def ldap_settings_exist(handle, **kwargs): """ Checks if the specified LDAP settings are already applied Args: handle (ImcHandle) kwargs: Key-Value paired arguments Returns: (True, AaaLdap) if settings match, else (False, None) Examples: match, mo = ldap_settings_exist( handle, enabled=True, basedn='DC=LAB,DC=cisco,DC=com', domain='LAB.cisco.com', timeout=20, group_auth=True, bind_dn='CN=administrator,CN=Users,DC=LAB,DC=cisco,DC=com', password='******', ldap_servers=ldap_servers) """ mo = _get_mo(handle, dn=LDAP_DN) params = _get_ldap_params(kwargs) if not mo.check_prop_match(**params): return False, None if _is_valid_arg('ldap_servers', kwargs): if not _check_ldap_server_match(mo, kwargs.pop('ldap_servers')): return False, None if not mo.check_prop_match(**kwargs): return False, None return True, mo
def ntp_servers_clear(handle, ntp_servers=[]): """ Clears the NTP servers provided in the arguments. Clears all the NTP servers, only if ntp is disabled. Args: handle (ImcHandle) ntp_servers (list): List of NTP servers in the format ["192.168.1.1", "192.168.1.2"] Returns: CommNtpProvider object """ mo = _get_mo(handle, dn=NTP_DN) args = {} if ntp_servers: args = {x: "" for x in _NTP_SERVER_LIST if getattr(mo, x) in ntp_servers} else: args = {x: "" for x in _NTP_SERVER_LIST} if mo.ntp_enable.lower() in ["yes", "true"] and len(args) == len(_NTP_SERVER_LIST): raise ImcOperationError("Clear NTP Servers", "Cannot clear all NTP servers when NTP is enabled") mo.set_prop_multiple(**args) mo.ntp_enable = mo.ntp_enable handle.set_mo(mo) return handle.query_dn(mo.dn)
def ldap_settings_exist(handle, **kwargs): """ Checks if the specified LDAP settings are already applied Args: handle (ImcHandle) kwargs: Key-Value paired arguments Returns: (True, AaaLdap) if settings match, else (False, None) Examples: match, mo = ldap_settings_exist( handle, enabled=True, basedn='DC=LAB,DC=cisco,DC=com', domain='LAB.cisco.com', timeout=20, group_auth=True, bind_dn='CN=administrator,CN=Users,DC=LAB,DC=cisco,DC=com', password='******', ldap_servers=ldap_servers) """ mo = _get_mo(handle, dn=LDAP_DN) params = _get_ldap_params(kwargs) if not mo.check_prop_match(**params): return False, None if _is_valid_arg('ldap_servers', kwargs): if not _check_ldap_server_match(mo, kwargs.pop('ldap_servers')): return False, None if not mo.check_prop_match(**kwargs): return False, None return True, mo
def ldap_certificate_binding_check(handle, user=None, pwd=None, **kwargs): """ Tests the LDAP CA certificate binding Args: handle (ImcHandle) user (str): Username for the remote server pwd (str): Password for the remote server Returns: LdapCACertificate object Examples: ldap_certificate_binding_check(handle, user='******', pwd='pqrs') """ mo = _get_mo(handle, dn='sys/ldap-ext/ldap-ca-cert-mgmt/ldap-ca-cert') params = { 'user': user, 'pwd': pwd, 'admin_action': 'test-ldap-binding' } mo.set_prop_multiple(**params) mo.set_prop_multiple(**kwargs) handle.set_mo(mo) return handle.query_dn(mo.dn)
def snmp_user_modify(handle, user_id, **kwargs): """ Modifies snmp user. Use this after getting the id from snmp_user_exists Args: handle (ImcHandle) user_id (int) : unique id for the user kwargs: Key-Value paired arguments relevant to CommSnmpUser object Returns: CommSnmpUser: Managed Object Raises: ImcOperationError: If user is not present Example: snmp_user_modify(handle, user_id=1, name="snmpuser", security_level="authpriv", auth_pwd="password", auth="MD5", privacy="AES", privacy_pwd="password") """ dn = SNMP_DN + "/snmpv3-user-" + str(user_id) mo = _get_mo(handle, dn=dn) mo.set_prop_multiple(**kwargs) handle.set_mo(mo) return handle.query_dn(mo.dn)
def ntp_enable(handle, ntp_servers=[]): """ Enables NTP and configures the NTP servers provided Args: handle (ImcHandle) ntp_servers (list): List of dictionaries in the format [{"id": 1, "ip": "192.168.1.1"}, {"id": 2, "ip": "192.168.1.2"}] Upto 4 ntp servers can be specified. Returns: CommNtpProvider object Example: ntp_enable(handle, ntp_servers = [{"id": 1, "ip": "192.168.1.1"}, {"id": 2, "ip": "192.168.1.2"}] """ log.warning('IPMI Set SEL Time command will be disabled if NTP is enabled.') mo = _get_mo(handle, dn=NTP_DN) mo.ntp_enable = "yes" _set_ntp_servers(mo, ntp_servers) handle.set_mo(mo) return handle.query_dn(mo.dn)
def snmp_user_modify(handle, user_id, **kwargs): """ Modifies snmp user. Use this after getting the id from snmp_user_exists Args: handle (ImcHandle) user_id (int) : unique id for the user kwargs: Key-Value paired arguments relevant to CommSnmpUser object Returns: CommSnmpUser: Managed Object Raises: ImcOperationError: If user is not present Example: snmp_user_modify(handle, user_id=1, name="snmpuser", security_level="authpriv", auth_pwd="password", auth="MD5", privacy="AES", privacy_pwd="password") """ dn = SNMP_DN + "/snmpv3-user-" + str(user_id) mo = _get_mo(handle, dn=dn) mo.set_prop_multiple(**kwargs) handle.set_mo(mo) return handle.query_dn(mo.dn)
def ldap_certificate_export(handle, remote_server, remote_file, user=None, pwd=None, protocol='tftp', **kwargs): """ Export the LDAP CA certificate from the Cisco IMC to a remote location Args: handle (ImcHandle) remote_server (str): Remote Server IP or Hostname remote_file (str): Remote file path user (str): Username for the remote server pwd (str): Password for the remote server protocol (str): Protocol for downloading the certificate ['tftp', 'ftp', 'http', 'scp', 'sftp'] kwargs: Key-Value paired arguments for future use Returns: ExportLdapCACertificate object Examples: ldap_certificate_export(handle, user='******', pwd='pqrs', remote_server='1.1.1.1', remote_file='/tmp/cert', protocol='scp') """ mo = _get_mo(handle, dn='sys/ldap-ext/ldap-ca-cert-mgmt/ldap-ca-cert-export') params = { 'user': user, 'pwd': pwd, 'remote_server': remote_server, 'remote_file': remote_file, 'protocol': protocol } mo.set_prop_multiple(**params) mo.set_prop_multiple(**kwargs) handle.set_mo(mo) return handle.query_dn(mo.dn)
def snmp_trap_remove(handle, trap_id): """ Modifies snmp trap. Args: handle (ImcHandle) trap_id (int): Trap id Returns: None Raises: ImcOperationError if trap not found Example: snmp_trap_remove(handle, trap_id=6) """ from imcsdk.mometa.comm.CommSnmpTrap import CommSnmpTrapConsts dn = SNMP_DN + '/snmp-trap-' + str(trap_id) mo = _get_mo(handle, dn=dn) mo.admin_state = CommSnmpTrapConsts.ADMIN_STATE_DISABLED mo.admin_action = CommSnmpTrapConsts.ADMIN_ACTION_CLEAR handle.set_mo(mo)
def ntp_enable(handle, ntp_servers=[]): """ Enables NTP and configures the NTP servers provided Args: handle (ImcHandle) ntp_servers (list): List of dictionaries in the format [{"id": 1, "ip": "192.168.1.1"}, {"id": 2, "ip": "192.168.1.2"}] Upto 4 ntp servers can be specified. Returns: CommNtpProvider object Example: ntp_enable(handle, ntp_servers = [{"id": 1, "ip": "192.168.1.1"}, {"id": 2, "ip": "192.168.1.2"}] """ log.warning('IPMI Set SEL Time command will disable if NTP is enabled.') mo = _get_mo(handle, dn=NTP_DN) mo.ntp_enable = "yes" _set_ntp_servers(mo, ntp_servers) handle.set_mo(mo) return handle.query_dn(mo.dn)
def ntp_setting_exists(handle, **kwargs): """ Check if the specified NTP settings are already applied Args: handle (ImcHandle) kwargs: key-value paired arguments Returns: (True, CommNtpProvider) if settings match, (False, None) otherwise """ mo = _get_mo(handle, dn=NTP_DN) if mo is None: return False, None kwargs['ntp_enable'] = "yes" if _is_valid_arg("ntp_servers", kwargs): args = _get_ntp_servers(kwargs['ntp_servers']) del kwargs['ntp_servers'] kwargs.update(args) if not mo.check_prop_match(**kwargs): return False, mo return True, mo
def snmp_trap_modify(handle, trap_id, **kwargs): """ Modifies snmp trap referred to by id Args: handle (ImcHandle) trap_id (int) : Range is (1,15) kwargs : Key-Value paired arguments relevant to CommSnmpTrap object Returns: CommSnmpTrap: Managed Object Raises: ImcOperationError if trap not found Example: snmp_trap_modify(handle, id="5", hostname="10.10.10.10", port="162", version="v3", notification_type="traps", user="******") """ dn = SNMP_DN + '/snmp-trap-' + str(trap_id) mo = _get_mo(handle, dn=dn) mo.set_prop_multiple(**kwargs) handle.set_mo(mo) return handle.query_dn(mo.dn)
