Solved: uni/controller/nodeidentpol

designatednetworkengineer · ‎10-20-2022

I'm tasked with setting up a Cisco ACI lab for use as a development space for a wider team. One of my goals is to be able to baseline the lab using automation. I noticed the following script via the DevNet resources on ACI:

https://github.com/CiscoDevNet/aci-learning-labs-code-samples/blob/master/apic_fabric_setup/startup_script.py

If I could repurpose that script for my lab, I would save myself a lot of time and energy and would have more control and flexibility because I could utilize my skills with Python. I was able to modify the script and get it to run on my lab, but it fails on line 33 because the lookupByDn method returns a NoneType when the - uni/controller/nodeidentpol - distinguished name is the argument.

How can I create the - uni/controller/nodeidentpol - distinguished name in my lab so that NoneType is no longer returned?

designatednetworkengineer · ‎10-24-2022

Okay, I think I figured this out on my own. To run this script in my lab I created a special account in a special domain used for fallback authentication to the local APIC database if AAA fails. The account I created appears to not have the same permissions as the admin account exists by default. When I ran the script using the existing admin account I did not have any issues with line 33.

View solution in original post

designatednetworkengineer · ‎10-24-2022

Okay, I think I figured this out on my own. To run this script in my lab I created a special account in a special domain used for fallback authentication to the local APIC database if AAA fails. The account I created appears to not have the same permissions as the admin account exists by default. When I ran the script using the existing admin account I did not have any issues with line 33.