Password changers¶
defines the privileged account existing on the monitored server. It specifies the actual login credentials, user authentication mode: anonymous (without user authentication), regular (with login credentials substitution) or forward (with login and password forwarding); password changing policy as well as the password changer itself.
Data structures¶
| Parameter | Type | Description |
|---|---|---|
| id | bigint | Object identifier. Read only. |
| name | text | Required. |
| timeout | int | Script’s execution time limit expressed in seconds. Required. |
| transport | text{LDAP, SSH, Telnet, WINRM, plugin} | Transport layer specifier. Required. |
| changer_type | text{change,verify} | Script type. Required. |
| variables | VariablesModel | Required. |
| commands | CommandsModel | Required. |
| Parameter | Type | Description |
|---|---|---|
| id | bigint | Object identifier. |
| name | string | Required. |
| description | string | |
| encrypt | bool |
|
| required | bool |
|
| object_type | text | |
| object_property | text |
| Parameter | Type | Description |
|---|---|---|
| id | bigint | Object identifier. Read only. |
| command | text | Required if command_type==INPUT. |
| expected | text | Required if command_type==EXPECTED |
| delay | int | Delay after running the command before executing the next one. Required if command_type==DELAY |
| comment | text | Optional commentary. |
| position | int | required |
| Parameter | Type | Description |
|---|---|---|
| id | bigint | Object identifier. |
| position | int | Password changer position in execution queue. |
| account | bigint | Account identifier. |
| password_changer | bigint | Password changer identifier |
| timeout | int | Script’s execution time limit. |
| accountvariable_set |
| Parameter | Type | Description |
|---|---|---|
| id | bigint | Object identifier. |
| password_changer_variable | bigint | |
| value | text | Variable value. |
| account_id | bigint | Account identifier. |
| server_id | bigint | Server identifier. |
| account_password_changer_id | bigint | |
| server_address_id | bigint |
Creating a password changer¶
Request
| Method | POST
|
| Path | /api/system/password_changers
|
| Headers | Content-Type: Application/JSON
|
| Body | PasswordChangerModel
|
Possible Response
| Status | 201 CREATED
|
| Headers | Content-Type: Application/JSON
|
| Body | PasswordChangerModel
|
| Description | Object successfully created. Resultant object's attributes
are included in response body.
|
Possible Response
| Status | 400 BAD REQUEST
|
| Headers | Content-Type: Application/JSON
|
| Body | ValidationErrors
|
| Description | Validation didn't pass.
|
Example:
curl -k -X POST -H "Content-Type:application/json"
https://10.0.150.150/api/system/password_changers?sessionid={{sessionid}} -d
{"name":"examplary password changer",
"timeout":300,
"transport":"Telnet",
"changer_type":"verify",
"variables":
[{
"name":"transport_host",
"description":null,
"encrypt":false,
"required":true,
"object_type":"fudo_server_address_property",
"object_property":"host"},
{
"name":"transport_port",
"description":null,
"encrypt":false,
"required":false,
"object_type":"fudo_server_address_property",
"object_property":"port"},
{
"name":"transport_bind_ip",
"description":null,
"encrypt":false,
"required":false,
"object_type":"fudo_server_address_property",
"object_property":"bind_ip"
}],
"commands":
[{
"command":"command 1 %%transport_bind_ip%%",
"expected": null,
"position": 1,
"delay":null,
"command_type":"INPUT"},
{
"command":"command 2 %%transport_port%%",
"expected": null,
"position": 2,
"delay":null,
"command_type":"INPUT"},
{
"command":"command 3 %%transport_host%%",
"expected": null,
"position": 3,
"delay":null,
"command_type":"INPUT"
}]}
Retrieving password changers list¶
Request
| Method | GET
|
| Path | /api/system/password_changers
|
Note
Results pagination
Every GET request, which returns a collection of objects can be optionally paginated. To achieve it add a pagination parameter to the request path:
/api/system/objects?page=3&page_size=10
| page | int |
| page_size | int |
Possible Response
| Status | 200 OK
|
| Headers | Content-Type: Application/JSON
|
| Body | [
PasswordChangerModel,
...
]
|
Example:
curl -k -X GET
"https://10.0.150.150/api/system/password_changers?sessionid={{sessionid}}"
Retrieving a password changer¶
Request
| Method | GET
|
| Path | /api/system/password_changers/id
|
Possible Response
| Status | 200 OK
|
| Headers | Content-Type: Application/JSON
|
| Body | PasswordChangerModel
|
Possible Response
| Status | 404 NOT FOUND
|
| Not found. |
Example:
curl -k -X GET "https://10.0.150.150/api/system/password_changers/1?sessionid={{sessionid}}"
Modifying password changers¶
Request
| Method | PUT
|
| Path | /api/system/password_changers/id
|
Possible Response
| Status | 200 OK
|
| Headers | Content-Type: Application/JSON
|
| Body | PasswordChangerModel
|
Possible Response
| Status | 400 BAD REQUEST
|
| Headers | Content-Type: Application/JSON
|
| Body | PasswordChangerModel
|
Possible Response
| Status | 404 NOT FOUND
|
| Description | Object not found. |
Example:
curl -k -X POST -H "Content-Type:application/json"
https://10.0.150.150/api/system/password_changers/68719476747?sessionid={{sessionid}} -d
{
"name":"New name",
"timeout":300,
"transport":"Telnet",
"changer_type":"verify",
"variables":
[{
"name":"transport_host",
"description":null,
"encrypt":false,
"required":true,
"object_type":"fudo_server_address_property",
"object_property":"host"
},{
"name":"transport_port",
"description":null,
"encrypt":false,
"required":false,
"object_type":"fudo_server_address_property",
"object_property":"port"
},{
"name":"transport_bind_ip",
"description":null,
"encrypt":false,
"required":false,
"object_type":"fudo_server_address_property",
"object_property":"bind_ip"
}],
"commands":
[{
"command":"command 1 %%transport_bind_ip%%",
"expected": null,
"position": 1,
"delay":null,
"command_type":"INPUT"
},{
"command":"command 2 %%transport_port%%",
"expected": null,
"position": 2,
"delay":null,
"command_type":"INPUT"
},{
"command":"command 3 %%transport_host%%",
"expected":null,
"position": 3,
"delay":null,
"command_type":"INPUT"
}]}
Deleting a password changer¶
Request
| Method | DELETE
|
| Path | /api/system/password_changers/id
|
Possible Response
| Status | 204 NO CONTENT
|
Possible Response
| Status | 404 NOT FOUND
|
| Description | Object not found. |
Example:
curl -k -X DELETE
https://10.0.150.150/api/system/password_changers/68719476746?sessionid={{sessionid}}
Retrieving account-password changers assignments list¶
Request
| Method | GET
|
| Path | /api/system/account_password_changers
|
Note
Results pagination
Every GET request, which returns a collection of objects can be optionally paginated. To achieve it add a pagination parameter to the request path:
/api/system/objects?page=3&page_size=10
| page | int |
| page_size | int |
Possible Response
| Status | 200 OK
|
| Headers | Content-Type: Application/JSON
|
| Body | [
AccountSafeAssignmentModel,
...
]
|
Example:
curl -k -X GET
"https://10.0.150.150/api/system/account_password_changers?sessionid={{sessionid}}"
Adding a password changer to account¶
Request
| Method | POST
|
| Path | /api/system/account_password_changers
|
| Body | account_password_changer
|
Possible Response
| Status | 201 CREATED
|
| Headers | Content-Type: Application/JSON
|
| Body | AccountPasswordChanger
|
Possible Response
| Status | 400 BAD REQUEST
|
| Headers | Content-Type: Application/JSON
|
| Body | ValidationErrors
|
Possible Response
| Status | 404 NOT FOUND
|
Example:
curl -k -X POST
https://10.0.8.89/api/system/account_password_changers?sessionid={{sessionid}} -d
{
"account": 1992864825347,
"accountvariable_set": [
{
"account_id": 1992864825347,
"password_changer_variable": 109,
"server_address_id": null,
"server_id": null,
"value": null
},
{
"account_id": 1992864825347,
"password_changer_variable": 110,
"server_address_id": null,
"server_id": null,
"value": null
},
{
"account_id": null,
"password_changer_variable": 102,
"server_address_id": null,
"server_id": 1992864825347,
"value": null
},
{
"account_id": 1992864825347,
"password_changer_variable": 103,
"server_address_id": null,
"server_id": null,
"value": null
},
{
"account_id": null,
"password_changer_variable": 101,
"server_address_id": 1992864825351,
"server_id": null,
"value": null
},
{
"account_id": 1992864825347,
"password_changer_variable": 106,
"server_address_id": null,
"server_id": null,
"value": null
},
{
"account_id": null,
"password_changer_variable": 107,
"server_address_id": null,
"server_id": 1992864825347,
"value": null
},
{
"account_id": 1992864825347,
"password_changer_variable": 104,
"server_address_id": null,
"server_id": null,
"value": null
},
{
"account_id": null,
"password_changer_variable": 105,
"server_address_id": null,
"server_id": null,
"value": "base1"
}
],
"password_changer": 13,
"position": 0,
"timeout": 300
}
Deleting an account-password changer assignment¶
Request
| Method | DELETE
|
| Path | /api/system/account_password_changers/id
|
Possible Response
| Status | 204 NO CONTENT
|
Possible Response
| Status | 404 NOT FOUND
|
Example:
curl -k -X DELETE
https://10.0.150.150/api/system/account_password_changers/68719476738?sessionid={{sessionid}}