def ntp_servers_clear(handle, ntp_servers=[]): """ Clears the NTP servers provided in the arguments. Clears all the NTP servers, only if ntp is disabled. Args: handle (ImcHandle) ntp_servers (list): List of NTP servers in the format ["192.168.1.1", "192.168.1.2"] Returns: CommNtpProvider object """ mo = _get_mo(handle, dn=NTP_DN) args = {} if ntp_servers: args = { x: "" for x in _NTP_SERVER_LIST if getattr(mo, x) in ntp_servers } else: args = {x: "" for x in _NTP_SERVER_LIST} if mo.ntp_enable.lower() in ["yes", "true"] and \ len(args) == len(_NTP_SERVER_LIST): raise ImcOperationError( "Clear NTP Servers", "Cannot clear all NTP servers when NTP is enabled") mo.set_prop_multiple(**args) mo.ntp_enable = mo.ntp_enable handle.set_mo(mo) return handle.query_dn(mo.dn)
def snmp_trap_modify(handle, trap_id, **kwargs): """ Modifies snmp trap referred to by id Args: handle (ImcHandle) trap_id (int) : Range is (1,15) kwargs : Key-Value paired arguments relevant to CommSnmpTrap object Returns: CommSnmpTrap: Managed Object Raises: ImcOperationError if trap not found Example: snmp_trap_modify(handle, id="5", hostname="10.10.10.10", port="162", version="v3", notification_type="traps", user="******") """ dn = SNMP_DN + '/snmp-trap-' + str(trap_id) mo = _get_mo(handle, dn=dn) mo.set_prop_multiple(**kwargs) handle.set_mo(mo) return handle.query_dn(mo.dn)
def ssh_enable(handle, port=None, session_timeout=None, **kwargs): """ Enables ssh Policy and sets the given properties Args: handle (ImcHandle) port (int): Port number used by SSH session_timeout (int): No of seconds to wait before the system considers a SSH request to have timed out kwargs: key-value paired arguments for future use Returns: CommSsh object Raises: ImcOperationError if the CommSsh Mo is not present Example: ssh_enable(handle, 22, 120) """ from imcsdk.mometa.comm.CommSsh import CommSshConsts mo = _get_mo(handle, dn=_SSH_DN) params = { 'admin_state': CommSshConsts.ADMIN_STATE_ENABLED, 'port': str(port) if port else None, 'session_timeout': str(session_timeout) if session_timeout else None } mo.set_prop_multiple(**params) mo.set_prop_multiple(**kwargs) handle.set_mo(mo) return mo
def ntp_servers_modify(handle, ntp_servers=[]): """ Modifies the configured NTP servers Args: handle (ImcHandle) ntp_servers (list): List of dictionaries in the format [{"id": 1, "ip": "192.168.1.1"}, {"id": 2, "ip": "192.168.1.2"}] Upto 4 ntp servers can be specified. Returns: CommNtpProvider object Example: ntp_servers_modify(handle, ntp_servers = [{"id": 1, "ip": "192.168.1.1"}, {"id": 2, "ip": "192.168.1.2"}, {"id": 3, "ip": ""}] """ # While sending the modified list of servers, it is imperative to send # ntp_enable property in the request. # Hence, query the MO and reassign the same value to ntp_enable mo = _get_mo(handle, dn=NTP_DN) mo.ntp_enable = mo.ntp_enable _set_ntp_servers(mo, ntp_servers) handle.set_mo(mo) return handle.query_dn(mo.dn)
def ssh_enable(handle, port=None, session_timeout=None, **kwargs): """ Enables ssh Policy and sets the given properties Args: handle (ImcHandle) port (int): Port number used by SSH session_timeout (int): No of seconds to wait before the system considers a SSH request to have timed out kwargs: key-value paired arguments for future use Returns: CommSsh object Raises: ImcOperationError if the CommSsh Mo is not present Example: ssh_enable(handle, 22, 120) """ from imcsdk.mometa.comm.CommSsh import CommSshConsts mo = _get_mo(handle, dn=_SSH_DN) params = { 'admin_state': CommSshConsts.ADMIN_STATE_ENABLED, 'port': str(port) if port else None, 'session_timeout': str(session_timeout) if session_timeout else None } mo.set_prop_multiple(**params) mo.set_prop_multiple(**kwargs) handle.set_mo(mo) return mo
def snmp_trap_remove(handle, trap_id): """ Modifies snmp trap. Args: handle (ImcHandle) trap_id (int): Trap id Returns: None Raises: ImcOperationError if trap not found Example: snmp_trap_remove(handle, trap_id=6) """ from imcsdk.mometa.comm.CommSnmpTrap import CommSnmpTrapConsts dn = SNMP_DN + '/snmp-trap-' + str(trap_id) mo = _get_mo(handle, dn=dn) mo.admin_state = CommSnmpTrapConsts.ADMIN_STATE_DISABLED mo.admin_action = CommSnmpTrapConsts.ADMIN_ACTION_CLEAR handle.set_mo(mo)
def ntp_setting_exists(handle, **kwargs): """ Check if the specified NTP settings are already applied Args: handle (ImcHandle) kwargs: key-value paired arguments Returns: (True, CommNtpProvider) if settings match, (False, None) otherwise """ mo = _get_mo(handle, dn=NTP_DN) if mo is None: return False, None kwargs['ntp_enable'] = "yes" if _is_valid_arg("ntp_servers", kwargs): args = _get_ntp_servers(kwargs['ntp_servers']) del kwargs['ntp_servers'] kwargs.update(args) if not mo.check_prop_match(**kwargs): return False, None return True, mo
def ntp_servers_modify(handle, ntp_servers=[]): """ Modifies the configured NTP servers Args: handle (ImcHandle) ntp_servers (list): List of dictionaries in the format [{"id": 1, "ip": "192.168.1.1"}, {"id": 2, "ip": "192.168.1.2"}] Upto 4 ntp servers can be specified. Returns: CommNtpProvider object Example: ntp_servers_modify(handle, ntp_servers = [{"id": 1, "ip": "192.168.1.1"}, {"id": 2, "ip": "192.168.1.2"}, {"id": 3, "ip": ""}] """ # While sending the modified list of servers, it is imperative to send # ntp_enable property in the request. # Hence, query the MO and reassign the same value to ntp_enable mo = _get_mo(handle, dn=NTP_DN) mo.ntp_enable = mo.ntp_enable _set_ntp_servers(mo, ntp_servers) handle.set_mo(mo) return handle.query_dn(mo.dn)
def ldap_certificate_binding_check(handle, user=None, pwd=None, **kwargs): """ Tests the LDAP CA certificate binding Args: handle (ImcHandle) user (str): Username for the remote server pwd (str): Password for the remote server Returns: LdapCACertificate object Examples: ldap_certificate_binding_check(handle, user='******', pwd='pqrs') """ mo = _get_mo(handle, dn='sys/ldap-ext/ldap-ca-cert-mgmt/ldap-ca-cert') params = { 'user': user, 'pwd': pwd, 'admin_action': 'test-ldap-binding' } mo.set_prop_multiple(**params) mo.set_prop_multiple(**kwargs) handle.set_mo(mo) return handle.query_dn(mo.dn)
def ldap_certificate_export(handle, remote_server, remote_file, user=None, pwd=None, protocol='tftp', **kwargs): """ Export the LDAP CA certificate from the Cisco IMC to a remote location Args: handle (ImcHandle) remote_server (str): Remote Server IP or Hostname remote_file (str): Remote file path user (str): Username for the remote server pwd (str): Password for the remote server protocol (str): Protocol for downloading the certificate ['tftp', 'ftp', 'http', 'scp', 'sftp'] kwargs: Key-Value paired arguments for future use Returns: ExportLdapCACertificate object Examples: ldap_certificate_export(handle, user='******', pwd='pqrs', remote_server='1.1.1.1', remote_file='/tmp/cert', protocol='scp') """ mo = _get_mo(handle, dn='sys/ldap-ext/ldap-ca-cert-mgmt/ldap-ca-cert-export') params = { 'user': user, 'pwd': pwd, 'remote_server': remote_server, 'remote_file': remote_file, 'protocol': protocol } mo.set_prop_multiple(**params) mo.set_prop_multiple(**kwargs) handle.set_mo(mo) return handle.query_dn(mo.dn)
def ldap_certificate_management_exists(handle): """ Checks if LDAP certificate management is enabled Args: handle (ImcHandle) Returns: bool """ mo = _get_mo(handle, dn="sys/ldap-ext/ldap-ca-cert-mgmt") return mo.binding_certificate.lower() == "enabled"
def is_ntp_enabled(handle): """ Check if NTP is enabled Args: handle (ImcHandle) Returns: bool """ mo = _get_mo(handle, dn=NTP_DN) return (mo.ntp_enable.lower() in ["true", "yes"])
def is_ntp_enabled(handle): """ Check if NTP is enabled Args: handle (ImcHandle) Returns: bool """ mo = _get_mo(handle, dn=NTP_DN) return (mo.ntp_enable.lower() in ["true", "yes"])
def is_ldap_certificate_management_enabled(handle): """ Checks if LDAP certificate management is enabled Args: handle (ImcHandle) Returns: bool """ mo = _get_mo(handle, dn="sys/ldap-ext/ldap-ca-cert-mgmt") return mo.binding_certificate.lower() == "enabled"
def snmp_enable(handle, community=None, privilege="disabled", trap_community=None, sys_contact=None, sys_location=None, port="161", **kwargs): """ Enables SNMP. Args: handle (ImcHandle) community (string): community privilege (string): "disabled", "limited", "full" trap_community(string): community to be used when generating traps sys_contact (string): sys_contact sys_location (string): sys_location port (string): port on which SNMP agent runs kwargs: key-value paired arguments for future use Returns: CommSnmp: Managed object Raises: ImcOperationError: If CommSnmp Mo is not present Example: mo = snmp_enable(handle, community="username", sys_contact="user contact", sys_location="user location") """ from imcsdk.mometa.comm.CommSnmp import CommSnmpConsts mo = _get_mo(handle, dn=SNMP_DN) params = { 'admin_state': CommSnmpConsts.ADMIN_STATE_ENABLED, 'community': community, 'com2_sec': privilege, 'trap_community': trap_community, 'sys_contact': sys_contact, 'sys_location': sys_location, 'port': port, } mo.set_prop_multiple(**params) mo.set_prop_multiple(**kwargs) handle.set_mo(mo) return handle.query_dn(mo.dn)
def ldap_certificate_management_disable(handle): """ Disables ldap certificate management Args: handle (ImcHandle) Returns: LdapCACertificateManagement object """ mo = _get_mo(handle, dn="sys/ldap-ext/ldap-ca-cert-mgmt") mo.binding_certificate = "disabled" handle.set_mo(mo) return mo
def ldap_certificate_management_disable(handle): """ Disables ldap certificate management Args: handle (ImcHandle) Returns: LdapCACertificateManagement object """ mo = _get_mo(handle, dn="sys/ldap-ext/ldap-ca-cert-mgmt") mo.binding_certificate = "disabled" handle.set_mo(mo) return handle.query_dn(mo.dn)
def is_snmp_enabled(handle): """ Checks if snmp is enabled or not Args: handle (ImcHandle) Returns: bool """ from imcsdk.mometa.comm.CommSnmp import CommSnmpConsts mo = _get_mo(handle, dn=SNMP_DN) return (mo.admin_state == CommSnmpConsts.ADMIN_STATE_ENABLED)
def snmp_enable(handle, port=None, community=None, com2_sec=None, trap_community=None, sys_contact=None, sys_location=None, engine_id_key=None, **kwargs): """ Enables SNMP. Args: handle (ImcHandle) port (int): port on which SNMP agent runs community (string): community com2_sec (string): "disabled", "limited", "full" trap_community(string): community to be used when generating traps sys_contact (string): sys_contact sys_location (string): sys_location engine_id_key (string): engine id key kwargs: key-value paired arguments for future use Returns: CommSnmp: Managed object Raises: ImcOperationError: If CommSnmp Mo is not present Example: mo = snmp_enable(handle, community="username", sys_contact="user contact", sys_location="user location") """ from imcsdk.mometa.comm.CommSnmp import CommSnmpConsts mo = _get_mo(handle, dn=SNMP_DN) params = { 'admin_state': CommSnmpConsts.ADMIN_STATE_ENABLED, 'port': str(port) if port is not None else None, 'community': community, 'com2_sec': com2_sec, 'trap_community': trap_community, 'sys_contact': sys_contact, 'sys_location': sys_location, 'engine_id_key': engine_id_key } mo.set_prop_multiple(**params) mo.set_prop_multiple(**kwargs) handle.set_mo(mo) return mo
def is_ldap_enabled(handle): """ Checks if LDAP is enabled Args: handle (ImcHandle) Returns: bool Examples: is_ldap_enabled(handle) """ mo = _get_mo(handle, dn=LDAP_DN) return mo.admin_state.lower() == "enabled"
def is_ldap_enabled(handle): """ Checks if LDAP is enabled Args: handle (ImcHandle) Returns: bool Examples: is_ldap_enabled(handle) """ mo = _get_mo(handle, dn=LDAP_DN) return mo.admin_state.lower() == "enabled"
def ntp_disable(handle): """ Disables NTP Args: handle (ImcHandle) Returns: CommNtpProvider object """ log.warning('Disabling NTP may cause Cisco IMC to lose timesync with server/s') mo = _get_mo(handle, dn=NTP_DN) mo.ntp_enable = "no" handle.set_mo(mo) return handle.query_dn(mo.dn)
def ldap_role_group_create(handle, domain, name, role='read-only', **kwargs): """ Creates an LDAP role group Args: handle (ImcHandle) domain (str): The LDAP server domain the group resides in. name (str): The name of the group in the LDAP server database. role (str): The role assigned to all users in this LDAP server group. ['read-only', 'user', 'admin'] kwargs: Key-Value paired arguments for future use Raises: ImcOperationError if LDAP is not enabled or LDAP group authorization is not enabled Returns: AaaLdapRoleGroup object Examples: ldap_role_group_create(handle, domain='abcd.pqrs.com', name='abcd', role='user') """ ldap_mo = _get_mo(handle, dn=LDAP_DN) if ldap_mo.admin_state.lower() != "enabled" or ldap_mo.group_auth.lower( ) != "enabled": raise ImcOperationError( "LDAP Role Group Create", "Either of LDAP or LDAP group auth is not enabled") match, mo = ldap_role_group_exists(handle, domain=domain, name=name, role=role) if match: log.info("LDAP Role Group with domain:%s name:%s exists" % (domain, name)) return mo free_id = _get_free_ldap_role_group_id(handle) mo = AaaLdapRoleGroup(parent_mo_or_dn=LDAP_DN, id=free_id) mo.domain = domain mo.name = name mo.role = role mo.set_prop_multiple(**kwargs) handle.set_mo(mo) return handle.query_dn(mo.dn)
def smtp_disable(handle): """ Disable SMTP Settings Args: handle (ImcHandle) Raises: ImcOperationError Returns: CommMailAlert object """ mo = _get_mo(handle, dn=_SMTP_DN) mo.admin_state = 'disabled' handle.set_mo(mo) return mo
def smtp_disable(handle): """ Disable SMTP Settings Args: handle (ImcHandle) Raises: ImcOperationError Returns: CommMailAlert object """ mo = _get_mo(handle, dn=_SMTP_DN) mo.admin_state = 'disabled' handle.set_mo(mo) return mo
def ntp_disable(handle): """ Disables NTP Args: handle (ImcHandle) Returns: CommNtpProvider object """ log.warning( 'Disabling NTP may cause Cisco IMC to lose timesync with server/s') mo = _get_mo(handle, dn=NTP_DN) mo.ntp_enable = "no" handle.set_mo(mo) return mo
def ldap_disable(handle): """ Disables the ldap settings Args: handle (ImcHandle) Returns: AaaLdap Managed Object Examples: ldap_disable(handle) """ mo = _get_mo(handle, dn=LDAP_DN) mo.admin_state = "disabled" handle.set_mo(mo) return mo
def adaptor_unit_get(handle, adaptor_slot, server_id=1, **kwargs): """ This method fetches the adaptorUnit Managed Object for the specified adaptor Slot on a server. Args: handle (ImcHandle) adaptor_slot (string): PCI slot number of the adaptor server_id (int): Server Id for C3260 platforms kwargs: key=value paired arguments Returns: AdaptorUnit object Examples: adaptor_unit_get(handle, adaptor_slot=1, server_id=1) """ return _get_mo(handle, dn=_get_adaptor_dn(handle, adaptor_slot, server_id))
def ldap_disable(handle): """ Disables the ldap settings Args: handle (ImcHandle) Returns: AaaLdap Managed Object Examples: ldap_disable(handle) """ mo = _get_mo(handle, dn=LDAP_DN) mo.admin_state = "disabled" handle.set_mo(mo) return mo
def snmp_exists(handle, **kwargs): """ Checks if snmp is enabled or not Args: handle (ImcHandle) kwargs: Key-Value paired arguments relevant to CommSnmp object Returns: True/false, CommSnmp MO/None Example: snmp_exists(handle) """ from imcsdk.mometa.comm.CommSnmp import CommSnmpConsts mo = _get_mo(handle, dn=SNMP_DN) kwargs['admin_state'] = CommSnmpConsts.ADMIN_STATE_ENABLED return mo.check_prop_match(**kwargs), mo
def ldap_exists(handle, change_password=False, **kwargs): """ Checks if the specified LDAP settings are already applied Args: handle (ImcHandle) kwargs: Key-Value paired arguments Returns: (True, AaaLdap) if settings match, else (False, None) Examples: match, mo = ldap_exists( handle, enabled=True, basedn='DC=LAB,DC=cisco,DC=com', domain='LAB.cisco.com', timeout=20, group_auth=True, bind_dn='CN=administrator,CN=Users,DC=LAB,DC=cisco,DC=com', password='******', ldap_servers=ldap_servers) """ mo = _get_mo(handle, dn=LDAP_DN) if mo is None: return False, None if _is_valid_arg('ldap_servers', kwargs): if not _check_ldap_server_match(mo, kwargs.pop('ldap_servers')): return False, mo if 'password' in kwargs and not change_password: kwargs.pop('password', None) if 'dns_search_domain' in kwargs and kwargs['dns_search_domain'] == "": kwargs.pop('dns_search_domain', None) if 'dns_search_forest' in kwargs and kwargs['dns_search_forest'] == "": kwargs.pop('dns_search_forest', None) kwargs['admin_state'] = 'enabled' if not mo.check_prop_match(**kwargs): return False, mo return True, mo
def ldap_certificate_delete(handle): """ Deletes the LDAP CA certificate Args: handle (ImcHandle) user (str): Username for the remote server pwd (str): Password for the remote server Returns: LdapCACertificate object Examples: ldap_certificate_delete(handle) """ mo = _get_mo(handle, dn='sys/ldap-ext/ldap-ca-cert-mgmt/ldap-ca-cert') mo.admin_action = 'delete-ca-certificate' handle.set_mo(mo) return handle.query_dn(mo.dn)
def ldap_certificate_delete(handle): """ Deletes the LDAP CA certificate Args: handle (ImcHandle) user (str): Username for the remote server pwd (str): Password for the remote server Returns: LdapCACertificate object Examples: ldap_certificate_delete(handle) """ mo = _get_mo(handle, dn='sys/ldap-ext/ldap-ca-cert-mgmt/ldap-ca-cert') mo.admin_action = 'delete-ca-certificate' handle.set_mo(mo) return handle.query_dn(mo.dn)
def smtp_enable(handle, ip_address=None, port=None, min_severity_level=None, **kwargs): """ Enables SMTP Policy and sets the given properties Args: handle (ImcHandle) ip_address (str): Ip Address of the SMTP server port (int): Port number of the SMTP server min_severity_level (str): Minimum fault severity level Valid values: "condition", "critical", "major", "minor", "warning" kwargs: key-value paired arguments for future use Returns: CommMailAlert object Raises: ImcOperationError if the severity level is not correct Example: smtp_enable(handle, '10.105.110.219', 25, 'minor') """ if min_severity_level and not _is_valid_severity_level(min_severity_level): raise ImcOperationError( 'Configure SMTP Policy', 'Invalid severity level %s ' % min_severity_level) mo = _get_mo(handle, dn=_SMTP_DN) params = { 'admin_state': 'enabled', 'ip_address': ip_address, 'port': str(port) if port is not None else None, 'min_severity_level': min_severity_level } mo.set_prop_multiple(**params) mo.set_prop_multiple(**kwargs) handle.set_mo(mo) return mo
def ldap_role_group_create(handle, domain, name, role='read-only', **kwargs): """ Creates an LDAP role group Args: handle (ImcHandle) domain (str): The LDAP server domain the group resides in. name (str): The name of the group in the LDAP server database. role (str): The role assigned to all users in this LDAP server group. ['read-only', 'user', 'admin'] kwargs: Key-Value paired arguments for future use Raises: ImcOperationError if LDAP is not enabled or LDAP group authorization is not enabled Returns: AaaLdapRoleGroup object Examples: ldap_role_group_create(handle, domain='abcd.pqrs.com', name='abcd', role='user') """ ldap_mo = _get_mo(handle, dn=LDAP_DN) if ldap_mo.admin_state.lower() != "enabled" or ldap_mo.group_auth.lower() != "enabled": raise ImcOperationError("LDAP Role Group Create", "Either of LDAP or LDAP group auth is not enabled") match, mo = ldap_role_group_exists(handle, domain=domain, name=name, role=role) if match: log.info("LDAP Role Group with domain:%s name:%s exists" % (domain, name)) return mo free_id = _get_free_ldap_role_group_id(handle) mo = AaaLdapRoleGroup(parent_mo_or_dn=LDAP_DN, id=free_id) mo.domain = domain mo.name = name mo.role = role mo.set_prop_multiple(**kwargs) handle.set_mo(mo) return handle.query_dn(mo.dn)
def smtp_exists(handle, **kwargs): """ Check whether the specified SMTP settings already exist Args: handle (ImcHandle) kwargs: key-value paired arguments Returns: (True, CommMailAlert) if settings match, (False, None) otherwise """ try: mo = _get_mo(handle, dn=_SMTP_DN) except: return False, None kwargs['admin_state'] = 'enabled' if not mo.check_prop_match(**kwargs): return False, mo return True, None
def smtp_exists(handle, **kwargs): """ Check whether the specified SMTP settings already exist Args: handle (ImcHandle) kwargs: key-value paired arguments Returns: (True, CommMailAlert) if settings match, (False, None) otherwise """ try: mo = _get_mo(handle, dn=_SMTP_DN) except: return False, None kwargs['admin_state'] = 'enabled' if not mo.check_prop_match(**kwargs): return False, mo return True, None
def ip_blocking_exists(handle, **kwargs): """ Checks if IP blocking settings match according to the parameters specified. Args: handle (ImcHandle) kwargs: Key-Value paired arguments relevant to IpBlocking object Returns: (True, IpBlocking object) if exists, else (False, None) Examples: ip_blocking_exists(handle, fail_count='6', fail_window='120', penalty_time='800') """ mo = IpBlocking(parent_mo_or_dn=_get_mgmt_if_dn(handle)) mo = _get_mo(handle, dn=mo.dn) if mo.check_prop_match(**kwargs): return (True, mo) return (False, None)
def adaptor_properties_get(handle, adaptor_slot, server_id=1, **kwargs): """ This method is used to get the vic adaptor properties Args: handle (ImcHandle) adaptor_slot (string): PCI slot of the vic adaptor server_id (int): Server Id to be specified for C3260 platforms kwargs: key=value paired arguments Examples: For non-3x60 platforms:- adaptor_properties_get(handle, adaptor_slot="1") For 3x60 platforms:- adaptor_properties_get(handle, adaptor_slot="1", server_id=1) Returns: AdaptorGenProfile object """ dn = _get_adaptor_dn(handle, adaptor_slot, server_id) + "/general" return _get_mo(handle, dn=dn)
def snmp_disable(handle): """ Disables SNMP. Args: handle (ImcHandle) Returns: CommSnmp: Managed Object Raises: ValueError: If CommSnmp Mo is not present Example: snmp_disable(handle) """ from imcsdk.mometa.comm.CommSnmp import CommSnmpConsts mo = _get_mo(handle, dn=SNMP_DN) mo.admin_state = CommSnmpConsts.ADMIN_STATE_DISABLED handle.set_mo(mo) return mo
def ip_blocking_exists(handle, **kwargs): """ Checks if IP blocking settings match according to the parameters specified. Args: handle (ImcHandle) kwargs: Key-Value paired arguments relevant to IpBlocking object Returns: (True, IpBlocking object) if exists, else (False, None) Examples: ip_blocking_exists(handle, fail_count='6', fail_window='120', penalty_time='800') """ mo = IpBlocking(parent_mo_or_dn=_get_mgmt_if_dn(handle)) mo = _get_mo(handle, dn=mo.dn) if mo.check_prop_match(**kwargs): return (True, mo) return (False, None)
def smtp_enable(handle, ip_address=None, port=None, min_severity_level=None, **kwargs): """ Enables SMTP Policy and sets the given properties Args: handle (ImcHandle) ip_address (str): Ip Address of the SMTP server port (int): Port number of the SMTP server min_severity_level (str): Minimum fault severity level Valid values: "condition", "critical", "major", "minor", "warning" kwargs: key-value paired arguments for future use Returns: CommMailAlert object Raises: ImcOperationError if the severity level is not correct Example: smtp_enable(handle, '10.105.110.219', 25, 'minor') """ if min_severity_level and not _is_valid_severity_level(min_severity_level): raise ImcOperationError( 'Configure SMTP Policy', 'Invalid severity level %s ' % min_severity_level) mo = _get_mo(handle, dn=_SMTP_DN) params = { 'admin_state': 'enabled', 'ip_address': ip_address, 'port': str(port) if port is not None else None, 'min_severity_level': min_severity_level } mo.set_prop_multiple(**params) mo.set_prop_multiple(**kwargs) handle.set_mo(mo) return mo
def ssh_exists(handle, **kwargs): """ Checks if ssh is enabled or not Args: handle (ImcHandle) kwargs: Key-Value paired arguments relevant to CommSsh object Returns: True/false, CommSsh MO/None Example: ssh_exists(handle) """ from imcsdk.mometa.comm.CommSsh import CommSshConsts try: mo = _get_mo(handle, dn=_SSH_DN) except: return False, None kwargs['admin_state'] = CommSshConsts.ADMIN_STATE_ENABLED return mo.check_prop_match(**kwargs), mo
def snmp_user_delete_all(handle): """ delete all snmp users. Args: handle (ImcHandle) Returns: None Raises: ImcOperationError: If user is not present Example: snmp_user_delete_all(handle) """ from imcsdk.mometa.comm.CommSnmpUser import CommSnmpUserConsts from imcsdk.mometa.comm.CommSnmp import CommSnmpConsts api = 'snmp_user_delete_all' parent_mo = _get_mo(handle, dn=SNMP_DN) if parent_mo.admin_state != CommSnmpConsts.ADMIN_STATE_ENABLED: raise ImcOperationError(api, 'SNMP is not enabled.') mos = [] users = _get_snmp_users(handle) for user in users: if user.name == "": continue user.admin_action = CommSnmpUserConsts.ADMIN_ACTION_CLEAR mos.append(user) response = handle.set_mos(mos) if response: process_conf_mos_response(response, api)
def ntp_setting_exists(handle, **kwargs): """ Check if the specified NTP settings are already applied Args: handle (ImcHandle) kwargs: key-value paired arguments Returns: (True, CommNtpProvider) if settings match, (False, None) otherwise """ ntp_mo = _get_mo(handle, dn=NTP_DN) if _is_valid_arg("ntp_enable", kwargs): if ntp_mo.ntp_enable != kwargs.get("ntp_enable"): return False, None if _is_valid_arg("ntp_servers", kwargs): mo = CommNtpProvider(parent_mo_or_dn=COMM_EXT_DN) _set_ntp_servers(mo, kwargs.get("ntp_servers")) if not _check_ntp_server_match(ntp_mo, mo): return False, None return True, ntp_mo