来自Pivotal的高级现场工程师。
您可以通过连接到OpsMgr或您的部署清单中的postgres UAAdb杠杆凭据来恢复管理员帐户的组成员身份。以下是您可以使用所需组的示例脚本。不要担心重复行,因为PK约束会阻止它们。更新组后,使用BOSH滚动重新启动UAA服务器。这需要完成以清除UAA的内存缓存......不幸的是没有更优雅的方式。希望这可以帮助。
--client.write
insert into group_membership values ((select id from groups where displayname='clients.write'), (select id from users where username='admin'), 'USER', 'MEMBER', '2015-01-05', 'uaa');
--clients.admin
insert into group_membership values ((select id from groups where displayname='clients.admin'), (select id from users where username='admin'), 'USER', 'MEMBER', '2015-01-05', 'uaa');
--scim.read
insert into group_membership values ((select id from groups where displayname='scim.read'), (select id from users where username='admin'), 'USER', 'MEMBER', '2015-01-05', 'uaa');
--scim.write
insert into group_membership values ((select id from groups where displayname='scim.write'), (select id from users where username='admin'), 'USER', 'MEMBER', '2015-01-05', 'uaa');
--password.write
insert into group_membership values ((select id from groups where displayname='password.write'), (select id from users where username='admin'), 'USER', 'MEMBER', '2015-01-05', 'uaa');
--clients.read
insert into group_membership values ((select id from groups where displayname='clients.read'), (select id from users where username='admin'), 'USER', 'MEMBER', '2015-01-05', 'uaa');
--uaa.admin
insert into group_membership values ((select id from groups where displayname='uaa.admin'), (select id from users where username='admin'), 'USER', 'MEMBER', '2015-01-05', 'uaa');
如果您没有其他管理员用户,可能会卡住。我想你可以连接到数据库并手动更新范围/权限。另一种选择是重新部署CF,但除非你使用bosh-lite并在本地运行,否则这可能不是一种选择。 – 2014-11-18 22:09:51
谢谢!幸运的是,我可以重新部署CF,它可以解决问题 – Gilbert 2014-12-09 02:02:36