GSS-TSIG permissions at grid level using API

Posts: 6
3203     0

Ok so previously I posted about using the API to upload a gss-tsig keytab and assign it. Previously we were assigning the keys at the grid dns member level. This worked fine through the api. Recently we changed to assign the keys at the grid dns level. While I can use my service account to make the changes in the UI, when I try through the api I get error 1012, superuser permissions are required. Any ideas if that is correct for the api to require more pemissions than the UI? Here is a code snippet incase I am doing something wrong. NIOS 7.3.9.


my $grid = $session->get(
        object => "Infoblox::Grid:Smiley Very HappyNS",
        name   => $master
        die("Failed to find grid $master: ",
            Infoblox::status_code() . ":" . Infoblox::status_detail());
    print "Found grid $master.\n";
    #Get enable_gss_tsig value
    my $gss_tsig_enabled = $grid->enable_gss_tsig();
    print "GSS-TSIG enabled: $gss_tsig_enabled \n";
    #get the existing keys
    my @oldkeys = $grid->gss_tsig_keys();
    #this passed back an array of arrays referece, so derference it
    my @keys = @{ $oldkeys[0] };
    print "Found " . scalar @keys . " existing keys\n";
    #add the new key to the existing keys
    push(@keys, $newkey);
    print scalar @keys . " keys ready.\n";
    #Configure KerberosKey on the Infoblox grid object
    #yes it takes an array of an array Smiley Happy
        or die("Failed to assign key to member $master: ",
            Infoblox::status_code() . ":" . Infoblox::status_detail());
    print "Successfully assigned key to grid $master \n";
    #modify the grid config
        or die("modify Grid DNS properties failed:" ,
            $session->status_code(), $session->status_detail());

Re: GSS-TSIG permissions at grid level using API

Posts: 141
3204     0



It should not require more priveledges. Please contact support.



Showing results for 
Search instead for 
Did you mean: 

Recommended for You