07-07-2019 10:52 AM
Hi,
I am trying to create admin user from an xml file. The load worked fine, but POST returns error 405 "Method Exception Not Supported". I could not find an alternative to work around this problem. :(
Below are the python scripts for user creation and the framework used for the xml file.
import http.client import base64 import ssl import sys host = "X.X.X.X" user = "ers-admin" password = "password" r = http.client.HTTPSConnection("{}:9060".format(host), context=ssl.SSLContext(ssl.PROTOCOL_TLSv1_2)) credentials = str.encode(':'.join((user, password))) encodedAuth = bytes.decode(base64.b64encode(credentials)) headers = { 'accept': "application/xml", 'authorization': " ".join(("Basic",encodedAuth)), 'content-type': "application/xml; charset=utf-8", 'cache-control': "no-cache" } print(open('admin.xml').read()) r.request("POST", "/ers/config/adminuser/", open('admin.xml').read(), headers=headers) res = r.getresponse() data = res.read() print("Status: {}".format(res.status)) print("Header:\n{}".format(res.headers)) print("Body:\n{}".format(data.decode("utf-8")))
XML:
<?xml version="1.0" encoding="utf-8" standalone="yes"?> <ns4:adminuser description="test" name="superAdmin" xmlns:ers="ers.ise.cisco.com" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:ns4="identity.ers.ise.cisco.com"> <adminGroups>Super Admin</adminGroups> <changePassword>false</changePassword> <customAttributes> <entry> <key>Email</key> <value>test@migration.com</value> </entry> <entry> <key>Empresa</key> <value>xxxxx</value> </entry> <entry> <key>Nome</key> <value>superAdmin</value> </entry> <entry> <key>CR</key> <value>xxxxxx</value> </entry> <entry> <key>Matr_cula</key> <value>9999999</value> </entry> </customAttributes> <enabled>true</enabled> <externalUser>false</externalUser> <inactiveAccountNeverDisabled>false</inactiveAccountNeverDisabled> <includeSystemAlarmsInEmail>false</includeSystemAlarmsInEmail> <password>test@123</password> </ns4:adminuser>
Any help at all would be greatly appreciated.
Regards,
Gabriele
Solved! Go to Solution.
07-10-2019 10:20 AM - edited 07-10-2019 10:21 AM
But, Is there another way to import a list of administrators into ISE? Instead of creating one by one in the GUI.
Your best bet would be to use an external ID source (AD or LDAP or ODBC) as the primary ID source for admin authentication instead of using the internal admin users. If we import internal users (network access users) via CSV, we would still need to add them individually as admin users and assign them with admin groups.
Here are the basic steps to use Active Directory as the admin auth ID source:
07-07-2019 05:03 PM
This is not currently supported. For ISE admin users, ERS API is supporting READ operations (i.e. Get-All and Get-By-Id) only.
07-07-2019 05:12 PM - edited 07-07-2019 05:14 PM
hslai,
Thank you for answer!
But, Is there another way to import a list of administrators into ISE? Instead of creating one by one in the GUI.
07-10-2019 10:20 AM - edited 07-10-2019 10:21 AM
But, Is there another way to import a list of administrators into ISE? Instead of creating one by one in the GUI.
Your best bet would be to use an external ID source (AD or LDAP or ODBC) as the primary ID source for admin authentication instead of using the internal admin users. If we import internal users (network access users) via CSV, we would still need to add them individually as admin users and assign them with admin groups.
Here are the basic steps to use Active Directory as the admin auth ID source:
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide