"... However, creating/“managing” users started for small setups with the SQL resolver. ..."
setup of the resolver & realm is trivial,
Setting it up
there is an even easier way to do so, using the command line tool pi-manage.py:
pi-manage.py resolver create_internal myfirstresolver
pi-manage.py realm create myrealm myfirstresolver
Done. You ended up with an editable resolver and a realm called “myrealm”.
You can add, update and delete users in this realm (in fact in the resolver).
pi-manage resolver create_internal --help usage: Create new resolver create_internal [-?] name This creates a new internal, editable sqlresolver. The users will be stored in the token database in a table called 'users_<name>'. You can then add this resolver to a new real using the command 'pi-manage.py realm'.
creates/populates the user table in, in my case, the pi.cfg-specified sqlite3 store,
sqlite3 /etc/privacyidea/data.sqlite SQLite version 3.29.0 2019-07-10 17:32:03 Enter ".help" for usage hints. sqlite> .tables users_myfirstresolver users_myfirstresolver sqlite> .schema users_myfirstresolver CREATE TABLE users_myfirstresolver ( id INTEGER NOT NULL, username VARCHAR(40), email VARCHAR(80), password VARCHAR(255), phone VARCHAR(40), mobile VARCHAR(40), surname VARCHAR(40), givenname VARCHAR(40), description VARCHAR(255), PRIMARY KEY (id), UNIQUE (username) );
I do not see in pi-manage any methods any for ‘creating/“managing” users’.
It’s simple enough to add users directly to the db … and, of course, via the WebUI. or, move it back to external db.
But, since the ‘internal’ resolver/realm creation are using pi-manage, are there also cmd-line pi-* tools for doing that? Even in/for ‘small setups’?
Are only the resolver & realm pi-manage-able? Not the users themselves?