Reply

NetMRI Script to Change Cisco Passwords

Posts: 80
2694     0

Hi All,

I finally got a script working to change the password on all my user accounts.  Does anyone have a good idea on how to cycle through and delete old local accounts that are not needed? My script is below

Script-Filter: $Vendor eq "Cisco" and $sysDescr like /IOS/ 
######################################################################## 
Action: Get Username Action-Commands: SET: $UpdateMade = "no" sho run | inc username
Output-Triggers: Change PW 
Trigger: Change PW 
Trigger-Variables: $username word 
Trigger-Template: username [[$username]] .+ Trigger-Commands: {$UpdateMade eq "no"} config t 
SET: $UpdateMade = "yes" 
Trigger-Commands: {$uniquepw ne "null"} 
SET: $uniquepw = getListValue(Account_PW,username,$username,new_pw,null) 
Trigger-Commands: username $username password 0 $uniquepw 
######################################################################## 
Action: End and Write Memory Action-Commands: {$UpdateMade eq "yes"} 
End Write Mem

Here is a better formatted

Posts: 80
2694     0

Here is a better formatted version

Script-Filter:
 $Vendor eq "Cisco" and $sysDescr like /IOS/

########################################################################
Action:
 Get Username

Action-Commands:
SET: $UpdateMade = "no"
sho run | inc username

Output-Triggers:
Change PW

Trigger:
Change PW

Trigger-Variables:
$username word

Trigger-Template:
username [[$username]] .+

Trigger-Commands: {$UpdateMade eq "no"}
config t
SET: $UpdateMade = "yes"

Trigger-Commands: {$uniquepw ne "null"}
SET: $uniquepw = getListValue(Account_PW,username,$username,new_pw,null)

Trigger-Commands:
username $username password 0 $uniquepw

########################################################################
Action:
End and Write Memory

Action-Commands: {$UpdateMade eq "yes"}
End
Write Mem

Same Script with a monor change

user42
Techie
Posts: 35
2694     0

You want to add an output trigger that looks for usernames that are NOT in your list.

This Syntax is not test so you would need to test this!!!!

Output-Triggers:
Delete User

Trigger:
Delete User

Trigger-Variables:
$username word

Trigger-Template:
username [[$username]] .+

Trigger-Commands: {$UpdateMade eq "no"}
config t
SET: $UpdateMade = "yes"

Trigger-Commands: {$uniquepw ne "null"}
SET: $uniquepw = getListValue(Account_PW,username,$username,new_pw,null)

Trigger-Commands: {$uniquepw eq "null"]
no username $username password 0 $uniquepw  [ not sure what the proper syntax is to remove the usernam from the config, but you would do that here ]

 

 

 

getListValue Variables

WDominguez
Techie
Posts: 1
2694     0
What are the columns in the list you're pulling from called vs what you're addressing in the parameters of the getListValue command. Currently have a script I'm trying to modify and would like to understand the syntax of that command before I go changing stuff. Thanks, Willie

Willie,

Posts: 80
2694     0

Willie,

It from the user guide:

 

SET: $uniquepw = getListValue(Account_PW,username,$username,new_pw,null)

Account_PW - name of the list

username - the field for the username

new_pw - the field for the new password.

Highlighted

Updated Script - there was an error

Posts: 80
2694     0

Here is the updated script.  This is an example for Netscalers but the same concept applies for IOS.

Script-Filter:
    $Vendor eq "Citrix"

########################################################################
Action:
    Get Username

Action-Commands:
SET: $UpdateMade = "no"
sho run | grep 'system user'

Output-Triggers:
Change PW

Trigger:
Change PW

Trigger-Description:
    The following will update the passwords from the list of values in the Lists Tab.

Trigger-Variables:
$username word

Trigger-Template:
(add|set) system user [[$username]] .+

Trigger-Commands: {$UpdateMade eq "no"}
SET: $UpdateMade = "yes"

Trigger-Commands:
SET: $uniquepw = getListValue(Account_PW,username,$username,new_pw,null)

Trigger-Commands: {$uniquepw ne "null"}
set system user $username $uniquepw

########################################################################
Action:
End and Write Memory

Action-Commands: {$UpdateMade eq "yes"}
save ns config

 

Showing results for 
Search instead for 
Do you mean 

Recommended for You