Showing results for 
Search instead for 
Did you mean: 

Create an authgroup using MAAPI Java API

Philip Petty
Cisco Employee
Cisco Employee


I'd like to get some help creating an authgroup entry using the MAAPI Java API. So far I have been following the AddAndSyncDevices example found here and modifying it as appropriate:

Below is a snippet of the code I have - I have created the socket, maapi instance, user session and transaction handle prior to this:

        ConfPath newAuthgroupPath = new ConfPath("/ncs:devices/authgroups/group{%s}", name);

        if (maapi.exists(th, newAuthgroupPath)) {

            System.out.println("Authgroup " + name + " already exists - deleting");

            maapi.delete(th, newAuthgroupPath);


        maapi.create(th, newAuthgroupPath);

Pretty basic stuff and it works up to this point. The problem I am having is, an authgroup has a 'umap' element which is a list, however, I can't figure out how to create it. I have tried the following:

     maapi.create(th, newAuthgroupPath.copyAppend(Ncs._umap_));

This throws the following exception:

com.tailf.maapi.MaapiException: /ncs:devices/authgroups/group{testing}/umap: notcreatable

I have also tried:

     ConfList umapList = new ConfList();

     maapi.setElem(th, umapList, newAuthgroupPath.copyAppend(Ncs._umap_));

This throws the following exception:
com.tailf.maapi.MaapiException: /ncs:devices/authgroups/group{testing}/umap: typeless node

Failing getting umap to work, I tried creating a default-map instead (however I would prefer to use a umap) with a bit more success. I have been able to create the default-map and set the remote-name, however I am getting an exception when setting the remote-password. I am guessing that this is because the remote-password I am setting is a string and it is defined as a tailf:aes-cfb-128-encrypted-string in tailf-ncs-cluster.yang?

Below is the code I have tried for creating and setting the default-map:

     maapi.create(th, newAuthgroupPath.copyAppend(Ncs._default_map_));

     ConfBuf remoteNameBuf = new ConfBuf(username);

     maapi.setElem(th, remoteNameBuf, newAuthgroupPath.copyAppend(Ncs._default_map_ + "/" + Ncs._remote_name_));

     ConfBuf remotePasswordBuf = new ConfBuf(password);

     maapi.setElem(th, remotePasswordBuf,

          newAuthgroupPath.copyAppend(Ncs._default_map_ + "/" + Ncs._remote_password_));

     ConfBuf remoteSecondaryPasswordBuf = new ConfBuf(enablePassword);

     maapi.setElem(th, remoteSecondaryPasswordBuf,

          newAuthgroupPath.copyAppend(Ncs._default_map_ + "/" + Ncs._remote_secondary_password_));

Below is the exception I mentioned above when setting the password but it is not encrypted:

com.tailf.maapi.MaapiException: /ncs:devices/authgroups/group{testing}/default-map/remote-password: <<"testing">> is not a valid value.

I have looked through the Ncs examples and the advanced NSO training material and I haven't seen any examples like this, of creating a umap or list or creating an encrypted string.

To summaries, these are my questions:

  • How do I create a umap/list and populate it with values via MAAPI?
  • How do I create the encrypted remote-password via MAAPI?

Appreciate your help with this!

1 Accepted Solution

Accepted Solutions