I was working with someone who was trying to update a number of users at once and they wanted to use the csv import tool to do it. The problem was there was no export tool that would produce something that could then be imported after the changes were made.
To fill that need I created this.
Running the tool
There are a couple things you’ll need to do before it will work.
Get the MySQL password
To run the tool you’ll need to be able to get the MySQL password for the CPAM server. When you run the tool the first thing it does is prompt for the password and address of the CPAM server.
To get the MySQL password you’ll need to be logged in as root. Log in as ‘cpamadmin’ and use the following commands:
# sudo su - # grep local.pass /opt/cisco/cpam/properties/cpsm.runtime.properties
If you copy the file over to a linux system, remember to make it executable. Here's what that command looks like:
# chmod +x cpam-extract.php
This will try and pull a hundred or so values for the personnel records on the system. If a user has multiple badges they will appear multiple times.
Note: Some of the fields in a given user's record will depend on the existence of objects like an organization to exist ahead of time. The import tool will give a warning to let you know if something does not exist yet. In order for that record to succeed on it's import the object in question will have to be created or the entry in the CSV file will need to have that value removed.
This has been tested with CPAM 1.3.0 and 1.3.1
When the tool runs successfully you will be presented with a "CPAM_export.zip" download. If the tool is unable to create a zip file (older versions of php don't have zip) it will try to create a "CPAM_export.tar.gz" file. If neither of those work it will try to offer a "CPAM_export.csv" file. The csv file won't have any images or the properties file with it though.
To use the import tool, you will first want to unzip the CPAM_export file to your desktop. The csv import tool is run by going into the CPAM client, then selecting users->personnel. The Add option at the top of the page has a pulldown that runs the CSV import tool.
The import tool will ask for the import file. You enter the csv file name. Leave the "File has header row" box checked.
On the next screen look for a button near the bottom that says "Load Configuration..." Look for the file in the unzipped contents that ends in ".properties"
When you hit "Next" the system will start trying to process the entries.
If you need some indication that the tool is doing something, turning the debug value up will show more and more of what is going on. If the tool is failing, the debug can show you where.
Debug 0: No text output, it just prompts to download the zip file.
Debug 1: Shows the names and badges of the records it is exporting.
Debug 2: Shows the names/badges and a dot or exclamation point for each field that is filled in for that user. This is to allow a quick visual indication of which users have more fields filled in.
Debug 3: Adds a Field number/name/value section under each user/badge number listed.
Debug 4: Additionally shows the SQL queries being made. This option can get quite lengthy.
Debug 5: includes the field mapping table and other control elements.
I'd love to get your feedback on how this worked for you. Let me know what you like about it, what you don't like about it, and what suggestions you have for it. Of course, I also want to know if you run into any problems caused by the script. I can't fix it if I don't know it's broken.
This script is not officially supported by our development team, but I will try to fix it if something is wrong.
We have recently installed Cisco Physical Access Manager V1.2.0. We are using
the included Badge Designer from Glips Graffiti Editor v1.4. Has anyone had any
luck adding a 3 of 9 barcode to the badge design?
Yes, I have attached a document showing the steps to use a custom font with the Badge Designer. In the doc, it shows using the 3 of 9 barcode font as an example. barcode.doc
I wanna configure a port forwarding on ASA so users can register their smartphones, wherever they are, on company PBX. I did configs as below, but softphone not registering. Can you please help me?:ASA Version 9.6(1)!interface GigabitEthernet1/...
I think I have set up my CSCO Firepower 1010 properly but I cannot connect/browse the internet when connecting a device. The FTD Device View shows Inside Network, BV1, 1/1, 1/2, MGMT, DNS, and Smart License all Green but ISP/NAV/Gateway and NTP Server are...
Recently we had a major power outage that knocked all of our domain controllers, after power was restored and all of our servers came up we noticed that we could no longer login our network gear. ISE showed that it was no longer joined to the domain. We'v...
Due to a security concern of running the sftunnel over a WAN a connection we may need to use the FDM over FMC. The FTD appliance is currently configured with a manager - what do I need to do to manage the appliance locally? If I remove the manager from th...
Ok, so for the longest time, my ise units have just been ise1.company.com, with an internal cert from our domain CA. This has worked fine until Android 11 and users being unable to set to not validate cert. So, I thought we could just get a public ce...