Name | nestedaaddb JSON |
Version |
0.2.1
JSON |
| download |
home_page | |
Summary | A package that allows to sync Nested AAD Group to DataBricks |
upload_time | 2023-11-17 21:28:45 |
maintainer | |
docs_url | None |
author | |
requires_python | >=3.7 |
license | |
keywords |
databricks
scim
nested aad
|
VCS |
|
bugtrack_url |
|
requirements |
No requirements were recorded.
|
Travis-CI |
No Travis.
|
coveralls test coverage |
No coveralls.
|
# nested-aad-scim-connector
<a href="https://pypistats.org/packages/nestedaaddb">
<img alt="PyPI - Downloads" src="https://img.shields.io/pypi/dm/nestedaaddb?label=PyPi%20Downloads&link=https%3A%2F%2Fpypistats.org%2Fpackages%2Fnestedaaddb">
</a>
<a href="https://pypi.org/project/nestedaaddb/">
<img alt="PyPI" src="https://img.shields.io/pypi/v/nestedaaddb?link=https%3A%2F%2Fpypi.org%2Fproject%2Fnestedaaddb%2F">
</a>
This utility provides ability to sync Users and Groups from AAD to Databricks. This application allows to sync [**nested groups**](https://learn.microsoft.com/en-us/azure/active-directory/fundamentals/how-to-manage-groups#add-or-remove-a-group-from-another-group) and users as well which is not supported in "[Azure Databricks SCIM Provisioning Connector application](https://docs.databricks.com/administration-guide/users-groups/scim/aad.html)"
Using the code is as simple as below few commands :
Install
````
pip install nestedaaddb
````
Configure
Copy the config.cfg.template from here (https://github.com/mick2004/nested-aad-scim-connector/blob/main/config.cfg.template) ,populate details and rename to config.cfg
Usage
````
from nestedaaddb.nested_groups import SyncNestedGroups
sn = SyncNestedGroups()
sn.loadConfig(<<Path of config.cfg>>")
sn.sync(<<Top level Group>>,<<Is Dry Run>>)
````
## **Details**
## **Steps for running code:**
## Step (i)
**Register an application in Azure ADD with ReadAll permissions**
You will need to register an application in Azure Active Directory to enable user [authentication](https://learn.microsoft.com/en-us/graph/auth-v2-user)
Follow the steps below to do same:
1.Open a browser and navigate to the Azure Active Directory admin center and login using a personal account (aka: Microsoft Account) or Work or School Account.
2.Select **Azure Active Directory **in the left-hand navigation, then select **App registrations** under** Manage**.
![image](https://user-images.githubusercontent.com/2042132/200214332-0b686c2d-41df-4b27-863d-c34be789f228.png)
3.Select **New registration**. Enter a name for your application, for example, CustomAADConnector.
4.Set **Supported account types** as desired.
5.Leave **Redirect URI** empty.
6.Select **Register**. On the application's **Overview page**, copy the value of the** Application (client) ID** and save it, you will need it in the next step. If you chose Accounts in this organizational directory only for Supported account types, also copy the Directory (tenant) ID and save it.
![image](https://user-images.githubusercontent.com/2042132/200214869-afa9efa2-f076-4892-8746-cdeb7a26f7d4.png)
7.Select **Authentication **under Manage. Locate the** Advanced settings** section and change the **Allow public client **flows** toggle to Yes, then choose Save.
![image](https://user-images.githubusercontent.com/2042132/200215091-28962ad9-0767-4914-ad87-37839f24f0a1.png)
8. In the Application menu blade, click on the Certificates & secrets, in the Client secrets section, choose New client secret:
* Type a key description (for instance app secret)
* Select a key duration as per your security concerns
* The generated key value will be displayed when you click the Add button. Copy the generated value for use in the steps later.
* You'll need this key later in your code's configuration files. This key value will not be displayed again, and is not retrievable by any other means, so make sure to note it from the Azure portal before navigating to any other screen or blade.
9.In the Application menu blade, click on the API permissions in the left to open the page where we add access to the Apis that your application needs.
* Click the Add a permission button and then,
* Ensure that the Microsoft APIs tab is selected
* In the Commonly used Microsoft APIs section, click on Microsoft Graph
* In the Application permissions section, ensure that the **right permissions are checked: User.Read.All**
* Select the Add permissions button at the bottom.
10.At this stage, the permissions are assigned correctly but since the client app does not allow users to interact, the user's themselves cannot consent to these permissions. To get around this problem, we'd let the tenant administrator consent on behalf of all users in the tenant. Click the Grant admin consent for {tenant} button, and then select Yes when you are asked if you want to grant consent for the requested permissions for all account in the tenant. You need to be the tenant admin to be able to carry out this operation.
## Step (i)
**Populate config.cfg files with Databricks Settings**
Extract the SCIM Token and ACCOUNT SCIM URL Details: https://learn.microsoft.com/en-us/azure/databricks/administration-guide/users-groups/scim/aad#step-1-configure-azure-databricks
![Screenshot 2023-04-24 at 8 17 17 pm](https://user-images.githubusercontent.com/110456615/233968828-ac9ecee3-e996-45c5-8854-e31dfadd5d87.png)
## Step (iii)
## Running the app
### As Standalon Python app:
* Install utility via pip
````
pip install nestedaaddb
````
* Copy the config.cfg.template ,populate details and rename to config.cfg
* Run as below:
````
from nestedaaddb.nested_groups import SyncNestedGroups
sn = SyncNestedGroups()
sn.loadConfig(<<Path of config.cfg>>")
sn.sync(<<Top level Group>>,<<Is Dry Run>>)
````
## Contributors
<!-- ALL-CONTRIBUTORS-LIST:START - Do not remove or modify this section -->
<!-- prettier-ignore-start -->
<!-- markdownlint-disable -->
<table>
<tbody>
<tr>
<td align="center" valign="top" width="14.28%"><a href="https://github.com/jaina15"><img src="https://avatars.githubusercontent.com/u/26425486?v=4?s=100" width="100px;" alt="Shubham Jain"/><br /><sub><b>Shubham Jain</b></sub></a><br /><a href="https://github.com/mick2004/nested-aad-scim-connector/commits?author=jaina15" title="Code">💻</a> <a href="https://github.com/mick2004/nested-aad-scim-connector/commits?author=jaina15" title="Tests">⚠️</a></td>
<td align="center" valign="top" width="14.28%"><a href="https://github.com/AbhiDatabricks"><img src="https://avatars.githubusercontent.com/u/110456615?v=4?s=100" width="100px;" alt="Abhishek Pratap Singh"/><br /><sub><b>Abhishek Pratap Singh</b></sub></a><br /><a href="#infra-AbhiDatabricks" title="Infrastructure (Hosting, Build-Tools, etc)">🚇</a> <a href="https://github.com/mick2004/nested-aad-scim-connector/commits?author=AbhiDatabricks" title="Tests">⚠️</a> <a href="https://github.com/mick2004/nested-aad-scim-connector/commits?author=AbhiDatabricks" title="Code">💻</a></td>
</tr>
</tbody>
</table>
<!-- markdownlint-restore -->
<!-- prettier-ignore-end -->
<!-- ALL-CONTRIBUTORS-LIST:END -->
<!-- prettier-ignore-start -->
<!-- markdownlint-disable -->
<!-- markdownlint-restore -->
<!-- prettier-ignore-end -->
<!-- ALL-CONTRIBUTORS-LIST:END -->
Raw data
{
"_id": null,
"home_page": "",
"name": "nestedaaddb",
"maintainer": "",
"docs_url": null,
"requires_python": ">=3.7",
"maintainer_email": "",
"keywords": "Databricks,SCIM,nested AAD",
"author": "",
"author_email": "Abhishek Pratap Singh <sumoaps@outlook.com>",
"download_url": "https://files.pythonhosted.org/packages/59/9a/fb9c14928aa03c8ea67f5defe39c968486ca372a490844d05db423277abb/nestedaaddb-0.2.1.tar.gz",
"platform": null,
"description": "# nested-aad-scim-connector\n\n<a href=\"https://pypistats.org/packages/nestedaaddb\">\n<img alt=\"PyPI - Downloads\" src=\"https://img.shields.io/pypi/dm/nestedaaddb?label=PyPi%20Downloads&link=https%3A%2F%2Fpypistats.org%2Fpackages%2Fnestedaaddb\">\n</a>\n<a href=\"https://pypi.org/project/nestedaaddb/\">\n<img alt=\"PyPI\" src=\"https://img.shields.io/pypi/v/nestedaaddb?link=https%3A%2F%2Fpypi.org%2Fproject%2Fnestedaaddb%2F\">\n</a>\n\n\n\nThis utility provides ability to sync Users and Groups from AAD to Databricks. This application allows to sync [**nested groups**](https://learn.microsoft.com/en-us/azure/active-directory/fundamentals/how-to-manage-groups#add-or-remove-a-group-from-another-group) and users as well which is not supported in \"[Azure Databricks SCIM Provisioning Connector application](https://docs.databricks.com/administration-guide/users-groups/scim/aad.html)\"\n\nUsing the code is as simple as below few commands :\n\nInstall\n````\npip install nestedaaddb\n````\nConfigure\n\nCopy the config.cfg.template from here (https://github.com/mick2004/nested-aad-scim-connector/blob/main/config.cfg.template) ,populate details and rename to config.cfg\n\n\nUsage \n````\nfrom nestedaaddb.nested_groups import SyncNestedGroups\nsn = SyncNestedGroups()\nsn.loadConfig(<<Path of config.cfg>>\")\nsn.sync(<<Top level Group>>,<<Is Dry Run>>)\n````\n\n## **Details**\n\n## **Steps for running code:**\n\n## Step (i) \n**Register an application in Azure ADD with ReadAll permissions**\n\nYou will need to register an application in Azure Active Directory to enable user [authentication](https://learn.microsoft.com/en-us/graph/auth-v2-user)\n\nFollow the steps below to do same:\n\n1.Open a browser and navigate to the Azure Active Directory admin center and login using a personal account (aka: Microsoft Account) or Work or School Account.\n\n2.Select **Azure Active Directory **in the left-hand navigation, then select **App registrations** under** Manage**.\n\n![image](https://user-images.githubusercontent.com/2042132/200214332-0b686c2d-41df-4b27-863d-c34be789f228.png)\n\n3.Select **New registration**. Enter a name for your application, for example, CustomAADConnector.\n\n4.Set **Supported account types** as desired. \n\n5.Leave **Redirect URI** empty.\n\n6.Select **Register**. On the application's **Overview page**, copy the value of the** Application (client) ID** and save it, you will need it in the next step. If you chose Accounts in this organizational directory only for Supported account types, also copy the Directory (tenant) ID and save it.\n\n\n\n\n\n![image](https://user-images.githubusercontent.com/2042132/200214869-afa9efa2-f076-4892-8746-cdeb7a26f7d4.png)\n\n7.Select **Authentication **under Manage. Locate the** Advanced settings** section and change the **Allow public client **flows** toggle to Yes, then choose Save.\n\n![image](https://user-images.githubusercontent.com/2042132/200215091-28962ad9-0767-4914-ad87-37839f24f0a1.png)\n\n8. In the Application menu blade, click on the Certificates & secrets, in the Client secrets section, choose New client secret:\n\n * Type a key description (for instance app secret)\n \n * Select a key duration as per your security concerns\n \n * The generated key value will be displayed when you click the Add button. Copy the generated value for use in the steps later.\n \n * You'll need this key later in your code's configuration files. This key value will not be displayed again, and is not retrievable by any other means, so make sure to note it from the Azure portal before navigating to any other screen or blade.\n \n9.In the Application menu blade, click on the API permissions in the left to open the page where we add access to the Apis that your application needs.\n\n * Click the Add a permission button and then,\n \n * Ensure that the Microsoft APIs tab is selected\n \n * In the Commonly used Microsoft APIs section, click on Microsoft Graph\n \n * In the Application permissions section, ensure that the **right permissions are checked: User.Read.All**\n \n * Select the Add permissions button at the bottom.\n \n10.At this stage, the permissions are assigned correctly but since the client app does not allow users to interact, the user's themselves cannot consent to these permissions. To get around this problem, we'd let the tenant administrator consent on behalf of all users in the tenant. Click the Grant admin consent for {tenant} button, and then select Yes when you are asked if you want to grant consent for the requested permissions for all account in the tenant. You need to be the tenant admin to be able to carry out this operation.