- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-20-2019 02:46 AM
Hi board,
I'm using ISE 2.4 Patch 9 and I want to change attributes (e.g. description) on an existing network device.
So, first of all I find out the ID for the network device I want to change. Here are the device details for the existing device:
$ curl -H "Accept:application/json" -H "Content-Type:application/json" -u ers-query -p -k https://10.20.131.1:9060/ers/config/networkdevice/8ecaa490-2312-11ea-807e-0050568b5bee
Enter host password for user 'ers-query':
{
"NetworkDevice" : {
"id" : "8ecaa490-2312-11ea-807e-0050568b5bee",
"name" : "Bla123",
"description" : "",
[...]
So if I want to update the description, I'll use the following PUT body
{ "NetworkDevice": { "description": "newDescription"
} }
CURL request
$ curl -X PUT -H "Accept:application/json" -H "Content-Type:application/json" -d '{"NetworkDevice": {"description": "newDescription"}}' -u ers-query -p -k https://10.20.131.1:9060/ers/config/networkdevice/8ecaa490-2312-11ea-807e-0050568b5bee Enter host password for user 'ers-query': { "ERSResponse" : { "operation" : "PUT-update-networkdevice", "messages" : [ { "title" : "Validation Error - Illeagal values: [The valid name can contain alphanumeric, hyphen(-), period(.) and underscore(_)]", "type" : "ERROR", "code" : "Application resource validation exception" } ], "link" : { "rel" : "related", "href" : "https://10.20.131.1:9060/ers/config/networkdevice/8ecaa490-2312-11ea-807e-0050568b5bee", "type" : "application/xml" } }
The same happens if I try this with Postman... Any idea what I'm doing wrong here?
Solved! Go to Solution.
- Labels:
-
Identity Services Engine (ISE)
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-23-2019 07:15 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-07-2020 04:13 AM
@Mike.Cifelli wrote:
Pull up your ERS SDK and go to API documentation. Under network device it will show you what fields are required to perform proper update via put as well as xml & json examples.
Hi Mike,
of course I did that. The ERS documentation isn't very helpful in this regard.
By fiddling around, I found the solution (which is not documented of course)
tl;tr summary:
The Network Device Update (PUT) request must contain:
- The name attribute - regardless whether the name is subject to change or not
- The NetworkDeviceIPList attribute with the child elements ipaddress and mask
Note: I tested it for JSON data only
So for example, if the description of a network device should be changed, the following PUT body data would work:
{
"NetworkDevice" : {
"name" : "currentName"
"description" : "new description",
"NetworkDeviceIPList" : [ {
"ipaddress" : "192.0.2.1",
"mask" : 32
} ]
}
}
I found no indication in the ERS SDK documentation about this behavior. By the way: In the meantime I updated to ISE 2.4 patch 11 and the behavior is still the same.
So I guess it's another TAC case here :(
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-20-2019 08:05 AM
API_DEVICE = "https://10.20.131.1:9060/ers/config/networkdevice/8ecaa490-2312-11ea-807e-0050568b5bee"
API_ERS_USER = "<user>","<pass>"
API_DATA = ({
"ERSEndPoint" : {
"description" : <DESC>,
}
})
r = requests.put(url=API_DEVICE, auth=API_ERS_USER, verify=True, json=API_DATA)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-20-2019 10:23 AM
@Mike.Cifelli wrote:
API_DATA = ({
"ERSEndPoint" : {
"description" : <DESC>,
}
})
r = requests.put(url=API_DEVICE, auth=API_ERS_USER, verify=True, json=API_DATA)
Hi Mike,
thanks for your reply. However, you're using "ERSEndpoint" as top level key element. According to the documentation. the top level element for network devices should be "NetworkDevice" (as shown in the GET request)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-20-2019 11:23 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-23-2019 07:15 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-07-2020 04:13 AM
@Mike.Cifelli wrote:
Pull up your ERS SDK and go to API documentation. Under network device it will show you what fields are required to perform proper update via put as well as xml & json examples.
Hi Mike,
of course I did that. The ERS documentation isn't very helpful in this regard.
By fiddling around, I found the solution (which is not documented of course)
tl;tr summary:
The Network Device Update (PUT) request must contain:
- The name attribute - regardless whether the name is subject to change or not
- The NetworkDeviceIPList attribute with the child elements ipaddress and mask
Note: I tested it for JSON data only
So for example, if the description of a network device should be changed, the following PUT body data would work:
{
"NetworkDevice" : {
"name" : "currentName"
"description" : "new description",
"NetworkDeviceIPList" : [ {
"ipaddress" : "192.0.2.1",
"mask" : 32
} ]
}
}
I found no indication in the ERS SDK documentation about this behavior. By the way: In the meantime I updated to ISE 2.4 patch 11 and the behavior is still the same.
So I guess it's another TAC case here :(
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-08-2020 09:55 PM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-30-2022 02:34 PM
Hi Johannes!
Unfortunately, this does not work for me .. and whatever I try, it always fails with:
< HTTP/1.1 405 Method Not Allowed
HTTP/1.1 405 Method Not Allowed
< Transfer-Encoding: chunked
Transfer-Encoding: chunked
Below is my request. I am simply trying to change the device name .. without any success. ISE version is quite old, but all other requests (GET, POST, DELETE) works perfectly fine . I will be really thankful if someone can give a tip.
curl \
-vvv \
--noproxy "*" \
--include \
--insecure \
--user ers-usr2:Password1234 \
--header 'Content-Type: application/json' \
--header 'Accept: application/json' \
--header 'Authorization: Basic ZXJzLXVzcjI6UGFzc3dvcmQxMjM0' \
--request put https://x.x.x.x:9060/ers/config/networkdevice/5678 \
--data '
{
"NetworkDevice" : {
"id" : "5678",
"name" : "NEW_NAME",
"authenticationSettings" : {
"networkProtocol" : "RADIUS",
"radiusSharedSecret" : "******",
"enableKeyWrap" : false,
"keyInputFormat" : "ASCII"
},
"tacacsSettings" : {
"sharedSecret" : "******",
"connectModeOptions" : "OFF",
"previousSharedSecret" : "test123",
"previousSharedSecretExpiry" : 0
},
"profileName" : "Cisco",
"coaPort" : 1700,
"link" : {
"rel" : "self",
"href" : "https://x.x.x.x:9060/ers/config/networkdevice/5678",
"type" : "application/xml"
},
"NetworkDeviceIPList" : [ {
"ipaddress" : "192.168.4.5",
"mask" : 32
} ],
"NetworkDeviceGroupList" : [ "Device Type#All Device Types#IPC#ROUTER#PE", "IPSEC#Is IPSEC Device#No", "Location#All Locations" ]
}
}'
