orgmapper is a tool that can be used with a non-hosted Chef server to provide administrative access to back-end objects. orgmapper can be a dangerous tool and should be used carefully. In general, anything that needs to be done around automating user creation, making permissions changes, and so on, can be done more easily using the knife-acl plugin and by using the Chef server web interface.


This tool is deprecated.


The following examples show how to use orgmapper:

Start orgmapper

Log in to the server that is hosting the back-end. (In a high availability configuration, this should be the current primary server in that configuration.)

$ /opt/opscode/bin/orgmapper

Next, query organizations, users, and so on similar to the following examples

orgmapper:0 > pp ORGS.all


orgmapper:0 > pp ORGS['ORGNAME']


orgmapper:0 > pp USERS.all


orgmapper:0 > pp USERS['USER']

where (in each of the previous examples) ORGNAME is the name of the organization and USER is the name of the user.

Find users in an organization

orgmapper:0 > OrganizationUser.users_for_organization(ORGS['ORGNAME']).collect do |orguser|

where ORGNAME is the name of the organization.

Find organizations for a user

orgmapper:0 > OrganizationUser.organizations_for_user(USERS['USERNAME']).collect do |orguser|

where USERNAME is the name of the user.

Find a user name based on email address

orgmapper:0 >{|u| == ''}

where is the email address for the user.

Associate a user to an organization

Ensure that the user and organization already exist and then do something like:

orgmapper:0 > OrgMapper::Associator.associate_user(ORGS['ORGNAME'], USERS['USERNAME'])

where ORGNAME is the name of the organization and USERNAME is the name of the user.

Add a user to organization’s admin group

orgmapper:0> g = ORGS['ORGNAME'].groups['admins']
orgmapper:0> g.add_actor(USERS['USERNAME'])

where ORGNAME is the name of the organization and USERNAME is the name of the user.

Remove a user from organization’s admin group

orgmapper:0> ORGS['ORGNAME'].remove_user_from_group('USERNAME', 'admins')

Delete a user

orgmapper:0 > USERS.mapper.destroy(USERS['USERNAME'])

where USERNAME is replaced by the user name that will be deleted.