Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- On a fresh system where LDAP Configuration doesn't exist
- 1) Get request on account service when LDAP Configuration doesn't exist
- ========================================================================
- curl -k -H "X-Auth-Token: $bmc_token" -X GET https://${BMC_IP}/redfish/v1/AccountService{
- "@odata.context": "/redfish/v1/$metadata#AccountService.AccountService",
- "@odata.id": "/redfish/v1/AccountService",
- "@odata.type": "#AccountService.v1_3_1.AccountService",
- "AccountLockoutDuration": 0,
- "AccountLockoutThreshold": 0,
- "Accounts": {
- "@odata.id": "/redfish/v1/AccountService/Accounts"
- },
- "Description": "Account Service",
- "Id": "AccountService",
- "MaxPasswordLength": 31,
- "MinPasswordLength": 8,
- "Name": "Account Service",
- "Roles": {
- "@odata.id": "/redfish/v1/AccountService/Roles"
- }
- }
- 2) Patch request with only Service address
- ==========================================
- curl -k -H "X-Auth-Token: $bmc_token" -X PATCH https://${BMC_IP}/redfish/v1/AccountService/ -D patch.txt -d '{"LDAP":{"ServiceAddresses": ["ldap://2.2.2.2"]}}'
- {
- "Authentication@Message.ExtendedInfo": [
- {
- "@odata.type": "/redfish/v1/$metadata#Message.v1_0_0.Message",
- "Message": "The property Authentication is a required property and must be included in the request.",
- "MessageArgs": [
- "Authentication"
- ],
- "MessageId": "Base.1.4.0.PropertyMissing",
- "Resolution": "Ensure that the property is in the request body and has a valid value and resubmit the request if the operation failed.",
- "Severity": "Warning"
- }
- ]
- 3) Let's include Authentication property now
- =============================================
- curl -k -H "X-Auth-Token: $bmc_token" -X PATCH https://${BMC_IP}/redfish/v1/AccountService/ -D patch.txt -d '{"LDAP":{"ServiceAddresses": ["ldap://9.3.185.173"],"Authentication": {"AuthenticationType":"gfsdgfsgfjsdgf","Username": "cn=Manager,dc=example","Password": ""}}}'
- {
- "LDAPService@Message.ExtendedInfo": [
- {
- "@odata.type": "/redfish/v1/$metadata#Message.v1_0_0.Message",
- "Message": "The property LDAPService is a required property and must be included in the request.",
- "MessageArgs": [
- "LDAPService"
- ],
- "MessageId": "Base.1.4.0.PropertyMissing",
- "Resolution": "Ensure that the property is in the request body and has a valid value and resubmit the request if the operation failed.",
- "Severity": "Warning"
- }
- ]
- }
- 4) Now it is throwing service addreess is missing so include all properties
- =========================================================================
- curl -k -H "X-Auth-Token: $bmc_token" -X PATCH https://${BMC_IP}/redfish/v1/AccountService/ -D patch.txt -d '{"LDAP":{"AccountProvderType": "LDAPService","ServiceEnabled":true, "ServiceAddresses": ["ldap://9.3.185.173"],"Authentication": {"AuthenticationType":"UsernameAndPassword","Username": "cn=Manager,dc=example,dc=org","Password": ""}, "LDAPService": {"SearchSettings": {"BaseDistinguishedNames": ["dc=example,dc=org"]}}}}'
- {
- "LDAP": {
- "AccountProviderType": "LDAPService",
- "AccountProviderType@Redfish.AllowableValues": [
- "ActivceDirectoryService",
- "LDAPService"
- ],
- "Authentication": {
- "AuthenticationType": "UsernameAndPassword",
- "AuthenticationType@Redfish.AllowableValues": [
- "UsernameAndPassword"
- ],
- "Password": null,
- "Username": "cn=Manager,dc=example,dc=org"
- },
- "LDAPService": {
- "SearchSettings": {
- "BaseDistinguishedNames": [
- "dc=example,dc=org"
- ],
- "GroupsAttribute": "gid",
- "UsernameAttribute": "uid"
- }
- },
- "ServiceAddresses": [
- "ldap://9.3.185.173"
- ],
- "ServiceEnabled": true
- }
- }
- So LDAP Config object gets created so now start patching individual properties
- 5) Empty JSON
- ===============
- curl -k -H "X-Auth-Token: $bmc_token" -X PATCH https://${BMC_IP}/redfish/v1/AccountService/ -D patch.txt -d '{"LDAP":{"Authentication": {}}}'
- {
- "error": {
- "@Message.ExtendedInfo": [
- {
- "@odata.type": "/redfish/v1/$metadata#Message.v1_0_0.Message",
- "Message": "The request body submitted contained an empty JSON object and the service is unable to process it.",
- "MessageArgs": [],
- "MessageId": "Base.1.4.0.EmptyJSON",
- "Resolution": "Add properties in the JSON object and resubmit the request.",
- "Severity": "Warning"
- }
- ],
- "code": "Base.1.4.0.EmptyJSON",
- "message": "The request body submitted contained an empty JSON object and the service is unable to process it."
- }
- }
- cat patch.txt
- HTTP/1.1 400 Bad Request
- Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
- X-Frame-Options: DENY
- Pragma: no-cache
- Cache-Control: no-Store,no-Cache
- Content-Security-Policy: default-src 'self'; img-src 'self' data:
- X-XSS-Protection: 1; mode=block
- X-Content-Type-Options: nosniff
- X-UA-Compatible: IE=11
- Content-Type: application/json
- Server: iBMC
- Date: Tue, 19 Mar 2019 17:06:54 GMT
- Content-Length: 605
- 6) Authentication type is not valid but other properties are valid
- ==================================================================
- curl -k -H "X-Auth-Token: $bmc_token" -X PATCH https://${BMC_IP}/redfish/v1/AccountService/ -D patch.txt -d '{"LDAP":{"ServiceAddresses": ["ldap://9.3.185.173"],"Authentication": {"AuthenticationType":"gfsdgfsgfjsdgf","Username": "cn=Manager,dc=example","Password": ""}}}'
- {
- "AuthenticationType@Message.ExtendedInfo": [
- {
- "@odata.type": "/redfish/v1/$metadata#Message.v1_0_0.Message",
- "Message": "The value gfsdgfsgfjsdgf for the property AuthenticationType is not in the list of acceptable values.",
- "MessageArgs": [
- "gfsdgfsgfjsdgf",
- "AuthenticationType"
- ],
- "MessageId": "Base.1.4.0.PropertyValueNotInList",
- "Resolution": "Choose a value from the enumeration list that the implementation can support and resubmit the request if the operation failed.",
- "Severity": "Warning"
- }
- ],
- "LDAP": {
- "AccountProviderType": "LDAPService",
- "AccountProviderType@Redfish.AllowableValues": [
- "ActivceDirectoryService",
- "LDAPService"
- ],
- "Authentication": {
- "AuthenticationType": "UsernameAndPassword",
- "AuthenticationType@Redfish.AllowableValues": [
- "UsernameAndPassword"
- ],
- "Password": null,
- "Username": "cn=Manager,dc=example"
- },
- "AuthenticationType": "UsernameAndPassword",
- "LDAPService": {
- "SearchSettings": {
- "BaseDistinguishedNames": [
- "dc=example,dc=org"
- ],
- "GroupsAttribute": "gid",
- "UsernameAttribute": "uid"
- }
- },
- "ServiceAddresses": [
- "ldap://9.3.185.173"
- ],
- "ServiceEnabled": true
- }
- }
- cat patch.txt
- HTTP/1.1 200 OK
- Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
- X-Frame-Options: DENY
- Pragma: no-cache
- Cache-Control: no-Store,no-Cache
- Content-Security-Policy: default-src 'self'; img-src 'self' data:
- X-XSS-Protection: 1; mode=block
- X-Content-Type-Options: nosniff
- X-UA-Compatible: IE=11
- Content-Type: application/json
- Server: iBMC
- Date: Tue, 19 Mar 2019 17:07:20 GMT
- Content-Length: 1335
- 7) Update the service address
- ==============================
- curl -k -H "X-Auth-Token: $bmc_token" -X PATCH https://${BMC_IP}/redfish/v1/AccountService/ -D patch.txt -d '{"LDAP":{"ServiceAddresses": ["ldap://2.2.2.2"]}}'
- {
- "LDAP": {
- "AccountProviderType": "LDAPService",
- "AccountProviderType@Redfish.AllowableValues": [
- "ActivceDirectoryService",
- "LDAPService"
- ],
- "Authentication": {
- "AuthenticationType": "UsernameAndPassword",
- "AuthenticationType@Redfish.AllowableValues": [
- "UsernameAndPassword"
- ],
- "Password": null,
- "Username": "cn=Manager,dc=example"
- },
- "LDAPService": {
- "SearchSettings": {
- "BaseDistinguishedNames": [
- "dc=example,dc=org"
- ],
- "GroupsAttribute": "gid",
- "UsernameAttribute": "uid"
- }
- },
- "ServiceAddresses": [
- "ldap://2.2.2.2"
- ],
- "ServiceEnabled": true
- }
- cat patch.txt
- HTTP/1.1 200 OK
- Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
- X-Frame-Options: DENY
- Pragma: no-cache
- Cache-Control: no-Store,no-Cache
- Content-Security-Policy: default-src 'self'; img-src 'self' data:
- X-XSS-Protection: 1; mode=block
- X-Content-Type-Options: nosniff
- X-UA-Compatible: IE=11
- Content-Type: application/json
- Server: iBMC
- Date: Tue, 19 Mar 2019 17:08:15 GMT
- Content-Length: 706
Add Comment
Please, Sign In to add comment