, 2023, 3:17:48 PM5/14/23
to BigBlueButton-Setup
Okay, found a way to login as admin. When OpenID Connect is setup, the "sign in" button only allows for OpenId Connect based login. Using the URL: "https://my-bbb/signin" gives the possibility to sign in via the classic method, so here you can use the admin credentials. Now I can give my user the admin role as well.
Still interested in the answer, if this is the only possible way to give a user admin rights, or is it possible to do that via keycloak (OpenId Connect)?
Thomas Maier
Jul 31, 2023, 6:30:11 AM7/31/23
to BigBlueButton-Setup
Did you get it to work, that the roles are take out of keycloak? Would be interesting for us, too.
Reply all
Reply to author
Forward
Message has been deleted
0 new messages