08-20-2021 04:04 AM
I have to import nearly 1.500 users into ISE using the import function in GUI.
The passwords are not encrypted.
If the password contains '%', I get the following error: 'Username' user Import Failed due to XSS vulnerability - (line#...)
Please don't suggest, not to use '%' in password.
I have to import them as they are.
Is there any possibilty to nest the '%' in any way (as ASCII or Unicode), so ISE will accept it?
I already tried '\0x25' and '\u0025' but both get interpreted as part of the password, not translated to '%'.
Or is there any possibility/tool to encrypt the passwords before importing them?
Does anyone know, how they have to be encrypted for ISE being able to decrypt it while import?
I found some information about internal encryption with AES-CBC.
But what is about encryption/decryption ciphers for export/import?
Solved! Go to Solution.
08-21-2021 03:29 AM
Hi @stephan.ochs,
Have you tried placing entire password between quotes in CSV, before importing it?
BR,
Milos
08-20-2021 11:22 PM
I just tried this in ISE 2.7 patch 3 and it had no issues with password containing %
08-21-2021 03:29 AM
Hi @stephan.ochs,
Have you tried placing entire password between quotes in CSV, before importing it?
BR,
Milos
08-22-2021 12:16 AM - edited 08-22-2021 12:18 AM
Hi Milos
I used Excel to edit the export from ISE. I was unaware of any quotes on string fields. Seems like a bug apparently. But I was able to import using my method.
08-22-2021 11:31 PM
Thank you, Milos
This is the solution. Why didn't I come up with it myself?
Sometimes you sit in front of the solution and don't see it.
@Arne Bier I'm using Excel to generate the import CSV, too.
And normally Excel inserts quotes to strings when exporting to CSV.
But due to using "german" Excel, CSV have ";" instead of ",".
So I copied the content from Excel, pasted it into a text file and replaced every tab with ",".
This is the reason why the strings had no quotes.
Small cause, big impact.
Thank you all and best regards
Stephan
08-21-2021 10:08 PM
Known issue -- CSCvf06752
09-10-2024 05:58 AM - edited 09-10-2024 06:02 AM
Hi,
We've got similar issue.
The blocking character is a simple quote ( ' ) located in the name...
On the CSV file we can find "firstname" , "last'name"
The CSV file is an export of the endpoints. Ok for Export but you can't import it directly...
The double quote doesn't help....
Our ISE server is Version: 3.3.0.430
Any idea on when/how it might be fixed ?
Best regards,
Laurent
NB : it would be great to have details of the error directly, or a link to details. Instead of "consult log" without knowing where to search.
09-10-2024 04:49 PM
You will have to open a TAC case and then eventually someone at Cisco might deem it important enough to fix
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide