1082| External User Management AOS-W 6.5.3.x| User Guide
Parameter Description
command The XML API command sent to the switch. You can send one of the following commands
per request:
n use_add: Creates a new user entry in the switches user table. If the user entry is
already present in the user table, the command will modify the entry with the values
defined in the XML request. For an existing user, this command will update any value
that is supplied, with an exception of IP and MAC address. Session time-out is only
applicable to captive portal users.
n user_delete: Deletes an existing user from the switches user table.
NOTE: Do not use the user_delete command if the intention is to clear the association
from the switch user table. If the client is dual-stack, it re-inherits the authentication state
from the IPv6 address. If not dual-stack, the client reverts to the initial role.
n user_authenticate: Authenticates against the server group defined in the captive
portal profile. This is only applicable to captive portal users.
n user_blacklist: Blacklists a user from connecting to your network. This command
uses the default blacklist timeout of 3600 seconds. There is no corresponding clear
command. You can use the switch CLI to clear the blacklisted clients. Refer the show
ap blacklist-clients, stm remove-blacklist-client, and stm purge-blacklist-clients
commands in the AOS-W CLI Reference Guide to clear the blacklisted clients.
n user_query: Fetches the status and details of a user connected to your network. A
dual-stack client can be queried by any of its IPv4 or IPv6 addresses, but only the
queried IP address is displayed in the output.
n user_logout: Reverts the user to the initial role. This is only applicable to captive
portal users. For dual-stack clients, all user-table entries will be reverted to the initial
role.
Options n -i <ip_addr>: Specify the IP address of the user in IPv4 or IPv6 format.
n -m <mac_addr>: Specify the MAC address of the user in aa:bb:cc:dd:ee:ff format.
n -n <name>: Specify the name of the user.
n -p <password>: Specify the password of the user for authentication.
n -r role: Specify the role to apply to a newly created user, or change of role for an
existing user. This option applies to user_add and user_delete commands only.
n -t timeout: Specifies the session time-out in seconds. User will be disconnected after
this time.
n -v version: Specifies the version of the XML API interface available in the switch. This
field is mandatory is all requests. Default version is 1.0.
n -a method: Specifies the encryption method to send the secret key. You can specify
MD5 or SHA-1 or cleartext as the encryption method. By default, cleartext method is
used to send the key.
n -s sessid: Specifies the active session ID.
Understanding an XML API Response
The response message from the switch is sent in an XML format. The default format of the response is:
[Message header]
Displays the request parameters and other standard header details.
...
...
...
<response>
<status>Status Message</status>
<code>Code in case of an error</code>
</response>
The following section describes few of the XML API requests and responses from the switch.
Adding a User
This XML request uses the user_add command to create a new user entry in the switches user table.
C:\Python27>python ArubaXMLDemo.py --switch-ip=192.0.2.1 --secret=aruba123 --command=user_add
--ip=192.0.2.2 --mac=a4:e:60:c3:10:59 --role=logon
To Next Page
Loading...