08-20-2021 04:04 AM
I have to import nearly 1.500 users into ISE using the import function in GUI.
The passwords are not encrypted.
If the password contains '%', I get the following error: 'Username' user Import Failed due to XSS vulnerability - (line#...)
Please don't suggest, not to use '%' in password.
I have to import them as they are.
Is there any possibilty to nest the '%' in any way (as ASCII or Unicode), so ISE will accept it?
I already tried '\0x25' and '\u0025' but both get interpreted as part of the password, not translated to '%'.
Or is there any possibility/tool to encrypt the passwords before importing them?
Does anyone know, how they have to be encrypted for ISE being able to decrypt it while import?
I found some information about internal encryption with AES-CBC.
But what is about encryption/decryption ciphers for export/import?
Solved! Go to Solution.
08-21-2021 03:29 AM
Hi @stephan.ochs,
Have you tried placing entire password between quotes in CSV, before importing it?
BR,
Milos
08-20-2021 11:22 PM
I just tried this in ISE 2.7 patch 3 and it had no issues with password containing %
08-21-2021 03:29 AM
Hi @stephan.ochs,
Have you tried placing entire password between quotes in CSV, before importing it?
BR,
Milos
08-22-2021 12:16 AM - edited 08-22-2021 12:18 AM
Hi Milos
I used Excel to edit the export from ISE. I was unaware of any quotes on string fields. Seems like a bug apparently. But I was able to import using my method.
08-22-2021 11:31 PM
Thank you, Milos
This is the solution. Why didn't I come up with it myself?
Sometimes you sit in front of the solution and don't see it.
@Arne Bier I'm using Excel to generate the import CSV, too.
And normally Excel inserts quotes to strings when exporting to CSV.
But due to using "german" Excel, CSV have ";" instead of ",".
So I copied the content from Excel, pasted it into a text file and replaced every tab with ",".
This is the reason why the strings had no quotes.
Small cause, big impact.
Thank you all and best regards
Stephan
08-21-2021 10:08 PM
Known issue -- CSCvf06752
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: