Reply
Highlighted

Add new users & passwords to ASA via list

Techie
Posts: 6
4064     0

Hello,

I am wanting to write a script to add new users and passwords to a Cisco ASA.  The list will be updated fairly often with different amounts of users added each time the script is run.  Ideally, all the users would need to do is import the new list under the designated list name and schedule the script to run.  Looking at the list example in the CCS scripting guide, it specifies that a value must be specified for a value to be populated into a given variable field.  I'm assuming I could use some kind of counter variable starting at 0 and adding 1 each time to get to the next row, but I'm not sure if there's an easier way to do this.  I'm also not sure how I'd get this cycle to end once I reached a row with no information contained.  Is there an example that someone could provide?

Thanks!

Highlighted

Chad,

Adviser
Posts: 436
4065     0

Chad,

Please take a look at the following:

https://community.infoblox.com/forum/network-automation/netmri-script-change-cisco-passwords

 

Sif

Follow me on LinkedIn: https://www.linkedin.com/in/sifbaksh
Twitter: https://twitter.com/sifbaksh

www.sifbaksh.com
Highlighted

Hi Sif,

Techie
Posts: 6
4065     0

Hi Sif,

Trying to make sure I understand the syntax here...would the .+ following username [[$username]] .+ cause the script to cycle through a column of entries contained in a list?  In my case I know I'll have at least two variables to be populated ($username and $password), so I'm assuming I'll have to have some kind of known designated value in column 1 for the script to cycle correctly.  

I'm also a bit of a newbie when it comes to writing scripts, so I'm open to advice/suggestions.

Highlighted

Not a problem :) Chad we are

Adviser
Posts: 436
4065     0

Not a problem Smiley Happy Chad we are here to help

Here is another great link to help better understand list

https://community.infoblox.com/forum/network-automation/how-use-lists-ccs

SET: $uniqueuser = getListValue(Account_PW,username,1,new_user,null)

SET: $uniquepw = getListValue(Account_PW,userpw,1,new_pw,null)

This will give you two different variables and when we look up in the list name Account_PW in column "username" for "1"

Hopes this helps

Sif

Follow me on LinkedIn: https://www.linkedin.com/in/sifbaksh
Twitter: https://twitter.com/sifbaksh

www.sifbaksh.com
Highlighted

That definitely helped. I think I almost have my script d...

Techie
Posts: 6
4065     0

 

    That definitely helped. I think I almost have my script done, but I'm getting an infinite loop between two triggers.  

#######################################
Trigger:
    Set user and password variables

Trigger-Description:
Set the username and password variables based on items in a list. Counter starts at 1.

Trigger-Template:
    username word

Trigger-Commands:
#Get username and password from Users list
SET: $username = getListValue(Users,Number,$counter,Username,END)
SET: $password = getListValue(Users,Number,$counter,Password,END)

Output-Triggers:
    Add user to ASA

######################################
Trigger:
    Add user to ASA

Trigger-Description:
Activates is username does not equal "END." Add the new username and password to the ASA.  Then add 1 to the counter, and go back to the previous trigger to get the next username/password.
    
Trigger-Template:
    $username ne "END"

Trigger-Commands:    
username $username password $password privilege 0

#Increase counter and reset username/pw
EXPR: $counter = $counter + 1
Output-Triggers:
    Set user and password variables
    
######################################

I thought that when the counter hit a value past the last entry on the list, the "END" value would be assigned to the $username and end the script.  Do I not need to be dictating the looping behavior?  I've also tried adding lines to end this loop explicitly ($username eq "END" at the beginning of another template) and I'm still getting a loop.

Highlighted

Try something like this

Adviser
Posts: 436
4065     0

Try something like this

#######################################
Trigger:
    Set user and password variables

Trigger-Description:
Set the username and password variables based on items in a list. Counter starts at 1.

Trigger-Template:
    $username ne "END"

Trigger-Commands:
#Get username and password from Users list
SET: $username = getListValue(Users,Number,$counter,Username,END)
SET: $password = getListValue(Users,Number,$counter,Password,END)
username $username password $password privilege 0

#Increase counter and reset username/pw
EXPR: $counter = $counter + 1

######################################

 

I haven't tested it

Sif

Follow me on LinkedIn: https://www.linkedin.com/in/sifbaksh
Twitter: https://twitter.com/sifbaksh

www.sifbaksh.com
Highlighted

How would that section of

Techie
Posts: 6
4065     0

How would that section of script cycle back to the top to add the next username/password in the list?  That's the part I'm struggling with.  I need the script to continue adding the next username/pw on the list until no more entries are present, then presumably trigger another section to do an end/write memory. 

Can you add a variable statement to the end of an output-trigger?

output-triggers:{$username ne "END"}
Set User and password variables

output-triggers:{$username eq "END"}
End and write config
 

Highlighted

Think I figured it out.

Techie
Posts: 6
4065     0

After looking at the scripting example in the CCS guide, it looks like triggers try to cycle back to the beginning of the trigger section if possible anyway.  Is that correct?  

Highlighted

Yes triggers can be used in

Adviser
Posts: 436
4065     0

Yes triggers can be used in form of loops 

Sif

Follow me on LinkedIn: https://www.linkedin.com/in/sifbaksh
Twitter: https://twitter.com/sifbaksh

www.sifbaksh.com
Showing results for 
Search instead for 
Did you mean: 

Recommended for You