cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
313
Views
0
Helpful
6
Replies
Highlighted
Beginner

Password update of CISCO ISE through External RESTful Services APIs for Internal User

Hi Expert,

I am trying to change password of existing Identities by below PHP code.

////here is the main part of code

  $random_password="Hi@12345";
    
  //echo $xmlstr;
  
  ////update the password of $username
  
  //generate the contents
  $cont='<?xml version="1.0" encoding="UTF-8" standalone="yes"?>' . "\n";
     $cont=$cont.'<ns3:internaluser description="'.$description.'" name="'.$username.'" id="'.$id.'"'."\n";
     $cont=$cont.'xmlns:ns2="ers.ise.cisco.com" xmlns:ns3="identity.ers.ise.cisco.com">'."\n";
     $cont=$cont.'<customAttributes>'."\n";
     $cont=$cont.'</customAttributes>'."\n";
     $cont=$cont.'<identityGroups>6f7b7c90-f111-11e5-8dfc-005056a8f91d</identityGroups>'."\n";
     $cont=$cont.'<password>'.$random_password.'</password>'."\n";
     $cont=$cont. '</ns3:internaluser>';

     
     
  $options  = array (
    'http' =>
    array (
     'method'  => 'PUT',
   'ignore_errors' => true,
   'header' =>
   array  (
       0 => "Authorization: Basic " . base64_encode("$username_ise:$password_ise"),
       1 => 'Content-Type: application/vnd.com.cisco.ise.identity.internaluser.1.0+xml'        
     ),
   'content' => $cont,
      )
   );

////getting response without any error as:

<?xml version="1.0" encoding="utf-8" standalone="yes"?><ns3:updatedFields xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:ns3="ers.ise.cisco.com"/>

But the password is not changed eventually.

All other attributes (first name, last name, email etc) are changing successfully except password. Even If tried to change password beyond policy, it returned error with policy violation texts too. But for the right case, its not changing the password. Any idea or suggestion?

6 REPLIES 6
Rising star

You need this in your xml

You need this in your xml right before the customAttributes section start :

<changePassword>true</changePassword>

Beginner

hi Jan,

hi Jan,

that attribute is to enable user to change pass at immediate login. But I want to update any existing password of entities.

hope you get my issue.

Rising star

Ah, ok. What version of ISE

Ah, ok. What version of ISE are you on ?

Beginner

Identity Services Engine

Identity Services Engine
Version 2.0.0.306
Product Identifier (PID) ISE-VM-K9
Version Identifier (VID) V01
 
ADE-OS Version 2.3.0.187
Beginner

Issue Resolved.

Issue Resolved.

Thanks in advance.

Rising star

What was the problem then ?

What was the problem then ?