Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1724
Views
0
Helpful
2
Replies

ISE API : Using curl to add a tacacs account and to add it to an existing group.

Go to solution
ASD SOC Tata Communications
Level 1
Level 1

‎03-06-2019 01:59 AM

Hello ISE API experts.

I have read the documentation within the sdk and the article from Thomas (great).

We have just finished the migration from ACS 4.1 to ISE 2.4. We use it as a tacacs server with identities, network devices and devices admin policies.

Could someone help me to create the curl command to add a new tacacs account and to assign it to a group. I will then try to copy it to add a netwoirk device and assign it to a group.

 

Where can I find all the keywords that I can use  in json file?

Thanks

Gilles

The below extract from  Thomas' guide will create a account but doesn't assign it to a Identity group.

curl -k --include --header 'Content-Type:application/json' --header 'Accept: application/json' --user admin:C1sco12345 --request POST https://198.18.133.27:9060/ers/config/internaluser  --data '
{
  "InternalUser" : {
    "name" : "thomas",
    "password" : "C1sco12345",
    "changePassword" : false
  }
}'

 

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
ASD SOC Tata Communications
Level 1
Level 1
In response to Damien Miller

‎03-07-2019 02:14 AM

Hi Damien,

yes I have read it . There is an example to create an internal user, but nothing about the "identity group". The aim is to create a new account and to assign it to an existing group. Same for a new device and a NDG.

 

And I have not found the list of the keywords that you can use  along with a account creation (for instance). 

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Damien Miller
VIP Alumni
VIP Alumni

‎03-06-2019 06:30 PM

Have you looked at the ISE API documentation available on your ISE deployment?
https://<your ise IP>:9060/ers/sdk

The ERS SDK has API call examples for almost everything. This isn't documented on any public site, but hosted in each ISE deployment. What you want to do is possible, I have a client that has fully automated their ISE NAD management via out tools and workflows, all via the ISE ERS API.
0 Helpful

Go to solution
ASD SOC Tata Communications
Level 1
Level 1
In response to Damien Miller

‎03-07-2019 02:14 AM

Hi Damien,

yes I have read it . There is an example to create an internal user, but nothing about the "identity group". The aim is to create a new account and to assign it to an existing group. Same for a new device and a NDG.

 

And I have not found the list of the keywords that you can use  along with a account creation (for instance). 

0 Helpful
Customers Also Viewed These Support Documents