\n\n\n## Step (i) \n**Populate config.cfg files with Databricks Settings**\nExtract the SCIM Token and ACCOUNT SCIM URL Details: https://learn.microsoft.com/en-us/azure/databricks/administration-guide/users-groups/scim/aad#step-1-configure-azure-databricks\n\n![Screenshot 2023-04-24 at 8 17 17 pm](https://user-images.githubusercontent.com/110456615/233968828-ac9ecee3-e996-45c5-8854-e31dfadd5d87.png)\n\n\n\n## Step (iii) \n## Running the app\n\n### As Standalon Python app:\n* Install utility via pip\n\n````\npip install nestedaaddb\n````\n\n* Copy the config.cfg.template ,populate details and rename to config.cfg\n* Run as below:\n\n````\nfrom nestedaaddb.nested_groups import SyncNestedGroups\nsn = SyncNestedGroups()\nsn.loadConfig(<<Path of config.cfg>>\")\nsn.sync(<<Top level Group>>,<<Is Dry Run>>)\n````\n\n## Contributors\n\n<!-- ALL-CONTRIBUTORS-LIST:START - Do not remove or modify this section -->\n<!-- prettier-ignore-start -->\n<!-- markdownlint-disable -->\n<table>\n <tbody>\n <tr>\n <td align=\"center\" valign=\"top\" width=\"14.28%\"><a href=\"https://github.com/jaina15\"><img src=\"https://avatars.githubusercontent.com/u/26425486?v=4?s=100\" width=\"100px;\" alt=\"Shubham Jain\"/><br /><sub><b>Shubham Jain</b></sub></a><br /><a href=\"https://github.com/mick2004/nested-aad-scim-connector/commits?author=jaina15\" title=\"Code\">\ud83d\udcbb</a> <a href=\"https://github.com/mick2004/nested-aad-scim-connector/commits?author=jaina15\" title=\"Tests\">\u26a0\ufe0f</a></td>\n<td align=\"center\" valign=\"top\" width=\"14.28%\"><a href=\"https://github.com/AbhiDatabricks\"><img src=\"https://avatars.githubusercontent.com/u/110456615?v=4?s=100\" width=\"100px;\" alt=\"Abhishek Pratap Singh\"/><br /><sub><b>Abhishek Pratap Singh</b></sub></a><br /><a href=\"#infra-AbhiDatabricks\" title=\"Infrastructure (Hosting, Build-Tools, etc)\">\ud83d\ude87</a> <a href=\"https://github.com/mick2004/nested-aad-scim-connector/commits?author=AbhiDatabricks\" title=\"Tests\">\u26a0\ufe0f</a> <a href=\"https://github.com/mick2004/nested-aad-scim-connector/commits?author=AbhiDatabricks\" title=\"Code\">\ud83d\udcbb</a></td>\n </tr>\n </tbody>\n</table>\n\n<!-- markdownlint-restore -->\n<!-- prettier-ignore-end -->\n\n<!-- ALL-CONTRIBUTORS-LIST:END -->\n<!-- prettier-ignore-start -->\n<!-- markdownlint-disable -->\n\n<!-- markdownlint-restore -->\n<!-- prettier-ignore-end -->\n\n<!-- ALL-CONTRIBUTORS-LIST:END -->\n\n\n\n",
"bugtrack_url": null,
"license": "",
"summary": "A package that allows to sync Nested AAD Group to DataBricks",
"version": "0.2.1",
"project_urls": null,
"split_keywords": [
"databricks",
"scim",
"nested aad"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "d9077d7114c56ddc52f9f1346a1de2172a2796140c6d9b374484dc584b588ee9",
"md5": "205807418154530b26bf15f9cec4968c",
"sha256": "ad0d3fb771d96296864499803e53fa77e859c3f9791324697cb3a8ee3390c88c"
},
"downloads": -1,
"filename": "nestedaaddb-0.2.1-py3-none-any.whl",
"has_sig": false,
"md5_digest": "205807418154530b26bf15f9cec4968c",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.7",
"size": 9904,
"upload_time": "2023-11-17T21:28:44",
"upload_time_iso_8601": "2023-11-17T21:28:44.069115Z",
"url": "https://files.pythonhosted.org/packages/d9/07/7d7114c56ddc52f9f1346a1de2172a2796140c6d9b374484dc584b588ee9/nestedaaddb-0.2.1-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "599afb9c14928aa03c8ea67f5defe39c968486ca372a490844d05db423277abb",
"md5": "2423a35b6e240b4f9c31cc27b9f0effc",
"sha256": "8e585c123d18136b3160d4b68e13d0b5545e443df4073a83b090ba80f1c247aa"
},
"downloads": -1,
"filename": "nestedaaddb-0.2.1.tar.gz",
"has_sig": false,
"md5_digest": "2423a35b6e240b4f9c31cc27b9f0effc",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.7",
"size": 11747,
"upload_time": "2023-11-17T21:28:45",
"upload_time_iso_8601": "2023-11-17T21:28:45.768350Z",
"url": "https://files.pythonhosted.org/packages/59/9a/fb9c14928aa03c8ea67f5defe39c968486ca372a490844d05db423277abb/nestedaaddb-0.2.1.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2023-11-17 21:28:45",
"github": false,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"lcname": "nestedaaddb"
}