Reply

GSS-TSIG permissions at grid level using API

jncarter
Techie
Posts: 6
1892     0

Ok so previously I posted about using the API to upload a gss-tsig keytab and assign it. Previously we were assigning the keys at the grid dns member level. This worked fine through the api. Recently we changed to assign the keys at the grid dns level. While I can use my service account to make the changes in the UI, when I try through the api I get error 1012, superuser permissions are required. Any ideas if that is correct for the api to require more pemissions than the UI? Here is a code snippet incase I am doing something wrong. NIOS 7.3.9.

 

my $grid = $session->get(
        object => "Infoblox::Grid:Smiley Very HappyNS",
        name   => $master
    );
                
    unless($grid){
        die("Failed to find grid $master: ",
            Infoblox::status_code() . ":" . Infoblox::status_detail());
    }
            
    print "Found grid $master.\n";
            
            
    #Get enable_gss_tsig value
    my $gss_tsig_enabled = $grid->enable_gss_tsig();
    print "GSS-TSIG enabled: $gss_tsig_enabled \n";
            
    #get the existing keys
    my @oldkeys = $grid->gss_tsig_keys();
            
    #this passed back an array of arrays referece, so derference it
    my @keys = @{ $oldkeys[0] };
    print "Found " . scalar @keys . " existing keys\n";
           
    #add the new key to the existing keys
    push(@keys, $newkey);
    print scalar @keys . " keys ready.\n";
        
    #Configure KerberosKey on the Infoblox grid object
    #yes it takes an array of an array Smiley Happy
    $grid->gss_tsig_keys([@keys])
        or die("Failed to assign key to member $master: ",
            Infoblox::status_code() . ":" . Infoblox::status_detail());
            
    print "Successfully assigned key to grid $master \n";
        
    #modify the grid config
    $session->modify($grid)
        or die("modify Grid DNS properties failed:" ,
            $session->status_code(), $session->status_detail());

Highlighted

Re: GSS-TSIG permissions at grid level using API

Adviser
Posts: 141
1892     0

Hi,

 

It should not require more priveledges. Please contact support.

 

Vadim

Showing results for 
Search instead for 
Do you mean 

Recommended for You