Password changers¶
defines the privileged account existing on the monitored server. It specifies the actual login credentials, user authentication mode: anonymous (without user authentication), regular (with login credentials substitution) or forward (with login and password forwarding); password changing policy as well as the password changer itself.
Data structures¶
Parameter | Type | Description |
---|---|---|
id | bigint | Object identifier. Read only. |
name | text | Required. |
timeout | int | Script’s execution time limit expressed in seconds. Required. |
transport | text{LDAP, SSH, Telnet, WINRM, plugin} | Transport layer specifier. Required. |
changer_type | text{change,verify} | Script type. Required. |
variables | VariablesModel | Required. |
commands | CommandsModel | Required. |
Parameter | Type | Description |
---|---|---|
id | bigint | Object identifier. |
name | string | Required. |
description | string | |
encrypt | bool |
|
required | bool |
|
object_type | text | |
object_property | text |
Parameter | Type | Description |
---|---|---|
id | bigint | Object identifier. Read only. |
command | text | Required if command_type==INPUT. |
expected | text | Required if command_type==EXPECTED |
delay | int | Delay after running the command before executing the next one. Required if command_type==DELAY |
comment | text | Optional commentary. |
position | int | required |
Parameter | Type | Description |
---|---|---|
id | bigint | Object identifier. |
position | int | Password changer position in execution queue. |
account | bigint | Account identifier. |
password_changer | bigint | Password changer identifier |
timeout | int | Script’s execution time limit. |
accountvariable_set |
Parameter | Type | Description |
---|---|---|
id | bigint | Object identifier. |
password_changer_variable | bigint | |
value | text | Variable value. |
account_id | bigint | Account identifier. |
server_id | bigint | Server identifier. |
account_password_changer_id | bigint | |
server_address_id | bigint |
Creating a password changer¶
Request
Method | POST
|
Path | /api/system/password_changers
|
Headers | Content-Type: Application/JSON
|
Body | PasswordChangerModel
|
Possible Response
Status | 201 CREATED
|
Headers | Content-Type: Application/JSON
|
Body | PasswordChangerModel
|
Description | Object successfully created. Resultant object's attributes
are included in response body.
|
Possible Response
Status | 400 BAD REQUEST
|
Headers | Content-Type: Application/JSON
|
Body | ValidationErrors
|
Description | Validation didn't pass.
|
Example:
curl -k -X POST -H "Content-Type:application/json"
https://10.0.150.150/api/system/password_changers?sessionid={{sessionid}} -d
{"name":"examplary password changer",
"timeout":300,
"transport":"Telnet",
"changer_type":"verify",
"variables":
[{
"name":"transport_host",
"description":null,
"encrypt":false,
"required":true,
"object_type":"fudo_server_address_property",
"object_property":"host"},
{
"name":"transport_port",
"description":null,
"encrypt":false,
"required":false,
"object_type":"fudo_server_property",
"object_property":"port"},
{
"name":"transport_bind_ip",
"description":null,
"encrypt":false,
"required":false,
"object_type":"fudo_server_property",
"object_property":"bind_ip"
}],
"commands":
[{
"command":"command 1 %%transport_bind_ip%%",
"expected":null,
"delay":null,
"command_type":"INPUT"},
{
"command":"command 2 %%transport_port%%",
"expected":null,
"delay":null,
"command_type":"INPUT"},
{
"command":"command 3 %%transport_host%%",
"expected":null,
"delay":null,
"command_type":"INPUT"
}]}
Retrieving password changers list¶
Request
Method | GET
|
Path | /api/system/password_changers
|
Note
Results pagination
Every GET
request, which returns a collection of objects can be optionally paginated. To achieve it add a pagination parameter to the request path:
/api/system/objects?page=3&page_size=10
page | int |
page_size | int |
Possible Response
Status | 200 OK
|
Headers | Content-Type: Application/JSON
|
Body | [
PasswordChangerModel,
...
]
|
Example:
curl -k -X GET "https://10.0.150.150/api/system/password_changers?sessionid={{sessionid}}"
Retrieving a password changer¶
Request
Method | GET
|
Path | /api/system/password_changers/id
|
Possible Response
Status | 200 OK
|
Headers | Content-Type: Application/JSON
|
Body | PasswordChangerModel
|
Possible Response
Status | 404 NOT FOUND
|
Not found. |
Example:
curl -k -X GET "https://10.0.150.150/api/system/password_changers/1?sessionid={{sessionid}}"
Modifying password changers¶
Request
Method | PUT
|
Path | /api/system/password_changers/id
|
Possible Response
Status | 200 OK
|
Headers | Content-Type: Application/JSON
|
Body | PasswordChangerModel
|
Possible Response
Status | 400 BAD REQUEST
|
Headers | Content-Type: Application/JSON
|
Body | PasswordChangerModel
|
Possible Response
Status | 404 NOT FOUND
|
Description | Object not found. |
Example:
curl -k -X POST -H "Content-Type:application/json"
https://10.0.150.150/api/system/password_changers/68719476747?sessionid={{sessionid}} -d
{
"name":"New name",
"timeout":300,
"transport":"Telnet",
"changer_type":"verify",
"variables":
[{
"name":"transport_host",
"description":null,
"encrypt":false,
"required":true,
"object_type":"fudo_server_address_property",
"object_property":"host"
},{
"name":"transport_port",
"description":null,
"encrypt":false,
"required":false,
"object_type":"fudo_server_property",
"object_property":"port"
},{
"name":"transport_bind_ip",
"description":null,
"encrypt":false,
"required":false,
"object_type":"fudo_server_property",
"object_property":"bind_ip"
}],
"commands":
[{
"command":"command 1 %%transport_bind_ip%%",
"expected":null,
"delay":null,
"command_type":"INPUT"
},{
"command":"command 2 %%transport_port%%",
"expected":null,
"delay":null,
"command_type":"INPUT"
},{
"command":"command 3 %%transport_host%%",
"expected":null,
"delay":null,
"command_type":"INPUT"
}]}
Deleting a password changer¶
Request
Method | DELETE
|
Path | /api/system/password_changers/id
|
Possible Response
Status | 204 NO CONTENT
|
Possible Response
Status | 404 NOT FOUND
|
Description | Object not found. |
Example:
curl -k -X DELETE https://10.0.150.150/api/system/password_changers/68719476746?sessionid={{sessionid}}
Retrieving account-password changers assignments list¶
Request
Method | GET
|
Path | /api/system/account_password_changers
|
Note
Results pagination
Every GET
request, which returns a collection of objects can be optionally paginated. To achieve it add a pagination parameter to the request path:
/api/system/objects?page=3&page_size=10
page | int |
page_size | int |
Possible Response
Status | 200 OK
|
Headers | Content-Type: Application/JSON
|
Body | [
AccountSafeAssignmentModel,
...
]
|
Example:
curl -k -X GET "https://10.0.150.150/api/system/account_password_changers?sessionid={{sessionid}}"
Adding a password changer to account¶
Request
Method | POST
|
Path | /api/system/account_password_changers
|
Body | account_password_changer
|
Possible Response
Status | 201 CREATED
|
Headers | Content-Type: Application/JSON
|
Body | AccountPasswordChanger
|
Possible Response
Status | 400 BAD REQUEST
|
Headers | Content-Type: Application/JSON
|
Body | ValidationErrors
|
Possible Response
Status | 404 NOT FOUND
|
Example:
curl -k -X POST https://10.0.8.89/api/system/account_password_changers?sessionid={{sessionid}} -d
{
"account": 1992864825347,
"accountvariable_set": [
{
"account_id": 1992864825347,
"password_changer_variable": 109,
"server_address_id": null,
"server_id": null,
"value": null
},
{
"account_id": 1992864825347,
"password_changer_variable": 110,
"server_address_id": null,
"server_id": null,
"value": null
},
{
"account_id": null,
"password_changer_variable": 102,
"server_address_id": null,
"server_id": 1992864825347,
"value": null
},
{
"account_id": 1992864825347,
"password_changer_variable": 103,
"server_address_id": null,
"server_id": null,
"value": null
},
{
"account_id": null,
"password_changer_variable": 101,
"server_address_id": 1992864825351,
"server_id": null,
"value": null
},
{
"account_id": 1992864825347,
"password_changer_variable": 106,
"server_address_id": null,
"server_id": null,
"value": null
},
{
"account_id": null,
"password_changer_variable": 107,
"server_address_id": null,
"server_id": 1992864825347,
"value": null
},
{
"account_id": 1992864825347,
"password_changer_variable": 104,
"server_address_id": null,
"server_id": null,
"value": null
},
{
"account_id": null,
"password_changer_variable": 105,
"server_address_id": null,
"server_id": null,
"value": "base1"
}
],
"password_changer": 13,
"position": 0,
"timeout": 300
}
Deleting an account-password changer assignment¶
Request
Method | DELETE
|
Path | /api/system/account_password_changers/id
|
Possible Response
Status | 204 NO CONTENT
|
Possible Response
Status | 404 NOT FOUND
|
Example:
curl -k -X DELETE
https://10.0.150.150/api/system/account_password_changers/68719476738?sessionid={{sessionid}}