Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1908
Views
0
Helpful
7
Replies

Password update of CISCO ISE through External RESTful Services APIs for Internal User

promila
Level 1
Level 1

‎07-26-2016 10:38 AM - edited ‎03-10-2019 11:57 PM

Hi Expert,

I am trying to change password of existing Identities by below PHP code.

////here is the main part of code

  $random_password="Hi@12345";
    
  //echo $xmlstr;
  
  ////update the password of $username
  
  //generate the contents
  $cont='<?xml version="1.0" encoding="UTF-8" standalone="yes"?>' . "\n";
     $cont=$cont.'<ns3:internaluser description="'.$description.'" name="'.$username.'" id="'.$id.'"'."\n";
     $cont=$cont.'xmlns:ns2="ers.ise.cisco.com" xmlns:ns3="identity.ers.ise.cisco.com">'."\n";
     $cont=$cont.'<customAttributes>'."\n";
     $cont=$cont.'</customAttributes>'."\n";
     $cont=$cont.'<identityGroups>6f7b7c90-f111-11e5-8dfc-005056a8f91d</identityGroups>'."\n";
     $cont=$cont.'<password>'.$random_password.'</password>'."\n";
     $cont=$cont. '</ns3:internaluser>';

     
     
  $options  = array (
    'http' =>
    array (
     'method'  => 'PUT',
   'ignore_errors' => true,
   'header' =>
   array  (
       0 => "Authorization: Basic " . base64_encode("$username_ise:$password_ise"),
       1 => 'Content-Type: application/vnd.com.cisco.ise.identity.internaluser.1.0+xml'        
     ),
   'content' => $cont,
      )
   );

////getting response without any error as:

<?xml version="1.0" encoding="utf-8" standalone="yes"?><ns3:updatedFields xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:ns3="ers.ise.cisco.com"/>

But the password is not changed eventually.

All other attributes (first name, last name, email etc) are changing successfully except password. Even If tried to change password beyond policy, it returned error with policy violation texts too. But for the right case, its not changing the password. Any idea or suggestion?

1 person had this problem
Labels:
0 Helpful
7 Replies 7

jan.nielsen
Level 7
Level 7

‎07-26-2016 12:21 PM

You need this in your xml right before the customAttributes section start :

<changePassword>true</changePassword>

0 Helpful

promila
Level 1
Level 1
In response to jan.nielsen

‎07-26-2016 01:17 PM

hi Jan,

that attribute is to enable user to change pass at immediate login. But I want to update any existing password of entities.

hope you get my issue.

0 Helpful

jan.nielsen
Level 7
Level 7
In response to promila

‎07-26-2016 01:49 PM

Ah, ok. What version of ISE are you on ?

0 Helpful

promila
Level 1
Level 1
In response to jan.nielsen

‎07-26-2016 05:43 PM

Identity Services Engine
Version 2.0.0.306
Product Identifier (PID) ISE-VM-K9
Version Identifier (VID) V01
 
ADE-OS Version 2.3.0.187
0 Helpful

promila
Level 1
Level 1
In response to promila

‎07-27-2016 12:55 PM

Issue Resolved.

Thanks in advance.

0 Helpful

jan.nielsen
Level 7
Level 7
In response to promila

‎07-28-2016 09:55 AM

What was the problem then ?

0 Helpful

ARTUROWATR
Level 1
Level 1
In response to promila

‎11-19-2020 06:19 AM

I have de same issue, how did you manage to solve it?

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents