diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-13 12:04:41 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-13 12:04:41 +0000 |
| commit | 975f66f2eebe9dadba04f275774d4ab83f74cf25 (patch) | |
| tree | 89bd26a93aaae6a25749145b7e4bca4a1e75b2be /ansible_collections/cisco/ise/playbooks | |
| parent | Initial commit. (diff) | |
| download | ansible-975f66f2eebe9dadba04f275774d4ab83f74cf25.tar.xz ansible-975f66f2eebe9dadba04f275774d4ab83f74cf25.zip | |
Adding upstream version 7.7.0+dfsg.upstream/7.7.0+dfsg
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'ansible_collections/cisco/ise/playbooks')
65 files changed, 4760 insertions, 0 deletions
diff --git a/ansible_collections/cisco/ise/playbooks/aci_settings.yml b/ansible_collections/cisco/ise/playbooks/aci_settings.yml new file mode 100644 index 000000000..10251ffe5 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/aci_settings.yml @@ -0,0 +1,51 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + - name: Get Aci Settings + cisco.ise.aci_settings_info: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + register: aci_settings_info + + - name: Print + ansible.builtin.debug: + var: aci_settings_info['ise_response'] + + - name: Update by id + cisco.ise.aci_settings: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + id: "{{ aci_settings_info['ise_response']['id']}}" + enableAci: false + ipAddressHostName: 10.0.0.1 + adminName: admin name + tenantName: ISE + l3RouteNetwork: L3_ROUTE + suffixToEpg: SGT + suffixToSgt: EPG + allSxpDomain: false + specificSxpDomain: true + specifixSxpDomainList: + - default + enableDataPlane: false + untaggedPacketIepgName: Untagged + defaultSgtName: Unknown + enableElementsLimit: true + maxNumIepgFromAci: 1000 + maxNumSgtToAci: 500 + aci50: false + aci51: false + when: + - aci_settings_info['ise_response'] is defined + - aci_settings_info['ise_response']['id'] is defined + register: result + + - name: Print update response + ansible.builtin.debug: + var: result diff --git a/ansible_collections/cisco/ise/playbooks/active_directory.yml b/ansible_collections/cisco/ise/playbooks/active_directory.yml new file mode 100644 index 000000000..3d83f6e45 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/active_directory.yml @@ -0,0 +1,85 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + # - name: Get active directory + # cisco.ise.active_directory_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # page: 1 + # size: 1 + # register: result + + # - name: Print Active Directories + # ansible.builtin.debug: + # var: result + + - name: Create or update active directory + cisco.ise.active_directory: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + ise_debug: "{{ ise_debug }}" + state: present + name: cisco.com + description: "" + domain: cisco.com + adgroups: + groups: + - name: cisco.com/operators + sid: S-1-5-32-548 + type: GLOBAL + advancedSettings: + enablePassChange: true + enableMachineAuth: true + enableMachineAccess: true + agingTime: 5 + enableDialinPermissionCheck: false + enableCallbackForDialinClient: false + plaintextAuth: false + identityNotInAdBehaviour: SEARCH_JOINED_FOREST + unreachableDomainsBehaviour: PROCEED + enableRewrites: false + rewriteRules: + - rowId: 00 + rewriteMatch: host/[HOSTNAME].[DOMAIN] + rewriteResult: host/[HOSTNAME].[DOMAIN] + - rowId: 1 + rewriteMatch: host/[HOSTNAME] + rewriteResult: host/[HOSTNAME] + - rowId: 2 + rewriteMatch: "[DOMAIN]\\[IDENTITY]" + rewriteResult: "[DOMAIN]\\[IDENTITY]" + - rowId: 3 + rewriteMatch: "[IDENTITY]@[DOMAIN]" + rewriteResult: "[IDENTITY]@[DOMAIN]" + - rowId: 4 + rewriteMatch: "[IDENTITY]" + rewriteResult: "[IDENTITY]" + firstName: givenName + department: department + lastName: sn + organizationalUnit: company + jobTitle: title + locality: l + email: mail + stateOrProvince: st + telephone: telephoneNumber + country: co + streetAddress: streetAddress + schema: ACTIVE_DIRECTORY + adAttributes: + attributes: + - name: name1 + type: STRING + defaultValue: defaultString + internalName: internalName1 + adScopesNames: Default_Scope + register: result + + - name: Print Active Directory + ansible.builtin.debug: + var: result diff --git a/ansible_collections/cisco/ise/playbooks/allowed_protocols.yml b/ansible_collections/cisco/ise/playbooks/allowed_protocols.yml new file mode 100644 index 000000000..de95f9fcc --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/allowed_protocols.yml @@ -0,0 +1,62 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + # - name: Get allowed protocols, skip first one + # cisco.ise.allowed_protocols_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # page: 2 + # size: 1 + # register: result + + # - name: Get allowed protocols by name + # cisco.ise.allowed_protocols_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # name: "Default Network Access" + # register: result + + # - name: Get allowed protocols by id + # cisco.ise.allowed_protocols_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # id: "92613980-8c01-11e6-996c-525400b48521" + # register: result + + - name: Create or update allowed protocols + cisco.ise.allowed_protocols: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + name: Test Device Admin + description: Test Allowed Protocol Service Device Admin + processHostLookup: false + allowPapAscii: true + allowChap: true + allowMsChapV1: true + allowMsChapV2: false + allowEapMd5: false + allowLeap: false + allowEapTls: false + allowEapTtls: false + allowEapFast: false + allowPeap: false + allowTeap: false + allowPreferredEapProtocol: false + eapTlsLBit: false + allowWeakCiphersForEap: false + requireMessageAuth: false + register: result + + - name: Print Allowed Protocol + ansible.builtin.debug: + var: result diff --git a/ansible_collections/cisco/ise/playbooks/anc_policy.yml b/ansible_collections/cisco/ise/playbooks/anc_policy.yml new file mode 100644 index 000000000..1d7ac6be5 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/anc_policy.yml @@ -0,0 +1,30 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + - name: Get ANC policies + cisco.ise.anc_policy_info: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + register: result + + - name: Print ANC policy + ansible.builtin.debug: + var: result + + - name: Create or update ANC policy + cisco.ise.anc_policy: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + name: policy1 + actions: [SHUTDOWN] + register: result + + - name: Print ANC policy + ansible.builtin.debug: + var: result diff --git a/ansible_collections/cisco/ise/playbooks/authorization_profile.yml b/ansible_collections/cisco/ise/playbooks/authorization_profile.yml new file mode 100644 index 000000000..5d8567203 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/authorization_profile.yml @@ -0,0 +1,43 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + - name: Get Authorization profile + cisco.ise.authorization_profile_info: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + name: Cisco_Temporal_Onboard + register: result + + - name: Print Authorization profiles + ansible.builtin.debug: + var: result + + - name: Create or update Authorization profile + cisco.ise.authorization_profile: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + accessType: ACCESS_ACCEPT + authzProfileType: SWITCH + daclName: PERMIT_ALL_IPV4_TRAFFIC + description: Onboard the device with Cisco temp agent + easywiredSessionCandidate: false + id: 4e2e7a20-ea30-11ea-8b14-005056871e13 + name: Cisco_Temporal_Onboard + profileName: Cisco + serviceTemplate: false + trackMovement: false + webRedirection: + WebRedirectionType: ClientProvisioning + acl: ACL_WEBAUTH_REDIRECT + portalName: Client Provisioning Portal (default) + register: result + + - name: Print Authorization profile + ansible.builtin.debug: + var: result diff --git a/ansible_collections/cisco/ise/playbooks/aws_deployment.yml b/ansible_collections/cisco/ise/playbooks/aws_deployment.yml new file mode 100644 index 000000000..3ad6dc5a0 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/aws_deployment.yml @@ -0,0 +1,25 @@ +--- +- name: AWS ISE Deployment Playbook + hosts: localhost + connection: local + vars: + ise_username: admin + ise_password: P@sbg1234 + ise_domain: sstcloud.com + ise_ntp_server: 10.10.0.1 + ise_dns_server: 208.67.220.220 + ise_timezone: America/Costa_Rica + + aws_ise_ami: ami-0ffd69a117dbcbb9e + aws_vpc_name: ISE VPC + aws_vpc_cidr: 10.10.0.0/16 + aws_subnet_cidr: 10.10.1.0/24 + aws_region: us-west-2 + aws_public_access_cidr: 0.0.0.0/0 + aws_keypair_name: ise-testing-ansible + aws_instance_type: c5.4xlarge + aws_cound: 1 + + roles: + - cisco.ise.aws_deployment +
\ No newline at end of file diff --git a/ansible_collections/cisco/ise/playbooks/azure_deployment.yml b/ansible_collections/cisco/ise/playbooks/azure_deployment.yml new file mode 100644 index 000000000..5a1ea11da --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/azure_deployment.yml @@ -0,0 +1,46 @@ +--- +- name: ISE Deployment Playbook + hosts: localhost + connection: local + vars: + ise_deployment_type: single + ise_personas: ["pan-1", "pan-2", "mnt-1", "mnt-2", "psn-1", "psn-2"] + ise_base_hostname: ISE + ise_username: admin + ise_password: P@sbg1234 + ise_ntp_server: 10.10.0.1 + ise_dns_server: 208.67.220.220 + ise_domain: sstcloud.com + ise_timezone: America/Costa_Rica + + + az_rg_name: ISE-RG-ANSIBLE + az_location: southcentralus + az_network_name: ISE-NETWORK + az_subnet_name: ISE-SUBNET + az_network_cidr: + - "10.1.0.0/16" + - "172.100.0.0/16" + az_network_dns: + - "127.0.0.1" + - "127.0.0.2" + az_subnet_cidr: 10.1.0.0/24 + az_securitygroup_name: ISE-SECURITY-GROUP + az_public_access_cidr: + - '174.109.158.0/24' + - '174.109.159.0/24' + az_interface_name: ISE-INTERFACE + az_vm_username: ise-user + az_vm_name: ISE-VM + az_vm_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDOXXnPveNXDONNioMmDmS58OiKPG3vpHAbDSnpu0ZrXVR6xMdF9DrAIxdTTcCQVPcRmT92paAzL6qdNLG2b9aEAXZ6/0l73LKI2jKbE9jjQULNRxWkr6fRWr58Wza7MlR+mN/DUepxIieir5W9R6c7F+2gIVOSLRMOiymqo2v/WK5jCIk20SSUuh6TexxZu6nlj4eBYSmY91tb5aIG6E72fSfJ+VU2DuanN1qv4duLPYjb1nCG4LlxQQWDTig60AYTJ3h0CkqJtNhjazqUJrTCwEy3NsNthM9UTHxnKxl0ADNZ/hZUAcFI55k2CaTovBIIMAKItMt39b6NN5bSTCIUNw1QL4Q8CLd6vE7asYOkRXTrqm6to6VH+dzKSmIMHnAIkrGGQyAupABXbqsBOz1u2yP6d1YP8mN4/mDPCdVHWGuaz8XGe5K+w+i0a2LU26MEfzyVyJI0I6a/636zL7LV+WxRN1pTqy5M/4jCUoU4MdsUw5TIYAyG/Cx0LShUTxThblxnr9ms5VGn/wexoR/y+nMyqhR0Wm0VN8zEl4AsR+Gjyc2g6jpQlRcZTaMT358qw8VUsjhS6l59oO3bYH3qWFA3R2paL6fdmdTsSmhysWuPAm5Cy+22OkF6tD46mnNNoMfWv/LQBcswsIbuB1cEdLDqN02Je1opipJizy/bXw== root@Bryans-MacBook-Air.local" + roles: + - cisco.ise.ise_deployment_in_azure + +# tasks: +# - name: test +# ansible.builtin.set_fact: +# test: "{{a}}" +# test1: "{{(a|int)+2}}" +# - name: Output public IP +# debug: +# msg: "{{test}} - {{test1}}"
\ No newline at end of file diff --git a/ansible_collections/cisco/ise/playbooks/b.yml b/ansible_collections/cisco/ise/playbooks/b.yml new file mode 100644 index 000000000..a061dc6eb --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/b.yml @@ -0,0 +1,130 @@ +--- +- hosts: ise_servers + vars_files: + - credentials.yml + vars: + ise_login: &ise_login + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + ise_version: "{{ ise_version }}" + ise_debug: "{{ ise_debug }}" + gather_facts: false + tasks: + - name: Create Endpoint + cisco.ise.endpoint: + <<: *ise_login + state: present + #state: absent + description: ansible test + mac: "50:00:00:01:00:16" + name: "Ansible name" + #mac: "50-00-00-04-C3-95" + register: result + + #- name: Get all Endpoint + # cisco.ise.endpoint_info: + # <<: *ise_login + # page: 1 + # size: 20 + #sortasc: string + # register: result + + # - name: Get Endpoint by id + # cisco.ise.endpoint_info: + # <<: *ise_login + # id: 69142550-2576-11ed-990e-4a16cf330648 + # register: result + + # - name: Get all SGt + # cisco.ise.sgt_info: + # <<: *ise_login + # size: 5 + # sortasc: name + # register: result + + # - name: Get SGt by id + # cisco.ise.sgt_info: + # <<: *ise_login + # id: 4d482be5-2863-4015-8ea4-46c00d9e199b + # register: result + + # - name: STG + # cisco.ise.sgt: + # <<: *ise_login + # # ise_uses_api_gateway: "{{ise_uses_api_gateway}}" + # # ise_uses_csrf_token: "{{ise_uses_csrf_token}}" + # state: present + # name: teststg_ansible + # value: -1 + # description: teststg description ANSIBLE number 2 + # register: result + +# - name: Create STG +# hosts: ise +# vars_files: +# - credentials.yml +# gather_facts: false +# tasks: +# - name: Create STG +# cisco.ise.sgt: +# <<: *ise_login +# # ise_uses_api_gateway: "{{ise_uses_api_gateway}}" +# # ise_uses_csrf_token: "{{ise_uses_csrf_token}}" +# state: present +# name: teststg ->teststg3 +# value: -1 +# description: teststg description -> teststg3 description +# register: result + + # - name: Create network device + # loop_control: + # loop_var: device + # cisco.ise.network_device: + # <<: *ise_login + # state: present + # name: "{{device.name}}" + # description: "{{device.description}}" + # coaPort: "{{device.coa_port}}" + # NetworkDeviceGroupList: "{{device.network_device_group_list}}" + # NetworkDeviceIPList: "{{device.network_device_ip_list}}" + # authenticationSettings: + # radiusSharedSecret: "{{device.shared_secret}}" + # loop: "{{network_devices}}" + # when: "network_devices is defined" + # register: result + + + # - name: Create network device single + # cisco.ise.network_device: + # <<: *ise_login + # state: present + # #state: absent + # name: "ISE_EST_Local_Host_TEST" + # description: "example nd" + # coaPort: "0" + # NetworkDeviceGroupList: + # - "Location#All Locations" + # - "Device Type#All Device Types" + # # - "IPSEC#Is IPSEC Device" + # NetworkDeviceIPList: + # - ipaddress: "127.0.0.1" + # mask: 0 + # authenticationSettings: + # radiusSharedSecret: "RADIUS" + # register: result + + # - name: Get all Node Deployment + # cisco.ise.node_deployment_info: + # <<: *ise_login + # #hostname: ise + # register: result + + - name: Debug result. + ansible.builtin.debug: + var: result + + + +#authorization_profile
\ No newline at end of file diff --git a/ansible_collections/cisco/ise/playbooks/backup_create.yml b/ansible_collections/cisco/ise/playbooks/backup_create.yml new file mode 100644 index 000000000..109136333 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/backup_create.yml @@ -0,0 +1,45 @@ +--- +- hosts: ise_servers + gather_facts: false + name: Backup configuration + tasks: + - name: Create a repository + cisco.ise.repository: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + name: myRepo + password: MyP@ssworD + path: / + protocol: DISK + + - name: Create backup + cisco.ise.backup_config: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + backupEncryptionKey: My3ncryptionkey + backupName: myBackup + repositoryName: myRepo + register: result + + - name: Get Tasks by id + cisco.ise.tasks_info: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + taskId: "{{ result.ise_response.response.id }}" + when: + - result is defined + - result['ise_response'] is defined + - result['ise_response']['response'] + - result['ise_response']['response']['id'] is defined + register: task_status + + - name: Show task status + ansible.builtin.debug: + msg: "{{ task_status }}" diff --git a/ansible_collections/cisco/ise/playbooks/backup_restore.yml b/ansible_collections/cisco/ise/playbooks/backup_restore.yml new file mode 100644 index 000000000..9ffaca8c9 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/backup_restore.yml @@ -0,0 +1,16 @@ +--- +- hosts: ise_servers + gather_facts: false + name: Restore configuration backup + tasks: + - name: Restore backup + cisco.ise.backup_restore: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + backupEncryptionKey: My3ncryptionkey + restoreFile: myBackup-CFG10-210806-2232.tar.gpg + repositoryName: myRepo + restoreIncludeAdeos: true + register: result diff --git a/ansible_collections/cisco/ise/playbooks/backup_schedule.yml b/ansible_collections/cisco/ise/playbooks/backup_schedule.yml new file mode 100644 index 000000000..958024b17 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/backup_schedule.yml @@ -0,0 +1,21 @@ +--- +- hosts: ise_servers + gather_facts: false + name: Schedule configuration backup + tasks: + - name: Schedule backup + cisco.ise.backup_schedule_config: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + backupDescription: mybackup + backupEncryptionKey: My3ncryptionkey + repositoryName: myRepo + backupName: myBackup2 + startDate: 01/01/2022 + endDate: 12/31/2022 + frequency: WEEKLY + status: ENABLE + time: 12:00 AM + weekDay: SAT diff --git a/ansible_collections/cisco/ise/playbooks/byod_portal.yml b/ansible_collections/cisco/ise/playbooks/byod_portal.yml new file mode 100644 index 000000000..2a01c2354 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/byod_portal.yml @@ -0,0 +1,288 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + - name: byod_portal + cisco.ise.byod_portal: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + ise_debug: "{{ ise_debug }}" + state: present + name: Test BYOD Portal (default) + description: Test portal and user experience used when employees register a personal device on the network + portalType: BYOD + settings: + portalSettings: + httpsPort: 8443 + allowedInterfaces: + - eth0 + - bond0 + certificateGroupTag: Default Portal Certificate Group + displayLang: USEBROWSERLOCALE + fallbackLanguage: English + alwaysUsedLanguage: English + byodSettings: + byodWelcomeSettings: + enableBYOD: false + enableGuestAccess: false + requireMDM: false + includeAup: true + aupDisplay: ONPAGE + requireAupAcceptance: false + requireScrolling: false + byodRegistrationSettings: + showDeviceID: true + endPointIdentityGroupId: aa13bb40-8bff-11e6-996c-525400b48521 + byodRegistrationSuccessSettings: + successRedirect: AUTHSUCCESSPAGE + supportInfoSettings: + includeSupportInfoPage: false + includeMacAddr: true + includeIpAddress: true + includeBrowserUserAgent: true + includePolicyServer: true + includeFailureCode: true + emptyFieldDisplay: HIDE + customizations: + portalTheme: + id: 9eb421c0-8c01-11e6-996c-525400b48521 + name: Default Blue theme + portalTweakSettings: {} + language: + viewLanguage: English + globalCustomizations: + bannerTitle: BYOD Portal + contactText: Contact Support + footerElement: "" + pageCustomizations: + data: + - key: ui_contact_ip_address_label + value: SVAgYWRkcmVzczo= + - key: ui_error_content_label + value: RXJyb3I= + - key: ui_error_retry_button + value: UmV0cnk= + - key: ui_byod_install_ios_button + value: TGF1bmNoIEFwcGxlIFByb2ZpbGUgYW5kIENlcnRpZmljYXRlIEluc3RhbGxlcnMgTm93 + - key: ui_byod_welcome_aup_text + value: + "UGxlYXNlIGFjY2VwdCB0aGUgcG9saWN5OiBZb3UgYXJlIHJlc3BvbnNpYmxlIGZvciBtYWludGFpbmluZyB0aGUgY29uZmlkZW50aWFsaXR5IG9mIHRo\ + ZSBwYXNzd29yZCBhbmQgYWxsIGFjdGl2aXRpZXMgdGhhdCBvY2N1ciB1bmRlciB5b3VyIHVzZXJuYW1lIGFuZCBwYXNzd29yZC4gQ2lzY28gU3lzdGVtc\ + yBvZmZlcnMgdGhlICBTZXJ2aWNlIGZvciBhY3Rpdml0aWVzICBzdWNoIGFzIHRoZSBhY3RpdmUgdXNlIG9mIGUtbWFpbCwgaW5zdGFudCBtZXNzYWdpbm\ + csIGJyb3dzaW5nIHRoZSBXb3JsZCBXaWRlIFdlYiBhbmQgYWNjZXNzaW5nIGNvcnBvcmF0ZSBpbnRyYW5ldHMuIEhpZ2ggdm9sdW1lIGRhdGEgdHJhbnN\ + mZXJzLCBlc3BlY2lhbGx5IHN1c3RhaW5lZCBoaWdoIHZvbHVtZSBkYXRhIHRyYW5zZmVycywgYXJlIG5vdCBwZXJtaXR0ZWQuIEhvc3RpbmcgYSB3ZWIg\ + c2VydmVyIG9yIGFueSBvdGhlciBzZXJ2ZXIgYnkgdXNlIG9mIG91ciBTZXJ2aWNlIGlzIHByb2hpYml0ZWQuIFRyeWluZyB0byBhY2Nlc3Mgc29tZW9uZ\ + SBlbHNlJ3MgYWNjb3VudCwgc2VuZGluZyB1bnNvbGljaXRlZCBidWxrIGUtbWFpbCwgY29sbGVjdGlvbiBvZiBvdGhlciBwZW9wbGUncyBwZXJzb25hbC\ + BkYXRhIHdpdGhvdXQgdGhlaXIga25vd2xlZGdlIGFuZCBpbnRlcmZlcmVuY2Ugd2l0aCBvdGhlciBuZXR3b3JrIHVzZXJzIGFyZSBhbGwgcHJvaGliaXR\ + lZC4gQ2lzY28gU3lzdGVtcyByZXNlcnZlcyB0aGUgcmlnaHQgdG8gc3VzcGVuZCB0aGUgU2VydmljZSBpZiBDaXNjbyBTeXN0ZW1zIHJlYXNvbmFibHkg\ + YmVsaWV2ZXMgdGhhdCB5b3VyIHVzZSBvZiB0aGUgU2VydmljZSBpcyB1bnJlYXNvbmFibHkgZXhjZXNzaXZlIG9yIHlvdSBhcmUgdXNpbmcgdGhlIFNlc\ + nZpY2UgZm9yIGNyaW1pbmFsIG9yIGlsbGVnYWwgYWN0aXZpdGllcy4gWW91IGRvIG5vdCBoYXZlIHRoZSByaWdodCB0byByZXNlbGwgdGhpcyBTZXJ2aW\ + NlIHRvIGEgdGhpcmQgcGFydHkuIENpc2NvIFN5c3RlbXMgcmVzZXJ2ZXMgdGhlIHJpZ2h0IHRvIHJldmlzZSwgYW1lbmQgb3IgbW9kaWZ5IHRoZXNlIFR\ + lcm1zICYgQ29uZGl0aW9ucywgb3VyIG90aGVyIHBvbGljaWVzIGFuZCBhZ3JlZW1lbnRzLCBhbmQgYXNwZWN0cyBvZiB0aGUgU2VydmljZSBpdHNlbGYu\ + IE5vdGljZSBvZiBhbnkgcmV2aXNpb24sIGFtZW5kbWVudCwgb3IgbW9kaWZpY2F0aW9uIHdpbGwgYmUgcG9zdGVkIG9uIENpc2NvIFN5c3RlbSdzIHdlY\ + nNpdGUgYW5kIHdpbGwgYmUgZWZmZWN0aXZlIGFzIHRvIGV4aXN0aW5nIHVzZXJzIDMwIGRheXMgYWZ0ZXIgcG9zdGluZy4=" + - key: ui_byod_install_winmac_button + value: RG93bmxvYWQgYW5kIEluc3RhbGw= + - key: ui_byod_install_android_instruction_message + value: + "VG8gY29uZmlndXJlIHlvdXIgZGV2aWNlIGZvciBzZWN1cmUgYWNjZXNzLCB5b3UgbmVlZCB0byBnbyB0byBHb29nbGUgUGxheSBhbmQgZG93bmxv\ + YWQgdGhlIENpc2NvIE5ldHdvcmsgU2V0dXAgQXNzaXN0YW50Lg==" + - key: ui_byod_reg_id_label + value: RGV2aWNlIElEOg== + - key: ui_byod_reg_install_button + value: RG93bmxvYWQgYW5kIEluc3RhbGw= + - key: ui_byod_install_page_title + value: SW5zdGFsbA== + - key: ui_contact_optional_content_1 + value: "" + - key: ui_contact_optional_content_2 + value: "" + - key: ui_byod_ios_provisioning_error + value: + "VW5hYmxlIHRvIGNvbXBsZXRlIHByb3Zpc2lvbmluZyBvZiB5b3VyIGRldmljZS4gQ2xpY2sgUmV0cnkgdG8gdHJ5IGFnYWluLiBJZiBwcm92aXNpb2\ + 5pbmcgY29udGludWVzIHRvIGZhaWwsIHBsZWFzZSBjb250YWN0IHRoZSBoZWxwIGRlc2sgZm9yIGFzc2lzdGFuY2Uu" + - key: ui_welcome_label + value: V2VsY29tZQ== + - key: ui_byod_reg_page_title + value: RGV2aWNlIEluZm9ybWF0aW9u + - key: ui_user_last_login_pass_time_label + value: TGFzdCBMb2dpbjo= + - key: ui_byod_success_redirecting_message + value: UmVjb25uZWN0aW5nIGFuZCByZWRpcmVjdGluZy4uLg== + - key: ui_byod_reg_instruction_message + value: "" + - key: ui_byod_success_manual_reconnect_message + value: + "SW5zdGFsbGF0aW9uIGFuZCBDb25maWd1cmF0aW9uIG9mIHlvdXIgZGV2aWNlIGlzIG5vdyBmaW5pc2hlZC4gWW91IG11c3Qgbm93IG1hbnVhbGx5IHN3a\ + XRjaCBXaS1GaSBuZXR3b3JrcyBhbmQgY29ubmVjdCB0byAkdWlfYnlvZF9zdWNjZXNzX2lvc19zc2lkJC4=" + - key: ui_error_page_title + value: RXJyb3I= + - key: ui_byod_welcome_os_selection_message + value: U2VsZWN0IHlvdXIgRGV2aWNl + - key: ui_byod_install_android_button + value: R28gdG8gR29vZ2xlIFBsYXkgdG8gZ2V0IHRoZSBhcHBsaWNhdGlvbg== + - key: ui_contact_sessioninfo_text + value: + "VGhpcyBpbmZvcm1hdGlvbiBwcm92aWRlcyBkZXRhaWxzIHRoYXQgdGhlIGhlbHAgZGVzayBtaWdodCBuZWVkIHRvIHJlc29sdmUgYW55IG\ + lzc3VlcyB5b3UgYXJlIGV4cGVyaWVuY2luZy4=" + - key: ui_contact_content_label + value: U3VwcG9ydCBJbmZvcm1hdGlvbg== + - key: ui_byod_success_page_title + value: QllPRCBTdWNjZXNz + - key: ui_contact_sessioninfo_title + value: U2Vzc2lvbiBJbmZvcm1hdGlvbg== + - key: ui_byod_welcome_aup_agreement_label + value: SSBhZ3JlZSB0byB0aGUgdGVybXMgYW5kIGNvbmRpdGlvbnM= + - key: ui_byod_reg_optional_content_1 + value: "" + - key: ui_byod_install_content_label + value: SW5zdGFsbA== + - key: ui_error_optional_content_2 + value: "" + - key: ui_error_optional_content_1 + value: "" + - key: ui_byod_welcome_renew_cert_message + value: + "WW91ciBkZXZpY2UgcmVnaXN0cmF0aW9uIG11c3QgYmUgcmVuZXdlZCB0byBjb250aW51ZSB1c2luZyB0aGUgc2VjdXJlIG5ldHdvcmsuI\ + ENsaWNrIDxiPlJlbmV3PC9iPiB0byByZWNvbmZpZ3VyZSB5b3VyIGRldmljZS4=" + - key: ui_portal_internal_error + value: QW4gdW5leHBlY3RlZCBlcnJvciBvY2N1cnJlZC4gUGxlYXNlIGNvbnRhY3QgdGhlIGhlbHAgZGVzayBmb3IgYXNzaXN0YW5jZS4= + - key: ui_byod_reg_delete_confirmation_message + value: + "QXJlIHlvdSBzdXJlIHlvdSB3YW50IHRvIGRlbGV0ZSB0aGlzIGRldmljZT8gIFlvdSB3b24ndCBiZSBhYmxlIHRvIHVzZSBpdCB0\ + byBhY2Nlc3MgdGhlIG5ldHdvcmsgYW55bW9yZS4=" + - key: ui_byod_welcome_page_title + value: QllPRCBXZWxjb21l + - key: ui_byod_install_optional_content_2 + value: "" + - key: ui_byod_reg_desc_label + value: RGVzY3JpcHRpb246 + - key: ui_byod_install_optional_content_1 + value: "" + - key: ui_footer_label + value: "" + - key: ui_byod_success_optional_content_2 + value: "" + - key: ui_byod_success_optional_content_1 + value: "" + - key: ui_contact_page_title + value: U3VwcG9ydCBJbmZvcm1hdGlvbg== + - key: ui_byod_install_ios_after_install_message + value: QWZ0ZXIgY29uZmlndXJpbmcgeW91ciBkZXZpY2UsIHlvdSB3aWxsIGJlIGFibGUgdG8gY29ubmVjdCB0byB0aGUgbmV0d29yay4= + - key: ui_byod_reg_content_message + value: + "RW50ZXIgdGhlIGRldmljZSBuYW1lIGFuZCBvcHRpb25hbCBkZXNjcmlwdGlvbiBmb3IgdGhpcyBkZXZpY2Ugc28geW91IGNhb\ + iBtYW5hZ2UgaXQgdXNpbmcgdGhlIE15IERldmljZXMgUG9ydGFsLg==" + - key: ui_byod_reg_continue_button + value: Q29udGludWU= + - key: ui_byod_success_instruction_message + value: WW91IGNhbiBjbG9zZSB5b3VyIGJyb3dzZXIgbm93Lg== + - key: ui_contact_instruction_message + value: + "U2hhcmUgdGhlc2UgZGV0YWlscyB3aXRoIHRoZSBoZWxwIGRlc2sgd2hlbiB0cm91Ymxlc2hvb3RpbmcgaXNzdWVzIHdpdGggd\ + GhpcyBwb3J0YWwu" + - key: ui_session_timeout_error + value: WW91ciBzZXNzaW9uIGhhcyB0aW1lZCBvdXQuIENsaWNrIFJldHJ5IHRvIHRyeSBhZ2Fpbi4= + - key: ui_byod_success_unsupported_device_message + value: WW91IGFyZSBub3cgY29ubmVjdGVkIHRvIHRoZSBzZWN1cmUgbmV0d29yay4= + - key: ui_contact_helpdesk_text + value: Q29udGFjdCB0aGUgaGVscCBkZXNrIGF0ICh4eHgpIHh4eC14eHh4Lg== + - key: ui_byod_welcome_renew_button + value: UmVuZXc= + - key: ui_byod_reg_limit_message + value: + "WW91IGhhdmUgcmVhY2hlZCB0aGUgbWF4aW11bSBudW1iZXIgb2YgZGV2aWNlcyBhbGxvd2VkIHRvIHJlZ2lzdGVyLiBTZ\ + WxlY3Qgb25lIGZyb20gdGhlIGxpc3QgdG8gZGVsZXRlIGFuZCBjb250aW51ZS4=" + - key: ui_byod_install_instruction_message + value: "" + - key: ui_byod_reg_optional_content_2 + value: "" + - key: ui_contact_failure_code_label + value: RmFpbHVyZSBjb2RlOg== + - key: ui_contact_link + value: Q29udGFjdCBTdXBwb3J0 + - key: ui_byod_install_android_after_install_message + value: QWZ0ZXIgaW5zdGFsbGluZywgcnVuIHRoZSBTZXR1cCBBc3Npc3RhbnQgYW5kIHlvdSB3aWxsIGF1dG9tYXRpY2FsbHkgYmUgcmVjb25uZWN0ZWQgdG8gdGhlIG5ldHdvcmsu + - key: ui_byod_welcome_config_device_message + value: + "QWNjZXNzIHRvIHRoaXMgbmV0d29yayByZXF1aXJlcyB5b3VyIGRldmljZSB0byBiZSBjb25maWd1cmVkIGZvciBlbmhhbmNlZCBzZWN1cml0eS4gQ2xpY2sgPGI+U3RhcnQ\ + 8L2I+IHRvIHByb3ZpZGUgZGV2aWNlIGluZm9ybWF0aW9uIGJlZm9yZSBjb21wb25lbnRzIGFyZSBpbnN0YWxsZWQgb24geW91ciBkZXZpY2Uu" + - key: ui_contact_user_agent_label + value: VXNlciBhZ2VudDo= + - key: ui_byod_success_content_label + value: U3VjY2Vzcw== + - key: ui_contact_mac_address_label + value: TUFDIGFkZHJlc3M6 + - key: ui_error_instruction_message + value: "" + - key: ui_byod_reg_confirmation_yes_button + value: WWVz + - key: ui_contact_username_label + value: VXNlcm5hbWU6 + - key: ui_byod_reg_name_label + value: RGV2aWNlIG5hbWU6 + - key: ui_javascript_disabled_message + value: WW91IG11c3QgdHVybiBvbiBKYXZhU2NyaXB0IHRvIHVzZSB0aGlzIHdlYiBzaXRlLg== + - key: ui_byod_welcome_instruction_message + value: V2VsY29tZSB0byB0aGUgQllPRCBwb3J0YWwu + - key: ui_contact_policy_server_label + value: UG9saWN5IHNlcnZlcjo= + - key: ui_user_last_login_ipaddr_label + value: RnJvbTo= + - key: ui_byod_time_skew_error + value: + "VGhlIHRpbWUgYW5kIGRhdGUgc2V0dGluZ3Mgb24geW91ciBkZXZpY2UgYXJlIG5vdCBzZXQgcHJvcGVydGx5LiBDaGVjayB0\ + aGUgc2V0dGluZ3Mgb3IgY29udGFjdCB0aGUgaGVscCBkZXNrIGZvciBhc3Npc3RhbmNlLg==" + - key: ui_byod_reg_next_button + value: TmV4dA== + - key: ui_byod_reg_confirmation_no_button + value: Tm8= + - key: ui_contact_helpdesk_title + value: U3VwcG9ydCBJbmZvcm1hdGlvbg== + - key: ui_byod_welcome_start_button + value: U3RhcnQ= + - key: ui_byod_install_winmac_instruction_message + value: + "UGxlYXNlIHdhaXQgd2hpbGUgd2UgZG93bmxvYWQgdGhlIENpc2NvIE5ldHdvcmsgU2V0dXAgQXNzaXN0YW50LiBZb3Ugd2lsbC\ + B0aGVuIG5lZWQgdG8gbWFudWFsbHkgcnVuIHRoZSBTZXR1cCBBc3Npc3RhbnQgYW5kIGZvbGxvdyB0aGUgaW5zdHJ1Y3Rpb25zI\ + HRvIGZpbmlzaCByZWdpc3RlcmluZyB0aGlzIGRldmljZS4=" + - key: ui_byod_install_ios_instruction_message + value: + "VG8gY29uZmlndXJlIHlvdXIgZGV2aWNlLCBjbGljayB0aGUgPGI+TGF1bmNoIEFwcGxlIFByb2ZpbGUgYW5kIENlcnRp\ + ZmljYXRlIEluc3RhbGxlcnMgTm93PC9iPiBidXR0b24uIENsaWNrIDxiPkluc3RhbGw8L2I+IGluIHJlc3BvbnNlIHRvIHRoZS\ + BtZXNzYWdlcyB0aGF0IGRpc3BsYXku" + - key: ui_byod_welcome_os_detection_confirmation_message + value: V2FzIHlvdXIgZGV2aWNlIGRldGVjdGVkIGluY29ycmVjdGx5Pw== + - key: ui_byod_welcome_optional_content_1 + value: "" + - key: ui_byod_welcome_optional_content_2 + value: "" + - key: ui_byod_welcome_os_detected_message + value: VGhlIGZvbGxvd2luZyBzeXN0ZW0gd2FzIGRldGVjdGVk + - key: ui_session_timeout_retry_button + value: UmV0cnk= + - key: ui_byod_welcome_guest_access_button + value: SSB3YW50IGd1ZXN0IGFjY2VzcyBvbmx5 + - key: ui_contact_message + value: U3VwcG9ydCBJbmZvcm1hdGlvbg== + - key: ui_field_required_error + value: VGhpcyBmaWVsZCBpcyByZXF1aXJlZC4= + - key: ui_byod_reg_content_label + value: RGV2aWNlIEluZm9ybWF0aW9u + - key: ui_byod_reg_delete_button + value: RGVsZXRl + - key: ui_banner_label + value: QllPRCBQb3J0YWw= + - key: ui_byod_welcome_aup_link + value: UGxlYXNlIHJlYWQgdGhlIHRlcm1zIGFuZCBjb25kaXRpb25zLg== + - key: ui_byod_success_message + value: RmluaXNoZWQgaW5zdGFsbGluZyBhbmQgY29uZmlndXJpbmcgeW91ciBkZXZpY2UuIFlvdSBhcmUgbm93IGNvbm5lY3RlZCB0byB0aGUgc2VjdXJlIG5ldHdvcmsu + - key: ui_byod_welcome_content_label + value: QllPRCBXZWxjb21l + register: byod_portal + + - name: Print + ansible.builtin.debug: + var: byod_portal diff --git a/ansible_collections/cisco/ise/playbooks/certificate_management.yml b/ansible_collections/cisco/ise/playbooks/certificate_management.yml new file mode 100644 index 000000000..90ebc1e67 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/certificate_management.yml @@ -0,0 +1,75 @@ +--- +- hosts: ise_servers + gather_facts: false + name: Certificate management + tasks: + # - name: Import certificate into ISE node + # cisco.ise.trusted_certificate_import: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # data: "{{ lookup('file', item) }}" + # description: Root CA public certificate + # name: RootCert + # allowBasicConstraintCAFalse: true + # allowOutOfDateCert: false + # allowSHA1Certificates: true + # trustForCertificateBasedAdminAuth: true + # trustForCiscoServicesAuth: true + # trustForClientAuth: true + # trustForIseAuth: true + # validateCertificateExtensions: true + # with_fileglob: + # - "/Users/rcampos/Downloads/RootCACert.pem" + + - name: Generate CSR + cisco.ise.csr_generate: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + allowWildCardCert: true + subjectCommonName: ise.securitydemo.net + subjectOrgUnit: Sample OU + subjectOrg: Sample Org + subjectCity: San Francisco + subjectState: CA + subjectCountry: US + keyType: ECDSA + keyLength: 1024 + digestType: SHA-256 + usedFor: MULTI-USEw + register: result + + - name: Set ID value to variable + ansible.builtin.set_fact: + csr_id: "{{ result['ise_response']['response'][0]['id']}}" + when: not ansible_check_mode + + - name: Pause until the CSR has been signed by the CA + ansible.builtin.pause: + - name: Bind Signed Certificate + cisco.ise.bind_signed_certificate: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + admin: true + allowExtendedValidity: true + allowOutOfDateCert: true + allowReplacementOfCertificates: true + allowReplacementOfPortalGroupTag: true + data: "{{ lookup('file', item) }}" + hostName: ise.securitydemo.net + name: My Signed Certificate + validateCertificateExtensions: true + id: "{{ csr_id }}" + eap: true + radius: true + pxgrid: true + ims: true + portal: true + with_fileglob: + - /Users/rcampos/Downloads/RootCACert.pem + when: not ansible_check_mode diff --git a/ansible_collections/cisco/ise/playbooks/certificate_profile.yml b/ansible_collections/cisco/ise/playbooks/certificate_profile.yml new file mode 100644 index 000000000..5d6030027 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/certificate_profile.yml @@ -0,0 +1,24 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + - name: Create + cisco.ise.certificate_profile: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + id: 925b6d20-8c01-11e6-996c-525400b48521 + name: Preloaded_Certificate_Profile + description: Pre-created Certificate Authorization Profile. + externalIdentityStoreName: "[not applicable]" + certificateAttributeName: SUBJECT_COMMON_NAME + allowedAsUserName: false + matchMode: NEVER + usernameFrom: CERTIFICATE + register: certificate_profile + + - name: Print + ansible.builtin.debug: + var: certificate_profile diff --git a/ansible_collections/cisco/ise/playbooks/certificates.yml b/ansible_collections/cisco/ise/playbooks/certificates.yml new file mode 100644 index 000000000..1f374e789 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/certificates.yml @@ -0,0 +1,49 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + # - name: Get All + # cisco.ise.trusted_certificate_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # page: 1 + # size: 1 + # # id: 7865ac6a-64c6-4e65-865e-d1b093ee0b10 + # register: trusted_certificate_info + + # - name: Print + # ansible.builtin.debug: + # var: trusted_certificate_info['ise_response'] + + # - name: Get All + # cisco.ise.system_certificate_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # page: 1 + # size: 1 + # hostName: ise + # # id: 7db89470-0015-4563-9bb9-c2b1bfb14833 + # register: system_certificate_info + + # - name: Print + # ansible.builtin.debug: + # var: system_certificate_info['ise_response'] + + - name: Get All + cisco.ise.csr_info: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + ise_debug: "{{ ise_debug }}" + page: 1 + size: 1 + register: csr_info + + - name: Print + ansible.builtin.debug: + var: csr_info['ise_response'] diff --git a/ansible_collections/cisco/ise/playbooks/credentials.template b/ansible_collections/cisco/ise/playbooks/credentials.template new file mode 100644 index 000000000..b6a7cff1e --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/credentials.template @@ -0,0 +1,10 @@ +--- +ise_hostname: <A.B.C.D> +ise_username: <username> +ise_password: <password> +ise_verify: False # optional, defaults to True +ise_version: 3.1.1 # optional, defaults to 3.1.1 +ise_wait_on_rate_limit: True # optional, defaults to True +ise_debug: False # optional, defaults to False +ise_uses_api_gateway: True # optional, defaults to True +ise_uses_csrf_token: False # optional, defaults to False
\ No newline at end of file diff --git a/ansible_collections/cisco/ise/playbooks/credentials.yml b/ansible_collections/cisco/ise/playbooks/credentials.yml new file mode 100644 index 000000000..ebf5f9bf3 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/credentials.yml @@ -0,0 +1,19 @@ +--- +ise_hostname: 198.18.133.27 +ise_username: admin +ise_password: 991545 # session ID +ise_verify: False # optional, defaults to True +ise_version: 3.1_Patch_1 # optional, defaults to 3.1.1 +ise_wait_on_rate_limit: True # optional, defaults to True +ise_debug: True # optional, defaults to False +ise_uses_api_gateway: True # optional, defaults to True + + +# export ISE_HOSTNAME="198.18.133.27" +# export ISE_USERNAME="admin" +# export ISE_PASSWORD="995210" +# export ISE_VERIFY=False +# export ISE_VERSION="3.1_Patch_1" +# export ISE_WAIT_ON_RATE_LIMIT=True +# export ISE_USES_API_GATEWAY=True +# export ISE_DEBUG=True
\ No newline at end of file diff --git a/ansible_collections/cisco/ise/playbooks/csr_export.yml b/ansible_collections/cisco/ise/playbooks/csr_export.yml new file mode 100644 index 000000000..43a57c57c --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/csr_export.yml @@ -0,0 +1,59 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + # - name: CSR Generate + # cisco.ise.csr_generate_intermediate_ca: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # ise_debug: "{{ ise_debug }}" + # register: csr_generate_result + + - name: CSR Info + cisco.ise.csr_info: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + ise_debug: "{{ ise_debug }}" + register: csr_info_result + + - name: CSR Export (already present) + cisco.ise.csr_export_info: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + ise_debug: "{{ ise_debug }}" + hostname: ise + id: "{{ csr_info_result.ise_responses[0]['id']}}" + dirPath: /tmp/certificates/ + saveFile: true + when: + - csr_info_result['ise_responses']|length >= 1 + register: csr_export_info_result + + - name: Print generate result + ansible.builtin.debug: + var: csr_export_info_result + when: csr_export_info_result + + # - name: CSR Delete + # cisco.ise.csr_delete: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # ise_debug: "{{ ise_debug }}" + # id: "{{ csr_info_result['ise_response'][0]['response'][0]['id']}}" + # when: + # - csr_info_result['ise_response']|length == 1 + # - csr_info_result['ise_response'][0]['response']|length == 1 + # register: csr_delete_result + + # - name: Print delete result + # ansible.builtin.debug: + # var: csr_delete_result + # when: csr_delete_result diff --git a/ansible_collections/cisco/ise/playbooks/deployment_info.yml b/ansible_collections/cisco/ise/playbooks/deployment_info.yml new file mode 100644 index 000000000..f49b21fd3 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/deployment_info.yml @@ -0,0 +1,16 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + - name: Get all Deployment + cisco.ise.deployment_info: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + timeout: 300 + register: result + + - name: Print deployment info + ansible.builtin.debug: + var: result diff --git a/ansible_collections/cisco/ise/playbooks/device_administration_authentication_rules.yml b/ansible_collections/cisco/ise/playbooks/device_administration_authentication_rules.yml new file mode 100644 index 000000000..2d5bf8a93 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/device_administration_authentication_rules.yml @@ -0,0 +1,64 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + - name: Get all + cisco.ise.device_administration_authentication_rules_info: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + policyId: cb32c3bc-c720-40c3-83e4-8897f9dd6943 + register: result + + - name: Print all + ansible.builtin.debug: + var: result + + - name: Get by id + cisco.ise.device_administration_authentication_rules_info: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + ise_debug: "{{ ise_debug }}" + id: 31f8299a-13af-4836-8179-7f28a4d03e58 + policyId: cb32c3bc-c720-40c3-83e4-8897f9dd6943 + register: result + + - name: Print id + ansible.builtin.debug: + var: result + + - name: Create or update an device_administration_authentication_rules + cisco.ise.device_administration_authentication_rules: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: absent + rule: + default: false + # id: fc67fb89-7611-4e8c-b3fa-7ea18e62d44f + name: Test2 + hitCounts: 00 + rank: 00 + state: disabled + condition: + conditionType: ConditionReference + isNegate: false + dictionaryName: Network Access + attributeName: EapAuthentication + operator: equals + attributeValue: EAP-MSCHAPv2 + name: EAP-MSCHAPv2 + id: c456a490-0429-4fd4-91d7-efd1eb1f855a + ifAuthFail: REJECT + ifUserNotFound: REJECT + ifProcessFail: DROP + policyId: cb32c3bc-c720-40c3-83e4-8897f9dd6943 + register: result + + - name: Print result + ansible.builtin.debug: + var: result diff --git a/ansible_collections/cisco/ise/playbooks/device_administration_authorization_exception_rules.yml b/ansible_collections/cisco/ise/playbooks/device_administration_authorization_exception_rules.yml new file mode 100644 index 000000000..1d2b9fb2e --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/device_administration_authorization_exception_rules.yml @@ -0,0 +1,59 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + # - name: Get all + # cisco.ise.device_administration_local_exception_rules_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # policyId: cb32c3bc-c720-40c3-83e4-8897f9dd6943 + # register: result + + # - name: Print all + # ansible.builtin.debug: + # var: result + + # - name: Get by id + # cisco.ise.device_administration_local_exception_rules_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # id: d704e911-a916-11eb-8830-2ec507028ea8 + # register: result + + - name: Create or update an device_administration_local_exception_rules + cisco.ise.device_administration_local_exception_rules: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + ise_debug: "{{ ise_debug }}" + state: present + rule: + default: false + name: Test3 + hitCounts: 00 + rank: 00 + state: disabled + condition: + conditionType: ConditionReference + isNegate: false + dictionaryName: Network Access + attributeName: EapAuthentication + operator: equals + attributeValue: EAP-MSCHAPv2 + name: EAP-MSCHAPv2 + id: c456a490-0429-4fd4-91d7-efd1eb1f855a + policyId: cb32c3bc-c720-40c3-83e4-8897f9dd6943 + # id: 2f3bb55b-e004-4792-9019-d448b8c0534 + commands: + - DenyAllCommands + profile: Default Shell Profile + register: result + + - name: Print result + ansible.builtin.debug: + var: result diff --git a/ansible_collections/cisco/ise/playbooks/device_administration_authorization_global_exception_rules.yml b/ansible_collections/cisco/ise/playbooks/device_administration_authorization_global_exception_rules.yml new file mode 100644 index 000000000..0f60cb31c --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/device_administration_authorization_global_exception_rules.yml @@ -0,0 +1,55 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + # - name: Get all + # cisco.ise.device_administration_global_exception_rules_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # register: result + + # - name: Print all + # ansible.builtin.debug: + # var: result + + # - name: Get by id + # cisco.ise.device_administration_global_exception_rules_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # id: 4642f81a-0878-4722-975a-e1fd19f2d5ae + # register: result + + - name: Create or update an device_administration_global_exception_rules + cisco.ise.device_administration_global_exception_rules: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + rule: + default: false + name: Test2 + hitCounts: 00 + rank: 00 + state: disabled + condition: + conditionType: ConditionReference + isNegate: false + dictionaryName: Network Access + attributeName: EapAuthentication + operator: equals + attributeValue: EAP-MSCHAPv2 + name: EAP-MSCHAPv2 + id: c456a490-0429-4fd4-91d7-efd1eb1f855a + commands: + - DenyAllCommands + profile: Default Shell Profile + register: result + + - name: Print result + ansible.builtin.debug: + var: result diff --git a/ansible_collections/cisco/ise/playbooks/device_administration_authorization_rules.yml b/ansible_collections/cisco/ise/playbooks/device_administration_authorization_rules.yml new file mode 100644 index 000000000..9efdb08d4 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/device_administration_authorization_rules.yml @@ -0,0 +1,56 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + # - name: Get all + # cisco.ise.device_administration_authorization_rules_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # register: result + + # - name: Print all + # ansible.builtin.debug: + # var: result + + # - name: Get by id + # cisco.ise.device_administration_authorization_rules_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # id: d704e911-a916-11eb-8830-2ec507028ea8 + # register: result + + - name: Create or update an device_administration_authorization_rules + cisco.ise.device_administration_authorization_rules: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + rule: + default: false + name: Test2 + hitCounts: 00 + rank: 00 + state: disabled + condition: + conditionType: ConditionReference + isNegate: false + dictionaryName: Network Access + attributeName: EapAuthentication + operator: equals + attributeValue: EAP-MSCHAPv2 + name: EAP-MSCHAPv2 + id: c456a490-0429-4fd4-91d7-efd1eb1f855a + commands: + - DenyAllCommands + profile: Default Shell Profile + policyId: cb32c3bc-c720-40c3-83e4-8897f9dd6943 + register: result + + - name: Print result + ansible.builtin.debug: + var: result diff --git a/ansible_collections/cisco/ise/playbooks/device_administration_network_conditions.yml b/ansible_collections/cisco/ise/playbooks/device_administration_network_conditions.yml new file mode 100644 index 000000000..21243edef --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/device_administration_network_conditions.yml @@ -0,0 +1,50 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + # - name: Get all + # cisco.ise.device_administration_network_conditions_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # register: result + + # - name: Print all + # ansible.builtin.debug: + # var: result + + # - name: Get by id + # cisco.ise.device_administration_network_conditions_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # id: d704e911-a916-11eb-8830-2ec507028ea8 + # register: result + + - name: Create or update an device_administration_network_conditions + cisco.ise.device_administration_network_conditions: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + name: Endstation condition 2 + description: Optional description + conditionType: EndstationCondition + conditions: + - ipAddrList: + - 1.1.1.1 + - 2.2.2.2 + - macAddrList: + - 00-0E-A6-A7-63-F7,00-0E-A6-A7-63-F8 + - 00-0E-A6-A7-63-F7,-ANY- + - -ANY-,00-0E-A6-A7-63-F8 + - cliDnisList: + - TBD + register: result + + - name: Print result + ansible.builtin.debug: + var: result diff --git a/ansible_collections/cisco/ise/playbooks/device_administration_policy_set.yml b/ansible_collections/cisco/ise/playbooks/device_administration_policy_set.yml new file mode 100644 index 000000000..f2bc84934 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/device_administration_policy_set.yml @@ -0,0 +1,65 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + # - name: Get all network policy set + # cisco.ise.device_administration_policy_set_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # register: result + + # - name: Print all + # ansible.builtin.debug: + # var: result + + # - name: Get a network policy set by id + # cisco.ise.device_administration_policy_set_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # id: "acd4b55d-dca3-4b93-a160-8a2d01669827" + # register: result + + # - name: Print by id + # ansible.builtin.debug: + # var: result + + - name: Create or update a network policy set + cisco.ise.device_administration_policy_set: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + default: false + id: cfa2063a-5292-466b-8841-901dd3f9d03f + name: New Policy Set 1 + description: New Policy Set test + hitCounts: 00 + rank: 00 + state_: disabled + condition: + conditionType: ConditionReference + isNegate: false + name: test3 + id: dc75fe09-1a9f-40cc-9f13-e29afadd72b9 + serviceName: Default Device Admin + isProxy: false + register: result + + - name: Print + ansible.builtin.debug: + var: result + + # - name: Delete a network policy set by id + # cisco.ise.device_administration_policy_set: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # state: absent + # id: 4f83e8c4-978e-4767-a218-9d5472d4dcc7 + # register: result diff --git a/ansible_collections/cisco/ise/playbooks/device_administration_time_date_conditions.yml b/ansible_collections/cisco/ise/playbooks/device_administration_time_date_conditions.yml new file mode 100644 index 000000000..949dd70ce --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/device_administration_time_date_conditions.yml @@ -0,0 +1,57 @@ +--- +- hosts: ise_servers + vars_files: + - vars/device_administration_time_date_conditions.yml + gather_facts: false + tasks: + # - name: Get all + # cisco.ise.device_administration_time_date_conditions_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # register: result + + # - name: Print all + # ansible.builtin.debug: + # var: result + + # - name: Get by id + # cisco.ise.device_administration_time_date_conditions_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # id: d704e911-a916-11eb-8830-2ec507028ea8 + # register: result + + - name: Create or update an device_administration_time_date_conditions + cisco.ise.device_administration_time_date_conditions: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + conditionType: "{{ condition_type }}" + isNegate: false + name: "{{ name }}" + description: + hoursRange: + startTime: "{{ hours_range_start_time }}" + endTime: "{{ hours_range_end_time }}" + hoursRangeException: + startTime: "{{ hours_range_exception_start_time }}" + endTime: "{{ hours_range_exception_end_time }}" + weekDays: "{{ week_days | list }}" + weekDaysException: "{{ week_days_exception | list }}" + datesRange: + startDate: "{{ dates_range_start_date }}" + endDate: "{{ dates_range_end_date }}" + datesRangeException: + startDate: "{{ dates_range_exception_start_date }}" + endDate: "{{ dates_range_exception_end_date }}" + register: result + + - name: Print result + ansible.builtin.debug: + var: result diff --git a/ansible_collections/cisco/ise/playbooks/downloadable_acl.yml b/ansible_collections/cisco/ise/playbooks/downloadable_acl.yml new file mode 100644 index 000000000..ee15785e1 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/downloadable_acl.yml @@ -0,0 +1,41 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + - name: Get all + cisco.ise.downloadable_acl_info: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + register: result + + - name: Print all + ansible.builtin.debug: + var: result + + - name: Get by id + cisco.ise.downloadable_acl_info: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + id: d704e911-a916-11eb-8830-2ec507028ea8 + register: result + + - name: Create or update an downloadable_acl + cisco.ise.downloadable_acl: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + name: DENY_SOME_IPV4_TRAFFIC + description: Deny some ipv4 traffic + dacl: deny ip any host 10.1.1.2 + daclType: IPV4 + register: result + + - name: Print result + ansible.builtin.debug: + var: result diff --git a/ansible_collections/cisco/ise/playbooks/egress_matrix_cell.yml b/ansible_collections/cisco/ise/playbooks/egress_matrix_cell.yml new file mode 100644 index 000000000..ba9381f6d --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/egress_matrix_cell.yml @@ -0,0 +1,66 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + - name: Get sgt src + cisco.ise.sgt_info: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + filter: name.EQ.Quarantined_Systems + register: sgt_src + + - name: Get sgt dest + cisco.ise.sgt_info: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + filter: name.EQ.Guests + register: sgt_dest + + - name: Print sgt_src + ansible.builtin.debug: + var: sgt_src['ise_response'][0] + + - name: Print sgt_dest + ansible.builtin.debug: + var: sgt_dest['ise_response'][0] + + # - name: Get by id + # cisco.ise.egress_matrix_cell_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # id: d704e911-a916-11eb-8830-2ec507028ea8 + # register: result + + - name: Create or update an egress_matrix_cell + cisco.ise.egress_matrix_cell: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + name: "{{ sgt_src['ise_response'][0]['name']}}-{{sgt_dest['ise_response'][0]['name']}}" + description: Updated by import utility (3). + sourceSgtId: "{{ sgt_src['ise_response'][0]['id']}}" + destinationSgtId: "{{ sgt_dest['ise_response'][0]['id']}}" + matrixCellStatus: ENABLED + defaultRule: DENY_IP + when: + - sgt_src['ise_response'] is defined + - sgt_dest['ise_response'] is defined + - sgt_src['ise_response']|length == 1 + - sgt_dest['ise_response']|length == 1 + - sgt_src['ise_response'][0] is defined + - sgt_dest['ise_response'][0] is defined + - sgt_src['ise_response'][0]['id'] is defined + - sgt_dest['ise_response'][0]['id'] is defined + register: result + + - name: Print result + ansible.builtin.debug: + var: result diff --git a/ansible_collections/cisco/ise/playbooks/endpoint.yml b/ansible_collections/cisco/ise/playbooks/endpoint.yml new file mode 100644 index 000000000..f351abfb5 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/endpoint.yml @@ -0,0 +1,45 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + - name: Get endpoint group + cisco.ise.endpoint_group_info: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + name: RegisteredDevices + register: endpoint_group + + - name: Print endpoint group + ansible.builtin.debug: + var: endpoint_group['ise_response']['id'] + when: not ansible_check_mode + + - name: Create or update endpoint + cisco.ise.endpoint: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + name: 11:22:33:44:55:66 + description: MyEndpoint + mac: 11:22:33:44:55:66 + profileId: 67a6ca50-edc9-4236-ada4-225559ed54d6 + groupId: "{{ endpoint_group['ise_response']['id']}}" + staticProfileAssignment: true + staticGroupAssignment: true + portalUser: portalUser + identityStore: identityStore + identityStoreId: identityStoreId + customAttributes: + customAttributes: + key1: value1 + key2: value2 + when: not ansible_check_mode + register: result + + - name: Print result + ansible.builtin.debug: + var: result diff --git a/ansible_collections/cisco/ise/playbooks/endpoint_certificate.yml b/ansible_collections/cisco/ise/playbooks/endpoint_certificate.yml new file mode 100644 index 000000000..f240c43de --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/endpoint_certificate.yml @@ -0,0 +1,22 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + - name: Get cert + cisco.ise.endpoint_certificate: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + certTemplateName: CA_SERVICE_Certificate_Template + format: PKCS8 + password: pa5Swor_4d + certificateRequest: + san: 11-22-33-44-55-66 + cn: 1.1.1.1 + dirPath: /tmp/certs + register: cert + + - name: Print + ansible.builtin.debug: + var: cert diff --git a/ansible_collections/cisco/ise/playbooks/endpoint_group.yml b/ansible_collections/cisco/ise/playbooks/endpoint_group.yml new file mode 100644 index 000000000..b8883d1cd --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/endpoint_group.yml @@ -0,0 +1,17 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + - name: Create endpoint group + cisco.ise.endpoint_group: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + name: Sony-Device-X + description: "Identity Group for Profile: Sony-Device-X" + register: endpoint_group + + - name: Print endpoint group + ansible.builtin.debug: + var: endpoint_group diff --git a/ansible_collections/cisco/ise/playbooks/filter_policy.yml b/ansible_collections/cisco/ise/playbooks/filter_policy.yml new file mode 100644 index 000000000..36fe45523 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/filter_policy.yml @@ -0,0 +1,59 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + # - name: Get all + # cisco.ise.filter_policy_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # register: result + + # - name: Print all + # ansible.builtin.debug: + # var: result + + # - name: Get by id + # cisco.ise.filter_policy_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # id: d704e911-a916-11eb-8830-2ec507028ea8 + # register: result + + - name: Get sgt src + cisco.ise.sgt_info: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + filter: name.EQ.Quarantined_Systems + register: sgt_src + + - name: Print sgt_src + ansible.builtin.debug: + var: sgt_src['ise_response'][0] + when: not ansible_check_mode + + - name: Create or update a filter_policy + cisco.ise.filter_policy: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + subnet: 121.12.8.0/22 + domains: default + sgt: "{{ sgt_src['ise_response'][0]['name']}}" + id: "" + when: + - sgt_src['ise_response'] is defined + - sgt_src['ise_response']|length == 1 + - sgt_src['ise_response'][0]['name'] + register: result + + - name: Print result + ansible.builtin.debug: + var: result diff --git a/ansible_collections/cisco/ise/playbooks/group_vars/ise_servers b/ansible_collections/cisco/ise/playbooks/group_vars/ise_servers new file mode 100644 index 000000000..c6c726fcb --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/group_vars/ise_servers @@ -0,0 +1,10 @@ +# Consider using ansible-vault +--- +ise_hostname: "198.18.133.27" +ise_username: "admin" +ise_password: "910457" +ise_version: "3.1.1" +ise_verify: False +ise_debug: True +ise_uses_api_gateway: True +ise_uses_csrf_token: False diff --git a/ansible_collections/cisco/ise/playbooks/hosts b/ansible_collections/cisco/ise/playbooks/hosts new file mode 100644 index 000000000..a05461e33 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/hosts @@ -0,0 +1,8 @@ +[ise_servers] +ise_server + +#[ise] +#localhost ansible_python_interpreter=/Users/rcampos/.pyenv/shims/python + +#[ise:vars] +#cloud_provider = aws diff --git a/ansible_collections/cisco/ise/playbooks/identity_group.yml b/ansible_collections/cisco/ise/playbooks/identity_group.yml new file mode 100644 index 000000000..8540996c9 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/identity_group.yml @@ -0,0 +1,32 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + - name: Get All + cisco.ise.identity_group_info: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + id: 9efe2310-8c01-11e6-996c-525400b48521 + register: identity_group_info + + - name: Print + ansible.builtin.debug: + var: identity_group_info + + - name: Create + cisco.ise.identity_group: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + name: NewGroup + description: NewGroup + parent: NAC Group:NAC:IdentityGroups:User Identity Groups + register: identity_group + + - name: Print + ansible.builtin.debug: + var: identity_group diff --git a/ansible_collections/cisco/ise/playbooks/internal_user.yml b/ansible_collections/cisco/ise/playbooks/internal_user.yml new file mode 100644 index 000000000..dcb50c919 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/internal_user.yml @@ -0,0 +1,100 @@ +--- +# +# ISE Internal User +# +- name: Create Internal User(s) Play + hosts: ise_servers + vars: + - default_password: C1sco1234!5 + - users: + + gather_facts: false + tasks: + # - name: internal_user + # cisco.ise.internal_user: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # state: present + # name: '{{ item.name }}' + # description: '{{ item.description | default() }}' + # enabled: '{{ item.enabled | default(true) }}' + # password: '{{ item.password | default(default_password) }}' + # # ▼▼▼ optional attributes ▼▼▼ + # # changePassword: '{{ item.changePassword | default(false) }}' + # # passwordIDStore: '{{ item.idStore | default(Internal Users) }}' + # # identityGroups: a1740510-8c01-11e6-996c-525400b48521 + # # customAttributes: + # # Created: + # # Expired: + # register: results + + # - name: Debug results + # ansible.builtin.debug: var=results + - name: internal_user thomas + cisco.ise.internal_user: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + ise_debug: "{{ ise_debug }}" + state: present + name: thomas + # password: "{{ default_password }}" + changePassword: false + enabled: true + expiryDateEnabled: false + passwordIDStore: Internal Users + identityGroups: a1740510-8c01-11e6-996c-525400b48521 # Employee + register: result + + - name: Print result + ansible.builtin.debug: + var: result + + # - name: internal_user employee + # cisco.ise.internal_user: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # ise_debug: "{{ ise_debug }}" + # state: present + # name: employee + # password: "{{ default_password }}" + # changePassword: false + # enabled: true + # expiryDateEnabled: false + # passwordIDStore: Internal Users + # identityGroups: a1740510-8c01-11e6-996c-525400b48521 # Employee + + # - name: internal_user radius-probe + # cisco.ise.internal_user: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # state: present + # name: radius-probe + # password: "{{ default_password }}" + # changePassword: false + # enabled: true + # expiryDateEnabled: false + # passwordIDStore: Internal Users + # identityGroups: a1740510-8c01-11e6-996c-525400b48521 # Employee + + # - name: internal_user meraki_8021x_test + # cisco.ise.internal_user: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # state: present + # name: meraki_8021x_test + # password: "{{ default_password }}" + # changePassword: false + # enabled: true + # expiryDateEnabled: false + # passwordIDStore: Internal Users + # identityGroups: a1740510-8c01-11e6-996c-525400b48521 # Employee diff --git a/ansible_collections/cisco/ise/playbooks/my_device_portal.yml b/ansible_collections/cisco/ise/playbooks/my_device_portal.yml new file mode 100644 index 000000000..566a4e0ad --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/my_device_portal.yml @@ -0,0 +1,19 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + - name: Create + cisco.ise.my_device_portal: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + name: Devices Portal + description: Test portal used by developers to register and manage their personal devices + portalType: MYDEVICE + register: my_device_portal + + - name: Print + ansible.builtin.debug: + var: my_device_portal diff --git a/ansible_collections/cisco/ise/playbooks/native_supplicant_profile.yml b/ansible_collections/cisco/ise/playbooks/native_supplicant_profile.yml new file mode 100644 index 000000000..d1c8ed2eb --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/native_supplicant_profile.yml @@ -0,0 +1,23 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + - name: Create + cisco.ise.native_supplicant_profile: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + id: 67a6ca50-edc9-4236-ada4-225559ed54d6 + name: Cisco-ISE-Chrome-NSP + description: Pre-configured Native Supplicant Profile For Chrome OS + wirelessProfiles: + - ssid: ChromeDummySSID + allowedProtocol: TLS + certificateTemplateId: 0ca8f1b6-500d-560b-e053-75189a0ab0d1 + register: native_supplicant_profile + + - name: Print + ansible.builtin.debug: + var: native_supplicant_profile diff --git a/ansible_collections/cisco/ise/playbooks/network_access_authentication_rules.yml b/ansible_collections/cisco/ise/playbooks/network_access_authentication_rules.yml new file mode 100644 index 000000000..1d5598ba8 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/network_access_authentication_rules.yml @@ -0,0 +1,56 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + # - name: Get all + # cisco.ise.network_access_authentication_rules_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # register: result + + # - name: Print all + # ansible.builtin.debug: + # var: result + + # - name: Get by id + # cisco.ise.network_access_authentication_rules_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # id: d704e911-a916-11eb-8830-2ec507028ea8 + # register: result + + - name: Create or update an network_access_authentication_rules + cisco.ise.network_access_authentication_rules: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + rule: + default: false + name: Test2 + hitCounts: 00 + rank: 00 + state: disabled + condition: + conditionType: ConditionReference + isNegate: false + dictionaryName: Network Access + attributeName: EapAuthentication + operator: equals + attributeValue: EAP-MSCHAPv2 + name: EAP-MSCHAPv2 + id: c456a490-0429-4fd4-91d7-efd1eb1f855a + ifAuthFail: REJECT + ifUserNotFound: REJECT + ifProcessFail: DROP + policyId: cb32c3bc-c720-40c3-83e4-8897f9dd6943 + register: result + + - name: Print result + ansible.builtin.debug: + var: result diff --git a/ansible_collections/cisco/ise/playbooks/network_access_authorization_exception_rules.yml b/ansible_collections/cisco/ise/playbooks/network_access_authorization_exception_rules.yml new file mode 100644 index 000000000..afacdbc9d --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/network_access_authorization_exception_rules.yml @@ -0,0 +1,58 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + # - name: Get all + # cisco.ise.network_access_local_exception_rules_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # policyId: "acd4b55d-dca3-4b93-a160-8a2d01669827" + # register: result + + # - name: Print all + # ansible.builtin.debug: + # var: result + + # - name: Get by id + # cisco.ise.network_access_local_exception_rules_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # id: f0a6ce46-17a4-4587-ae55-fefbf3f7c4ff + # policyId: "acd4b55d-dca3-4b93-a160-8a2d01669827" + # register: result + + - name: Create or update an network_access_local_exception_rules + cisco.ise.network_access_local_exception_rules: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: absent + rule: + default: false + name: Test2 + hitCounts: 00 + rank: 00 + state: disabled + condition: + conditionType: ConditionReference + isNegate: false + dictionaryName: Network Access + attributeName: EapAuthentication + operator: equals + attributeValue: EAP-MSCHAPv2 + name: EAP-MSCHAPv2 + id: c456a490-0429-4fd4-91d7-efd1eb1f855a + profile: + - PermitAccess + securityGroup: BYOD + policyId: acd4b55d-dca3-4b93-a160-8a2d01669827 + register: result + + - name: Print result + ansible.builtin.debug: + var: result diff --git a/ansible_collections/cisco/ise/playbooks/network_access_authorization_global_exception_rules.yml b/ansible_collections/cisco/ise/playbooks/network_access_authorization_global_exception_rules.yml new file mode 100644 index 000000000..7c567409a --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/network_access_authorization_global_exception_rules.yml @@ -0,0 +1,55 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + # - name: Get all + # cisco.ise.network_access_global_exception_rules_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # register: result + + # - name: Print all + # ansible.builtin.debug: + # var: result + + - name: Get by id + cisco.ise.network_access_global_exception_rules_info: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + id: 1353121e-fa90-4cf7-b9cc-a7903e570063 + register: result + + # - name: Create or update an network_access_global_exception_rules + # cisco.ise.network_access_global_exception_rules: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # state: present + # rule: + # default: false + # name: Test2 + # hitCounts: 0 + # rank: 0 + # state: disabled + # condition: + # conditionType: ConditionReference + # isNegate: false + # dictionaryName: Network Access + # attributeName: EapAuthentication + # operator: equals + # attributeValue: EAP-MSCHAPv2 + # name: EAP-MSCHAPv2 + # id: c456a490-0429-4fd4-91d7-efd1eb1f855a + # profile: + # - PermitAccess + # securityGroup: BYOD + # register: result + + - name: Print result + ansible.builtin.debug: + var: result diff --git a/ansible_collections/cisco/ise/playbooks/network_access_authorization_rules.yml b/ansible_collections/cisco/ise/playbooks/network_access_authorization_rules.yml new file mode 100644 index 000000000..e36ea11a7 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/network_access_authorization_rules.yml @@ -0,0 +1,56 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + # - name: Get all + # cisco.ise.network_access_authorization_rules_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # register: result + + # - name: Print all + # ansible.builtin.debug: + # var: result + + # - name: Get by id + # cisco.ise.network_access_authorization_rules_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # id: d704e911-a916-11eb-8830-2ec507028ea8 + # register: result + + - name: Create or update an network_access_authorization_rules + cisco.ise.network_access_authorization_rules: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + rule: + default: false + name: Test2 + hitCounts: 00 + rank: 00 + state: disabled + condition: + conditionType: ConditionReference + isNegate: false + dictionaryName: Network Access + attributeName: EapAuthentication + operator: equals + attributeValue: EAP-MSCHAPv2 + name: EAP-MSCHAPv2 + id: c456a490-0429-4fd4-91d7-efd1eb1f855a + profile: + - PermitAccess + securityGroup: BYOD + policyId: acd4b55d-dca3-4b93-a160-8a2d01669827 + register: result + + - name: Print result + ansible.builtin.debug: + var: result diff --git a/ansible_collections/cisco/ise/playbooks/network_access_conditions.yml b/ansible_collections/cisco/ise/playbooks/network_access_conditions.yml new file mode 100644 index 000000000..e409e8203 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/network_access_conditions.yml @@ -0,0 +1,78 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + # - name: Get all network access conditions + # cisco.ise.network_access_conditions_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # register: result + + # - name: Print all + # ansible.builtin.debug: + # var: result + + # - name: Get a network access conditions by id + # cisco.ise.network_access_conditions_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # id: 15c562ac-459b-401f-8bf6-28bba3173467 + # register: result + + - name: Create or update a network access conditions + cisco.ise.network_access_conditions: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + conditionType: LibraryConditionAttributes + isNegate: false + name: My New Condition + description: New optional Description + dictionaryName: Radius + attributeName: Service-Type + operator: equals + attributeValue: Call Check + register: result + + - name: Print result + ansible.builtin.debug: + var: result + + # - name: Get a network access conditions by name + # cisco.ise.network_access_conditions_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # name: "My New Condition" + # register: result + + # - name: Print by name + # ansible.builtin.debug: + # var: result + + # - name: Delete a network access conditions by id + # cisco.ise.network_access_conditions: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # state: absent + # id: 08ff9783-20db-45e2-94fd-760c20320367 + # register: result + + # - name: Delete a network access conditions by name + # cisco.ise.network_access_conditions: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # state: absent + # name: "My New Condition" + # register: result diff --git a/ansible_collections/cisco/ise/playbooks/network_access_dictionary.yml b/ansible_collections/cisco/ise/playbooks/network_access_dictionary.yml new file mode 100644 index 000000000..805aa42c1 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/network_access_dictionary.yml @@ -0,0 +1,42 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + # - name: Get all + # cisco.ise.network_access_dictionary_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # name: Test_dict + # register: result + + # - name: Print all + # ansible.builtin.debug: + # var: result + + # - name: Get by id + # cisco.ise.network_access_dictionary_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # id: d704e911-a916-11eb-8830-2ec507028ea8 + # register: result + + - name: Create or update an network_access_dictionary + cisco.ise.network_access_dictionary: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + name: Test_dict + description: test dictionary + version: "1.0" + dictionaryAttrType: ENTITY_ATTR + register: result + + - name: Print result + ansible.builtin.debug: + var: result diff --git a/ansible_collections/cisco/ise/playbooks/network_access_dictionary_attribute.yml b/ansible_collections/cisco/ise/playbooks/network_access_dictionary_attribute.yml new file mode 100644 index 000000000..70ea8bd2f --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/network_access_dictionary_attribute.yml @@ -0,0 +1,43 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + # - name: Get all + # cisco.ise.network_access_dictionary_attribute_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # register: result + + # - name: Print all + # ansible.builtin.debug: + # var: result + + # - name: Get by id + # cisco.ise.network_access_dictionary_attribute_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # id: d704e911-a916-11eb-8830-2ec507028ea8 + # register: result + + - name: Create or update a network_access_dictionary_attribute + cisco.ise.network_access_dictionary_attribute: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + directionType: BOTH + name: val2 + description: value 2 + internalName: val2 + dataType: INT + dictionaryName: Test_dict + register: result + + - name: Print result + ansible.builtin.debug: + var: result diff --git a/ansible_collections/cisco/ise/playbooks/network_access_network_condition.yml b/ansible_collections/cisco/ise/playbooks/network_access_network_condition.yml new file mode 100644 index 000000000..4556a1de5 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/network_access_network_condition.yml @@ -0,0 +1,49 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + # - name: Get all + # cisco.ise.network_access_network_condition_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # register: result + + # - name: Print all + # ansible.builtin.debug: + # var: result + + # - name: Get by id + # cisco.ise.network_access_network_condition_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # id: d704e911-a916-11eb-8830-2ec507028ea8 + # register: result + + - name: Create or update an network_access_network_condition + cisco.ise.network_access_network_condition: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + name: Endstation condition 1 + description: Optional description + conditionType: EndstationCondition + ipAddrList: + - 1.1.1.1 + - 2.2.2.2 + macAddrList: + - 00-0E-A6-A7-63-F7,00-0E-A6-A7-63-F8 + - 00-0E-A6-A7-63-F7,-ANY- + - -ANY-,00-0E-A6-A7-63-F8 + cliDnisList: + - TBD + register: result + + - name: Print result + ansible.builtin.debug: + var: result diff --git a/ansible_collections/cisco/ise/playbooks/network_access_policy_set.yml b/ansible_collections/cisco/ise/playbooks/network_access_policy_set.yml new file mode 100644 index 000000000..cce90f385 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/network_access_policy_set.yml @@ -0,0 +1,59 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + # - name: Get all network policy set + # cisco.ise.network_access_policy_set_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # register: result + + # - name: Print all + # ansible.builtin.debug: + # var: result + + # - name: Get a network policy set by id + # cisco.ise.network_access_policy_set_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # id: "acd4b55d-dca3-4b93-a160-8a2d01669827" + # register: result + + # - name: Print by id + # ansible.builtin.debug: + # var: result + + - name: Create or update a network policy set + cisco.ise.network_access_policy_set: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + condition: + conditionType: ConditionReference + isNegate: false + name: My New Condition + description: New optional Description + id: 7bca72c0-712e-41ea-9d58-a8c368bc234d + default: false + description: Test Policy Set + isProxy: false + rank: 00 + serviceName: Default Network Access + name: Test Policy Set 2 + register: result + + # - name: Delete a network policy set by id + # cisco.ise.network_access_policy_set: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # state: absent + # id: 4f83e8c4-978e-4767-a218-9d5472d4dcc7 + # register: result diff --git a/ansible_collections/cisco/ise/playbooks/network_access_time_date_conditions.yml b/ansible_collections/cisco/ise/playbooks/network_access_time_date_conditions.yml new file mode 100644 index 000000000..88460eed2 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/network_access_time_date_conditions.yml @@ -0,0 +1,58 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + # - name: Get all + # cisco.ise.network_access_time_date_conditions_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # register: result + + # - name: Print all + # ansible.builtin.debug: + # var: result + + # - name: Get by id + # cisco.ise.network_access_time_date_conditions_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # id: d704e911-a916-11eb-8830-2ec507028ea8 + # register: result + + - name: Create or update an network_access_time_date_conditions + cisco.ise.network_access_time_date_conditions: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + conditionType: TimeAndDateCondition + isNegate: false + name: Test1 + description: + hoursRange: + startTime: "22:02" + endTime: "13:02" + hoursRangeException: + startTime: "23:02" + endTime: "23:50" + weekDays: + - Saturday + - Sunday + weekDaysException: + - Sunday + datesRange: + startDate: "2021-06-30" + endDate: "2021-07-03" + datesRangeException: + startDate: "2021-06-30" + endDate: "2021-06-30" + register: result + + - name: Print result + ansible.builtin.debug: + var: result diff --git a/ansible_collections/cisco/ise/playbooks/network_device.yml b/ansible_collections/cisco/ise/playbooks/network_device.yml new file mode 100644 index 000000000..47ec35d13 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/network_device.yml @@ -0,0 +1,72 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + # - name: Get all network devices + # cisco.ise.network_device_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # register: result + + # - name: Get a network device by id + # cisco.ise.network_device_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # id: 0667bc80-78a9-11eb-b987-005056aba98b + # register: result + + # - name: Get a network device by name + # cisco.ise.network_device_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # name: Test_Device_7 + # register: result + + - name: Create or update a network device + cisco.ise.network_device: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + name: ISE_EST_Local_Host_5 + NetworkDeviceIPList: + - ipaddress: 127.16.0.1 + mask: 32 + register: result + + ## Using environment variables + - name: Create or update a network device + cisco.ise.network_device: + state: present + name: ISE_EST_Local_Host_6 + NetworkDeviceIPList: + - ipaddress: 127.16.0.1 + mask: 32 + register: result + + # - name: Delete a network device by id + # cisco.ise.network_device: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # state: absent + # id: 970f2cb0-aa03-11eb-95af-f263cf05f605 + # register: result + + # - name: Delete a network device by name + # cisco.ise.network_device: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # state: absent + # name: Test_Device_7 + # register: result diff --git a/ansible_collections/cisco/ise/playbooks/network_device_group.yml b/ansible_collections/cisco/ise/playbooks/network_device_group.yml new file mode 100644 index 000000000..52ea47afe --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/network_device_group.yml @@ -0,0 +1,62 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + # - name: Get all network device groups + # cisco.ise.network_device_group_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # register: result + + - name: Get a network device group by id + cisco.ise.network_device_group_info: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + id: bcb32700-b04d-11eb-95af-f263cf05f605 + register: result + + - name: Get a network device group by name + cisco.ise.network_device_group_info: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + name: Department#Department#TEST5 + register: result + + - name: Create or update a network device group + cisco.ise.network_device_group: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + id: bcb32700-b04d-11eb-95af-f263cf05f605 + name: Department#Department#TEST5 + description: All Departments + othername: Department + register: result + + # - name: Delete a network device by id + # cisco.ise.network_device: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # state: absent + # id: a8147640-a9ff-11eb-95af-f263cf05f605 + # register: result + + # - name: Delete a network device group by name + # cisco.ise.network_device_group: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # state: absent + # name: Department#Department#TEST3 + # register: result diff --git a/ansible_collections/cisco/ise/playbooks/network_device_group_deparments.yml b/ansible_collections/cisco/ise/playbooks/network_device_group_deparments.yml new file mode 100644 index 000000000..2d7a0aae3 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/network_device_group_deparments.yml @@ -0,0 +1,173 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + - name: Departments + cisco.ise.network_device_group: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + name: Departments#Departments + description: All Departments + othername: Departments + register: result + + - name: Departments#Finance + cisco.ise.network_device_group: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + name: Departments#Departments#Finance + description: Finance + othername: Departments + register: result + + - name: Departments#HR + cisco.ise.network_device_group: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + name: Departments#Departments#HR + description: HR + othername: Departments + register: result + + - name: Departments#IT + cisco.ise.network_device_group: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + name: Departments#Departments#IT + description: IT + othername: Departments + register: result + + - name: Departments#Management + cisco.ise.network_device_group: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + name: Departments#Departments#Management + description: Management + othername: Departments + register: result + + - name: Departments#Marketing + cisco.ise.network_device_group: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + name: Departments#Departments#Marketing + description: Marketing + othername: Departments + register: result + + - name: Departments#Product + cisco.ise.network_device_group: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + name: Departments#Departments#Product + description: Product + othername: Departments + register: result + + - name: Departments#Services + cisco.ise.network_device_group: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + name: Departments#Departments#Services + description: Services + othername: Departments + register: result + + - name: Departments#Sales + cisco.ise.network_device_group: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + name: Departments#Departments#Sales + description: Sales + othername: Departments + register: result + + - name: Departments#Vendors + cisco.ise.network_device_group: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + name: Departments#Departments#Vendors + description: Vendors + othername: Departments + register: result + + - name: Location#All Locations#SJC + cisco.ise.network_device_group: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + name: Location#All Locations#SJC + description: San Jose + othername: Location + register: result + + - name: Location#All Locations#HNB + cisco.ise.network_device_group: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + name: Location#All Locations#HNB + description: Huntington Beach + othername: Location + register: result + + # - name: Get all network device groups + # cisco.ise.network_device_group_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # register: result + + # - name: Get a network device group by id + # cisco.ise.network_device_group_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # id: bcb32700-b04d-11eb-95af-f263cf05f605 + # register: result + + # - name: Get a network device group by name + # cisco.ise.network_device_group_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # name: Department#Department#TEST5 + # register: result diff --git a/ansible_collections/cisco/ise/playbooks/personas_deployment.yml b/ansible_collections/cisco/ise/playbooks/personas_deployment.yml new file mode 100644 index 000000000..40a303329 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/personas_deployment.yml @@ -0,0 +1,20 @@ +--- +- name: ISE Personas Deployment Playbook + hosts: localhost + connection: local + vars: + # Variables common to all deployment types + ise_deployment_type: medium + ise_username: admin + ise_password: C1sco12 + ise_domain: example.com + pan1_ip: + pan2_ip: + # Variables for medium or large deployments + psn1_ip: + psn2_ip: + # Variables specific for large deployments + mnt1_ip: + mnt2_ip: + roles: + - cisco.ise.personas_deployment diff --git a/ansible_collections/cisco/ise/playbooks/playbookstest.yml b/ansible_collections/cisco/ise/playbooks/playbookstest.yml new file mode 100644 index 000000000..c395d1796 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/playbookstest.yml @@ -0,0 +1,183 @@ +--- +- hosts: ise_servers + gather_facts: false + vars: + itemTest: + name: "Cisco_Ansible_Test_09_12" + accessType: "ACCESS_ACCEPT" + description: "Test" + authzProfileType: "SWITCH" + vlan: + nameID: "172_28_1_0-VN_IOT" + tagID: 1 + trackMovement: false + agentlessPosture: false + serviceTemplate: false + profileName: "Cisco" + tasks: + ## https://github.com/CiscoISE/ansible-ise/issues/72 + ## post 400 + # - name: Get all Network Access Authorization Rules + # cisco.ise.network_access_authorization_rules: + # state: present + # policyId: acd4b55d-dca3-4b93-a160-8a2d01669827 + # rule: + # default: false + # #id: d9e67664-799d-4ad9-a407-8365117c18e5 + # name: Ansible B TEST + # hitCounts: 0 + # rank: 0 + # state: enabled + # condition: + # conditionType: ConditionAndBlock + # isNegate: false + # children: + # - conditionType: ConditionReference + # isNegate: false + # name: Wireless_Access + # id: ff6008e0-5c35-48a3-9fab-e0e709983369 + # # description: >- + # # Default condition used to match any authentication request from Cisco + # # Wireless LAN Controller. + # - conditionType: ConditionAttributes + # isNegate: false + # dictionaryName: IdentityGroup + # attributeName: Name + # operator: equals + # #dictionaryValue: null + # attributeValue: 'Endpoint Identity Groups:Blocked List' + # profile: + # - Blackhole_Wireless_Access + # #securityGroup: null + # register: result + + # - name: Get all Network Access Authorization Rules + # cisco.ise.network_access_authorization_rules_info: + # policyId: acd4b55d-dca3-4b93-a160-8a2d01669827 + # register: result + + ## https://github.com/CiscoISE/ansible-ise/issues/74 + + # - name: Create or update Authorization profile + # cisco.ise.authorization_profile: + # name: "{{ itemTest.name }}" + # accessType: "{{ itemTest.accessType }}" + # description: "{{ itemTest.description }}" + # authzProfileType: "{{ itemTest.authzProfileType }}" + # vlan: + # nameID: "{{ itemTest.vlan.nameID }}" + # tagID: + # "{{itemTest.vlan.tagID|int}}" + # trackMovement: "{{ itemTest.trackMovement }}" + # agentlessPosture: "{{ itemTest.agentlessPosture }}" + # serviceTemplate: "{{ itemTest.serviceTemplate }}" + # profileName: "{{ itemTest.profileName }}" + # register: result + + # - name: Get all Authorization Profile + # cisco.ise.authorization_profile_info: + # name: Cisco_Temporal_Onboard + # register: result + + # - name: debug + # debug: + # msg: "{{ itemTest.vlan.tagID | int == 0 }}" + + # - name: debug + # debug: + # msg: | + # {{ item.vlanID | int }} + # loop: + # - { "vlanID": "1" } + # - { "vlanID": "2" } + # - { "vlanID": 2 } + + # - name: debug + # debug: + # var: |- + # {{ item.vlanID | int }} + # loop: + # - { "vlanID": 1 } + # - { "vlanID": "2" } + + ## https://github.com/CiscoISE/ansible-ise/issues/76 + ## Node group creation is not idempotent + ## fatal: [localhost]: FAILED! => {"changed": false, "msg": "An error occured when executing operation. The error was: [409] - The request could not be processed because it conflicts with some established rule of the system.\n{\n \"error\" : {\n \"message\" : \"NodeGroup 'TestGroup1' already exist.\"\n },\n \"version\" : \"1.0.0\"\n}"} + # - name: Create test node group. + # cisco.ise.node_group: + # state: present + # description: "Testing creation and idempotency" + # name: "TesAnsible76" + # nodeGroupName: "TesAnsible76" + # forceDelete: true + # register: result + + # - name: Get all Node Group + # cisco.ise.node_group_info: + # nodeGroupName: "NodeGroup2" + # register: result + + ##https://github.com/CiscoISE/ansible-ise/issues/79 + ## Cannot update + # - name: Create or update an network_access_authentication_rules + # cisco.ise.network_access_authentication_rules: + # state: present + # rule: + # default: false + # name: TestAnsibleIssue79 + # hitCounts: 00 + # rank: 0 + # state: enabled + # #id: b086e85e-6118-4b67-8efc-05d692423afb + # condition: + # conditionType: ConditionReference + # isNegate: false + # dictionaryName: Network Access + # attributeName: EapAuthentication + # operator: equals + # attributeValue: EAP-MSCHAPv2 + # name: EAP-MSCHAPv2 + # id: c456a490-0429-4fd4-91d7-efd1eb1f855a + # ifAuthFail: REJECT + # ifUserNotFound: REJECT + # ifProcessFail: DROP + # policyId: acd4b55d-dca3-4b93-a160-8a2d01669827 + # register: result + + + ##https://github.com/CiscoISE/ansible-ise/issues/77 + ## Get error + ## node_group_node_info + # - name: Get all Node Group Node + # cisco.ise.node_group_node_info: + # nodeGroupName: TesAnsible76 + # register: result + + ##https://github.com/CiscoISE/ansible-ise/issues/81 + ## Unable to update Authorization Policies + ##network_access_authorization_rules + - name: CRUD + cisco.ise.network_access_authorization_rules: + state: present + #state: absent + rule: + default: false + name: TestAnsibleIssue81 + rank: 0 + state: enabled + condition: + conditionType: ConditionAttributes + isNegate: false + dictionaryName: IdentityGroup + attributeName: Name + operator: equals + attributeValue: 'Endpoint Identity Groups:IAC_Lab1' + profile: + - Blackhole_Wireless_Access + #securityGroup: BYOD + policyId: acd4b55d-dca3-4b93-a160-8a2d01669827 + register: result + + - name: Print Authorization profile + ansible.builtin.debug: + var: result
\ No newline at end of file diff --git a/ansible_collections/cisco/ise/playbooks/portal_global_setting.yml b/ansible_collections/cisco/ise/playbooks/portal_global_setting.yml new file mode 100644 index 000000000..2b6edf78d --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/portal_global_setting.yml @@ -0,0 +1,32 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + - name: "Get portal global setting" + cisco.ise.portal_global_setting_info: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + register: portal_global_settings + + - name: "Print portal global setting id" + ansible.builtin.debug: + var: portal_global_settings['ise_response'][0]['id'] + when: not ansible_check_mode + + - name: "Update portal global setting" + cisco.ise.portal_global_setting: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + id: "{{ portal_global_settings['ise_response'][0]['id']}}" + customization: HTML + when: not ansible_check_mode + register: result + + - name: Print result + ansible.builtin.debug: + var: result diff --git a/ansible_collections/cisco/ise/playbooks/portal_theme.yml b/ansible_collections/cisco/ise/playbooks/portal_theme.yml new file mode 100644 index 000000000..db56491e7 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/portal_theme.yml @@ -0,0 +1,31 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + - name: Get portal_theme + cisco.ise.portal_theme_info: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + id: 9eb58150-8c01-11e6-996c-525400b48521 + register: portal_theme + + - name: Print portal_theme id + ansible.builtin.debug: + var: portal_theme['ise_response'] + + - name: Update portal_theme + cisco.ise.portal_theme: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + name: Custom Olive theme + themeData: olive + register: result + + # - name: Print result + # ansible.builtin.debug: + # var: result diff --git a/ansible_collections/cisco/ise/playbooks/profiler-services.yml b/ansible_collections/cisco/ise/playbooks/profiler-services.yml new file mode 100644 index 000000000..85d9d9018 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/profiler-services.yml @@ -0,0 +1,40 @@ +--- +# profiler_config: +# # - netflow: +# - dhcp: +# interfaces: +# - interface: 'GigabitEthernet0' +# port: 67 +# # - dhcpSpan: +# # - http: +# - radius: {} +# - nmap: {} +# # - dns: +# - snmpQuery: +# retries: 2 +# timeout: 1000 +# eventTimeout: 30 +# # - snmpTrap: +# - activeDirectory: +# daysBeforeRescan: 1 +# # - pxgrid: {} + +profiler_config: + #netflow: null + dhcp: + interfaces: + - interface: GigabitEthernet 0 + port: 67 + #dhcpSpan: null + #http: null + radius: [] + nmap: [] + #dns: null + snmpQuery: + retries: 2 + timeout: 1000 + eventTimeout: 30 + #snmpTrap: null + activeDirectory: + daysBeforeRescan: 1 + #pxgrid: null
\ No newline at end of file diff --git a/ansible_collections/cisco/ise/playbooks/radius_server_sequence.yml b/ansible_collections/cisco/ise/playbooks/radius_server_sequence.yml new file mode 100644 index 000000000..f86a508e6 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/radius_server_sequence.yml @@ -0,0 +1,52 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + # - name: Get all + # cisco.ise.radius_server_sequence_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # register: result + + # - name: Print all + # ansible.builtin.debug: + # var: result + + # - name: Get by id + # cisco.ise.radius_server_sequence_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # id: d704e911-a916-11eb-8830-2ec507028ea8 + # register: result + + - name: Create or update an radius_server_sequence + cisco.ise.radius_server_sequence: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + name: TESTSeq + description: TESTSequence + stripPrefix: false + stripSuffix: false + prefixSeparator: \ + suffixSeparator: "@" + remoteAccounting: true + localAccounting: false + useAttrSetOnRequest: false + useAttrSetBeforeAcc: false + continueAuthorzPolicy: false + RadiusServerList: + - externalRadiusServer1 + OnRequestAttrManipulatorList: [] + BeforeAcceptAttrManipulatorsList: [] + register: result + + - name: Print result + ansible.builtin.debug: + var: result diff --git a/ansible_collections/cisco/ise/playbooks/sponsor_portal.yml b/ansible_collections/cisco/ise/playbooks/sponsor_portal.yml new file mode 100644 index 000000000..d2a7132bd --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/sponsor_portal.yml @@ -0,0 +1,1096 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + # - name: Get all + # cisco.ise.sponsor_portal_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # register: result + + # - name: Print all + # ansible.builtin.debug: + # var: result + + # - name: Get by id + # cisco.ise.sponsor_portal_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # id: d704e911-a916-11eb-8830-2ec507028ea8 + # register: result + + - name: Create or update an sponsor_portal + cisco.ise.sponsor_portal: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + state: present + name: Sponsor Portal (test 2) + description: Default portal used by sponsors to create and manage accounts for authorized visitors to securely access the network + portalType: SPONSOR + portalTestUrl: https://198.18.133.27:8445/sponsorportal/PortalSetup.action?portal=fe0fc087-6fd7-44fa-966e-ad4ba1c8f557 + settings: + portalSettings: + httpsPort: 8445 + allowedInterfaces: + - eth0 + - bond0 + certificateGroupTag: Default Portal Certificate Group + authenticationMethod: 92faba60-8c01-11e6-996c-525400b48521 + idleTimeout: 10 + displayLang: USEBROWSERLOCALE + fallbackLanguage: English + alwaysUsedLanguage: Italian + availableSsids: [] + loginPageSettings: + maxFailedAttemptsBeforeRateLimit: 5 + timeBetweenLoginsDuringRateLimit: 2 + includeAup: false + requireAupScrolling: false + socialConfigs: [] + aupSettings: + includeAup: true + requireScrolling: false + displayFrequency: FIRSTLOGIN + sponsorChangePasswordSettings: + allowSponsorToChangePwd: false + postLoginBannerSettings: + includePostAccessBanner: false + supportInfoSettings: + includeSupportInfoPage: false + includeMacAddr: true + includeIpAddress: true + includeBrowserUserAgent: true + includePolicyServer: true + includeFailureCode: true + emptyFieldDisplay: HIDE + customizations: + portalTheme: + id: 9eb421c0-8c01-11e6-996c-525400b48521 + name: Default Blue theme + portalTweakSettings: {} + language: + viewLanguage: English + globalCustomizations: + bannerTitle: Sponsor Portal + contactText: Contact Support + footerElement: "" + pageCustomizations: + data: + - key: ui_date_picker_month_august + value: QXVndXN0 + - key: ui_error_content_label + value: RXJyb3I= + - key: ui_notify_import_done_button + value: RG9uZQ== + - key: ui_create_accounts_content_label + value: Q3JlYXRlIEFjY291bnRz + - key: ui_notify_copy_me_label + value: Q29weSBtZQ== + - key: ui_print_account_partial_failure_message + value: TnVtYmVyIG9mIGVycm9yczo= + - key: ui_contact_optional_content_1 + value: "" + - key: ui_contact_optional_content_2 + value: "" + - key: ui_one_click_guest_approved + value: R3Vlc3QgKCR1aV9ndWVzdF91c2VybmFtZSQpIGhhcyBiZWVuIGFwcHJvdmVkLg== + - key: ui_create_random_number_accounts_label + value: TnVtYmVyIG9mIGFjY291bnRzOg== + - key: ui_date_picker_month_may + value: TWF5 + - key: ui_approve_account_partial_failure_message + value: TnVtYmVyIG9mIGVycm9yczo= + - key: ui_login_aup_link + value: VGVybXMgYW5kIENvbmRpdGlvbnM= + - key: ui_one_click_guest_denied + value: R3Vlc3QgKCR1aV9ndWVzdF91c2VybmFtZSQpIGhhcyBiZWVuIGRlbmllZC4= + - key: ui_column_user_name_header + value: VXNlcm5hbWU= + - key: ui_invalid_password_policy_error + value: SW52YWxpZCBQYXNzd29yZCBQb2xpY3ku + - key: ui_account_state_label + value: U3RhdGU6 + - key: ui_reset_password_send_summary_email_label + value: U2VuZCBtZSBhIHN1bW1hcnkgb2YgcGFzc3dvcmQgcmVzZXQ= + - key: ui_notices_action_import_label + value: Q3JlYXRlIEltcG9ydCBBY2NvdW50cw== + - key: ui_location_label + value: TG9jYXRpb246 + - key: ui_email_account_partial_success_message + value: U29tZSBlcnJvcnMgb2NjdXJyZWQuIFRoZSBudW1iZXIgb2YgYWNjb3VudHMgc3VjY2Vzc2Z1bGx5IGVtYWlsZWQ6 + - key: ui_resend_account_cancel_button + value: Q2FuY2Vs + - key: ui_field_company_name_error + value: UGxlYXNlIGVudGVyIGEgdmFsaWQgY29tcGFueSBuYW1lLg== + - key: ui_one_click_sponsor_no_privilege + value: U3BvbnNvciBkaWQgbm90IGhhdmUgcHJpdmlsZWdlIHRvIGFwcHJvdmUvZGVueSBndWVzdHMu + - key: ui_unit_wednesday + value: V2VkbmVzZGF5 + - key: ui_contact_sessioninfo_title + value: U2Vzc2lvbiBJbmZvcm1hdGlvbg== + - key: ui_first_name_label + value: Rmlyc3QgbmFtZTo= + - key: ui_aup_accept_button + value: QWNjZXB0 + - key: ui_create_random_accounts_batch_limit_label + value: TWF4aW11bTogIA== + - key: ui_unit_sunday + value: U3VuZGF5 + - key: ui_sms_account_partial_success_message + value: U29tZSBlcnJvcnMgb2NjdXJyZWQuIFRoZSBudW1iZXIgb2YgYWNjb3VudHMgc3VjY2Vzc2Z1bGx5IHRleHRlZDo= + - key: ui_one_click_login_submit + value: U3VibWl0 + - key: ui_changepwd_values_match_error + value: WW91IG11c3QgZW50ZXIgdGhlIHNhbWUgcGFzc3dvcmQgaW4gdGhlIE5ldyBQYXNzd29yZCBhbmQgQ29uZmlybSBQYXNzd29yZCBmaWVsZHMu + - key: ui_error_optional_content_2 + value: "" + - key: ui_error_optional_content_1 + value: "" + - key: ui_login_page_title + value: IFNwb25zb3IgUG9ydGFsIFNpZ24gT24= + - key: ui_notices_column_action_name_header + value: QWN0aW9uIE5hbWU= + - key: ui_create_random_tab_label + value: UmFuZG9t + - key: ui_suspend_account_confirm_single_message + value: QXJlIHlvdSBzdXJlIHlvdSB3YW50IHRvIHN1c3BlbmQgdGhpcyBhY2NvdW50Pw== + - key: ui_changepwd_content_label + value: Q2hhbmdlIFBhc3N3b3Jk + - key: ui_create_known_total_failure_message + value: VW5hYmxlIHRvIGNyZWF0ZSBhY2NvdW50Lg== + - key: ui_reinstate_account_success_multi_message + value: U2VsZWN0ZWQgYWNjb3VudHMgcmVpbnN0YXRlZCBzdWNjZXNzZnVsbHku + - key: ui_create_accounts_access_info_instruction_message + value: "" + - key: ui_changepwd_values_unique_error + value: WW91IGNhbm5vdCBlbnRlciB0aGUgc2FtZSBwYXNzd29yZCBpbiB0aGUgQ3VycmVudCBQYXNzd29yZCBhbmQgTmV3IFBhc3N3b3JkIGZpZWxkcy4= + - key: ui_deny_account_confirm_single_message + value: QXJlIHlvdSBzdXJlIHlvdSB3YW50IGRlbnkgdGhpcyBhY2NvdW50Pw== + - key: ui_ssid_label + value: U1NJRDo= + - key: ui_contact_instruction_message + value: Q29udGFjdCBIZWxwIERlc2s= + - key: ui_notify_email_label + value: RW1haWw= + - key: ui_time_label + value: VGltZTo= + - key: ui_create_accounts_access_info_from_date_label + value: RnJvbSBEYXRlICh5eXl5LW1tLWRkKQ== + - key: ui_contact_helpdesk_text + value: TmVlZCBoZWxwPyBDb250YWN0IG91ciBIZWxwIERlc2sgYXQgKHh4eCkgeHh4LXh4eHgu + - key: ui_notices_status_pending_label + value: UGVuZGluZw== + - key: ui_guest_location_label + value: TG9jYXRpb246 + - key: ui_username_mismatch_policy_error + value: VXNlcm5hbWUgZGlkIG5vdCBtYXRjaCBVc2VybmFtZSBQb2xpY3k= + - key: ui_manage_accounts_filter_label + value: YWNjb3VudHMgZm91bmQ= + - key: ui_resend_account_send_summary_email_label + value: U2VuZCBtZSBhIHN1bW1hcnk= + - key: ui_menu_switch_desktop_button + value: U3dpdGNoIHRvIGRlc2t0b3AgbW9kZQ== + - key: ui_resend_account_partial_success_message + value: U29tZSBlcnJvcnMgb2NjdXJyZWQuIFRoZSBudW1iZXIgb2YgYWNjb3VudHMgc3VjY2Vzc2Z1bGx5IHJlc2VudDo= + - key: ui_reset_password_cancel_button + value: Q2FuY2Vs + - key: ui_create_accounts_import_button + value: SW1wb3J0 + - key: ui_sms_account_success_single_message + value: QWNjb3VudCB0ZXh0ZWQgc3VjY2Vzc2Z1bGx5Lg== + - key: ui_suspend_account_async_message + value: + "QmVjYXVzZSBhIGxhcmdlIGFtb3VudCBvZiBhY2NvdW50cyB3ZXJlIHNlbGVjdGVkLCBhY2NvdW50cyB3aWxsIGJlIHN1c3BlbmRlZCB\ + pbiB0aGUgYmFja2dyb3VuZC4gQ2hlY2sgTm90aWNlcyBmb3Igc3RhdHVzLg==" + - key: ui_contact_link + value: Q29udGFjdCBTdXBwb3J0 + - key: ui_notices_filter_label + value: Tm90aWNlcyBmb3VuZA== + - key: ui_contact_user_agent_label + value: VXNlciBhZ2VudDo= + - key: ui_reset_password_account_partial_success_message + value: U29tZSBlcnJvcnMgb2NjdXJyZWQuIFRoZSBudW1iZXIgb2YgYWNjb3VudHMgc3VjY2Vzc2Z1bGx5IHJlc2V0Og== + - key: ui_create_known_success_single_message + value: QWNjb3VudCBjcmVhdGVkIHN1Y2Nlc3NmdWxseS4= + - key: ui_delete_account_confirm_multi_message + value: QXJlIHlvdSBzdXJlIHlvdSB3YW50IHRvIGRlbGV0ZSB0aGUgc2VsZWN0ZWQgYWNjb3VudHM/ + - key: ui_extend_account_extend_by_label + value: RXh0ZW5kIGJ5 + - key: ui_create_known_partial_failure_message + value: TnVtYmVyIG9mIGVycm9yczo= + - key: ui_changepwd_page_title + value: Q2hhbmdlIFBhc3N3b3Jk + - key: ui_create_random_instruction_message + value: "" + - key: ui_notices_status_success_label + value: U3VjY2Vzcw== + - key: ui_account_state_denied_state_label + value: RGVuaWVk + - key: ui_notices_edit_button + value: RWRpdA== + - key: ui_group_tag_label + value: R3JvdXAgdGFnOg== + - key: ui_date_picker_short_day_friday + value: Rg== + - key: ui_extend_account_total_failure_message + value: VW5hYmxlIHRvIGV4dGVuZCBhY2NvdW50Lg== + - key: ui_notices_column_end_time_header + value: RW5k + - key: ui_one_click_login_title + value: QXBwcm92ZS9EZW55IEd1ZXN0 + - key: ui_account_details_content_label + value: QWNjb3VudCBEZXRhaWxz + - key: ui_print_account_async_message + value: + "QmVjYXVzZSBhIGxhcmdlIG51bWJlciBhY2NvdW50cyB3ZXJlIHNlbGVjdGVkLCBhIHByaW50IGpvYiB3aWxsIGJlIGNyZWF0ZWQgaW4gdGhlIGJhY2tncm91bmQuI\ + FdoZW4gdGhlIHByaW50IGpvYiBpcyByZWFkeSwgeW91IGNhbiB0aGVuIHNlbmQgaXQgdG8gYSBwcmludGVyLiBDaGVjayBOb3RpY2VzIHRvIGRldGVybWluZSB3aGV\ + uIHRoZSBwcmludCBqb2IgaXMgcmVhZHkgdG8gYmUgc2VudCB0byBhIHByaW50ZXIu" + - key: ui_create_random_total_failure_message + value: VW5hYmxlIHRvIGNyZWF0ZSByYW5kb20gYWNjb3VudC4= + - key: ui_manage_accounts_empty_error + value: Tm8gZ3Vlc3QgYWNjb3VudHMgYXQgdGhpcyBtb21lbnQu + - key: ui_create_random_async_message + value: + "QmVjYXVzZSBhIGxhcmdlIGFtb3VudCBvZiByYW5kb20gYWNjb3VudHMgd2VyZSBwcm92aWRlZC4gUmFuZG9tIGFjY291bnRzIHdpbGwgYmUgY3JlYXRlZCBpbiB0a\ + GUgYmFja2dyb3VuZC4gQ2hlY2sgTm90aWNlcyBmb3Igc3RhdHVzLg==" + - key: ui_create_accounts_aup_agreement_label + value: QWdyZWUgdG8= + - key: ui_use_mobile_number_as_username_label + value: VXNlIE1vYmlsZSBudW1iZXIgYXMgdXNlcm5hbWU= + - key: ui_date_picker_short_day_monday + value: TQ== + - key: ui_time_duration_label + value: RHVyYXRpb246 + - key: ui_date_picker_month_february + value: RmVicnVhcnk= + - key: ui_resend_account_confirm_single_message + value: QXJlIHlvdSBzdXJlIHlvdSB3YW50IHRvIHJlc2VuZCB0aGlzIGFjY291bnQ/ + - key: ui_notify_known_ok_button + value: T2s= + - key: ui_suspend_account_partial_success_message + value: U29tZSBlcnJvcnMgb2NjdXJyZWQuIFRoZSBudW1iZXIgb2YgYWNjb3VudHMgc3VjY2Vzc2Z1bGx5IHN1c3BlbmRlZDo= + - key: ui_help_link + value: SGVscA== + - key: ui_one_click_login_username + value: VXNlcm5hbWU6 + - key: ui_user_last_login_ipaddr_label + value: RnJvbTo= + - key: ui_create_accounts_batch_limit_label + value: TWF4aW11bTo= + - key: ui_date_picker_month_july + value: SnVseQ== + - key: ui_resend_account_confirm_multi_message + value: QXJlIHlvdSBzdXJlIHlvdSB3YW50IHRvIHJlc2VuZCB0aGUgc2VsZWN0ZWQgYWNjb3VudHM/ + - key: ui_delete_notice_success_multi_message + value: U2VsZWN0ZWQgbm90aWNlcyBkZWxldGVkIHN1Y2Nlc3NmdWxseS4= + - key: ui_sms_provider_label + value: U01TIHByb3ZpZGVyOg== + - key: ui_first_login_text + value: Rmlyc3QgTG9naW4= + - key: ui_login_username_label + value: VXNlcm5hbWU6 + - key: ui_account_action_reset_password_button + value: UmVzZXQgUGFzc3dvcmQ= + - key: ui_create_accounts_access_info_from_time_label + value: RnJvbSBUaW1l + - key: ui_approve_accounts_empty_error + value: Tm8gcGVuZGluZyBndWVzdCBhY2NvdW50cyBhdCB0aGlzIG1vbWVudC4= + - key: ui_create_import_partial_failure_message + value: TnVtYmVyIG9mIGVycm9yczo= + - key: ui_create_accounts_access_info_content_label + value: QWNjZXNzIEluZm9ybWF0aW9u + - key: ui_date_picker_month_june + value: SnVuZQ== + - key: ui_notices_status_inprogress_label + value: SW4gUHJvZ3Jlc3M= + - key: ui_email_account_success_single_message + value: QWNjb3VudCBlbWFpbGVkIHN1Y2Nlc3NmdWxseS4= + - key: ui_approve_account_async_message + value: + "QmVjYXVzZSBhIGxhcmdlIGFtb3VudCBvZiBhY2NvdW50cyB3ZXJlIHNlbGVjdGVkLCBhY2NvdW50cyB3aWxsIGJlIGFwcHJvdm\ + VkIGluIHRoZSBiYWNrZ3JvdW5kLiBDaGVjayBOb3RpY2VzIGZvciBzdGF0dXMu" + - key: ui_one_click_login_password + value: UGFzc3dvcmQ6 + - key: ui_invalid_username_policy_error + value: SW52YWxpZCBVc2VybmFtZSBQb2xpY3ku + - key: ui_edit_accounts_guest_info_content_label + value: R3Vlc3QgSW5mb3JtYXRpb24= + - key: ui_delete_account_cancel_button + value: Q2FuY2Vs + - key: ui_field_required_error + value: VGhpcyBmaWVsZCBpcyByZXF1aXJlZC4= + - key: ui_print_account_success_multi_message + value: U2VsZWN0ZWQgYWNjb3VudHMgcHJpbnRlZCBzdWNjZXNzZnVsbHku + - key: ui_field_date_mdy_error + value: SW52YWxpZCBkYXRlIGZvcm1hdCAobW0vZGQveXl5eSku + - key: ui_suspend_account_confirm_multi_message + value: QXJlIHlvdSBzdXJlIHlvdSB3YW50IHRvIHN1c3BlbmQgdGhlIHNlbGVjdGVkIGFjY291bnRzPw== + - key: ui_column_first_name_header + value: Rmlyc3QgTmFtZQ== + - key: ui_notices_action_email_label + value: RW1haWwgR3Vlc3Rz + - key: ui_create_accounts_access_info_days_label + value: RGF5cw== + - key: ui_lastname_mismatch_policy_error + value: TGFzdE5hbWUgZGlkIG5vdCBtYXRjaCBVc2VybmFtZSBQb2xpY3k= + - key: ui_create_accounts_guest_type_instruction_message + value: "" + - key: ui_suspend_account_ok_button + value: T2s= + - key: ui_sms_account_success_multi_message + value: U2VsZWN0ZWQgYWNjb3VudHMgdGV4dGVkIHN1Y2Nlc3NmdWxseS4= + - key: ui_expiration_date_label + value: RXhwaXJhdGlvbiBkYXRlOg== + - key: ui_changepwd_policy_error_message + value: + "WW91ciBwYXNzd29yZCBkb2VzIG5vdCBtZWV0IHRoZSBwYXNzd29yZCBwb2xpY3kgcmVxdWlyZW1lbnRzLiBQbGVhc2UgY29udGFjdCB5b3V\ + yIHN5c3RlbSBhZG1pbmlzdHJhdG9yIGZvciBwcm9wZXIgY29tcGxleGl0eSBzZXR0aW5ncy4=" + - key: ui_approve_account_success_single_message + value: QWNjb3VudCBhcHByb3ZlZCBzdWNjZXNzZnVsbHku + - key: ui_edit_accounts_access_info_content_label + value: QWNjZXNzIEluZm9ybWF0aW9u + - key: ui_to_date_label + value: VG8gZGF0ZSAoeXl5eS1tbS1kZCk6 + - key: ui_delete_account_async_message + value: + "QmVjYXVzZSBhIGxhcmdlIGFtb3VudCBvZiBhY2NvdW50cyB3ZXJlIHNlbGVjdGVkLCBhY2NvdW50cyB3aWxsIGJlIGRlbGV0ZWQg\ + aW4gdGhlIGJhY2tncm91bmQuIENoZWNrIE5vdGljZXMgZm9yIHN0YXR1cy4=" + - key: ui_end_of_day_label + value: RW5kIG9mIGJ1c2luZXNzIGRheQ== + - key: ui_column_phone_number_header + value: TW9iaWxlIE51bWJlcg== + - key: ui_deny_account_ok_button + value: T0s= + - key: ui_field_time_error + value: SW52YWxpZCB0aW1lIGZvcm1hdCAoaGg6bW0pLg== + - key: ui_resend_account_partial_failure_message + value: TnVtYmVyIG9mIGVycm9yczo= + - key: ui_extend_account_maximum_label + value: TWF4aW11bTog + - key: ui_account_state_awaiting_login_state_label + value: Q3JlYXRlZA== + - key: ui_home_welcome_message + value: V2VsY29tZQ== + - key: ui_notify_import_notify_button + value: Tm90aWZ5 + - key: ui_remote_db_connect_error + value: VGhlcmUgd2FzIGEgcHJvYmxlbSB1cGRhdGluZyB0aGUgcmVtb3RlIGRhdGFiYXNlLiBQbGVhc2UgY29udGFjdCBoZWxwIGRlc2sgZm9yIGFzc2lzdGFuY2Uu + - key: ui_changepwd_submit_button + value: Q2hhbmdlIFBhc3N3b3Jk + - key: ui_one_click_guest_signon + value: U2lnbiBPbg== + - key: ui_post_access_content_label + value: UG9zdCBBY2Nlc3M= + - key: ui_column_sponsor_header + value: U3BvbnNvcg== + - key: ui_aup_sponsor_text + value: + "WW91IGFyZSByZXNwb25zaWJsZSBmb3IgbWFpbnRhaW5pbmcgdGhlIGNvbmZpZGVudGlhbGl0eSBvZiB0aGUgcGFzc3dvcmQgYW5kIGFsbCBhY3Rpdml0aWVzIHRoYXQgb2NjdX\ + IgdW5kZXIgeW91ciB1c2VybmFtZSBhbmQgcGFzc3dvcmQuIENpc2NvIFN5c3RlbXMgb2ZmZXJzIHRoZSBTZXJ2aWNlIGZvciBhY3Rpdml0aWVzIHN1Y2ggYXMgdGhlIGFjdGl2ZSB1\ + c2Ugb2YgZS1tYWlsLCBpbnN0YW50IG1lc3NhZ2luZywgYnJvd3NpbmcgdGhlIFdvcmxkIFdpZGUgV2ViIGFuZCBhY2Nlc3NpbmcgY29ycG9yYXRlIGludHJhbmV0cy4gSGlnaCB2b2\ + x1bWUgZGF0YSB0cmFuc2ZlcnMsIGVzcGVjaWFsbHkgc3VzdGFpbmVkIGhpZ2ggdm9sdW1lIGRhdGEgdHJhbnNmZXJzLCBhcmUgbm90IHBlcm1pdHRlZC4gSG9zdGluZyBhIHdlYiBz\ + ZXJ2ZXIgb3IgYW55IG90aGVyIHNlcnZlciBieSB1c2Ugb2Ygb3VyIFNlcnZpY2UgaXMgcHJvaGliaXRlZC4gVHJ5aW5nIHRvIGFjY2VzcyBzb21lb25lIGVsc2UncyBhY2NvdW50LC\ + BzZW5kaW5nIHVuc29saWNpdGVkIGJ1bGsgZS1tYWlsLCBjb2xsZWN0aW9uIG9mIG90aGVyIHBlb3BsZSdzIHBlcnNvbmFsIGRhdGEgd2l0aG91dCB0aGVpciBrbm93bGVkZ2UgYW5k\ + IGludGVyZmVyZW5jZSB3aXRoIG90aGVyIG5ldHdvcmsgdXNlcnMgYXJlIGFsbCBwcm9oaWJpdGVkLiBDaXNjbyBTeXN0ZW1zIHJlc2VydmVzIHRoZSByaWdodCB0byBzdXNwZW5kIH\ + RoZSBTZXJ2aWNlIGlmIENpc2NvIFN5c3RlbXMgcmVhc29uYWJseSBiZWxpZXZlcyB0aGF0IHlvdXIgdXNlIG9mIHRoZSBTZXJ2aWNlIGlzIHVucmVhc29uYWJseSBleGNlc3NpdmUg\ + b3IgeW91IGFyZSB1c2luZyB0aGUgU2VydmljZSBmb3IgY3JpbWluYWwgb3IgaWxsZWdhbCBhY3Rpdml0aWVzLiBZb3UgZG8gbm90IGhhdmUgdGhlIHJpZ2h0IHRvIHJlc2VsbCB0aG\ + lzIFNlcnZpY2UgdG8gYSB0aGlyZCBwYXJ0eS4gQ2lzY28gU3lzdGVtcyByZXNlcnZlcyB0aGUgcmlnaHQgdG8gcmV2aXNlLCBhbWVuZCBvciBtb2RpZnkgdGhlc2UgVGVybXMgJiBD\ + b25kaXRpb25zLCBvdXIgb3RoZXIgcG9saWNpZXMgYW5kIGFncmVlbWVudHMsIGFuZCBhc3BlY3RzIG9mIHRoZSBTZXJ2aWNlIGl0c2VsZi4gTm90aWNlIG9mIGFueSByZXZpc2lvbi\ + wgYW1lbmRtZW50LCBvciBtb2RpZmljYXRpb24gd2lsbCBiZSBwb3N0ZWQgb24gQ2lzY28gU3lzdGVtJ3Mgd2Vic2l0ZSBhbmQgd2lsbCBiZSBlZmZlY3RpdmUgYXMgdG8gZXhpc3Rp\ + bmcgdXNlcnMgMzAgZGF5cyBhZnRlciBwb3N0aW5nLg==" + - key: ui_reset_password_account_partial_failure_message + value: TnVtYmVyIG9mIGVycm9yczo= + - key: ui_create_import_total_failure_message + value: VW5hYmxlIHRvIGltcG9ydCBhY2NvdW50cy4gQSBmYWlsdXJlIG9jY3VycmVkIGluIGxpbmUg + - key: ui_suspend_account_cancel_button + value: Q2FuY2Vs + - key: ui_deny_account_cancel_button + value: Q2FuY2Vs + - key: ui_approve_account_confirm_multi_message + value: QXJlIHlvdSBzdXJlIHlvdSB3YW50IHRvIGFwcHJvdmUgdGhlIHNlbGVjdGVkIGFjY291bnRzPw== + - key: ui_create_accounts_access_info_maximum_duration_label + value: TWF4aW11bTo= + - key: ui_one_click_guest_processed + value: VGhpcyBndWVzdCBhY2NvdW50IHJlcXVlc3QgaGFzIGFscmVhZHkgYmVlbiBwcm9jZXNzZWQu + - key: ui_account_action_reinstate_button + value: UmVpbnN0YXRl + - key: ui_menu_sign_out_button + value: U2lnbiBPdXQ= + - key: ui_notify_random_notify_button + value: UHJpbnQ= + - key: ui_reinstate_account_success_single_message + value: QWNjb3VudCByZWluc3RhdGVkIHN1Y2Nlc3NmdWxseS4= + - key: ui_contact_content_label + value: U3VwcG9ydCBJbmZvcm1hdGlvbg== + - key: ui_reinstate_account_partial_success_message + value: U29tZSBlcnJvcnMgb2NjdXJyZWQuIFRoZSBudW1iZXIgb2YgYWNjb3VudHMgc3VjY2Vzc2Z1bGx5IHJlaW5zdGF0ZWQ6 + - key: ui_login_failed_error + value: QXV0aGVudGljYXRpb24gZmFpbGVkLg== + - key: ui_deny_account_partial_failure_message + value: TnVtYmVyIG9mIGVycm9yczo= + - key: ui_menu_change_password_button + value: Q2hhbmdlIFBhc3N3b3Jk + - key: ui_create_accounts_guest_type_access_allowed_label + value: QWNjZXNzIGFsbG93ZWQ6 + - key: ui_notices_status_failed_label + value: RmFpbGVk + - key: ui_notices_status_partial_success_label + value: Q29tcGxldGUvRXJyb3Jz + - key: ui_extend_account_async_message + value: + "QmVjYXVzZSBhIGxhcmdlIGFtb3VudCBvZiBhY2NvdW50cyB3ZXJlIHNlbGVjdGVkLCBhY2NvdW50cyB3aWxsIGJlIGV4\ + dGVuZGVkIGluIHRoZSBiYWNrZ3JvdW5kLiBDaGVjayBOb3RpY2VzIGZvciBzdGF0dXMu" + - key: ui_create_known_async_message + value: + "QmVjYXVzZSBhIGxhcmdlIGFtb3VudCBvZiBhY2NvdW50cyB3ZXJlIHByb3ZpZGVkLCBhY2NvdW50cyB3aWxsIGJlIGNy\ + ZWF0ZWQgaW4gdGhlIGJhY2tncm91bmQuIENoZWNrIE5vdGljZXMgZm9yIHN0YXR1cy4=" + - key: ui_changepwd_cancel_button + value: Q2FuY2Vs + - key: ui_account_state_active_state_label + value: QWN0aXZl + - key: ui_post_access_instruction_message + value: "" + - key: ui_aup_content_label + value: QWNjZXB0YWJsZSBVc2UgUG9saWN5 + - key: ui_delete_notice_success_single_message + value: Tm90aWNlIGRlbGV0ZWQgc3VjY2Vzc2Z1bGx5Lg== + - key: ui_create_accounts_access_info_minutes_label + value: TWludXRlcw== + - key: ui_to_time_label + value: VG8gdGltZTo= + - key: ui_resend_account_success_multi_message + value: U2VsZWN0ZWQgYWNjb3VudHMgcmVzZW50IHN1Y2Nlc3NmdWxseS4= + - key: ui_last_name_label + value: TGFzdCBuYW1lOg== + - key: ui_account_action_resend_button + value: UmVzZW5k + - key: ui_print_account_total_failure_message + value: VW5hYmxlIHRvIHByaW50Lg== + - key: ui_login_aup_text + value: + "WW91IGFyZSByZXNwb25zaWJsZSBmb3IgbWFpbnRhaW5pbmcgdGhlIGNvbmZpZGVudGlhbGl0eSBvZiB0aGUgcGFzc3dvcmQgYW5kIGFsb\ + CBhY3Rpdml0aWVzIHRoYXQgb2NjdXIgdW5kZXIgeW91ciB1c2VybmFtZSBhbmQgcGFzc3dvcmQuIENpc2NvIFN5c3RlbXMgb2ZmZXJzIHRoZSBTZXJ\ + 2aWNlIGZvciBhY3Rpdml0aWVzIHN1Y2ggYXMgdGhlIGFjdGl2ZSB1c2Ugb2YgZS1tYWlsLCBpbnN0YW50IG1lc3NhZ2luZywgYnJvd3NpbmcgdGhlI\ + FdvcmxkIFdpZGUgV2ViIGFuZCBhY2Nlc3NpbmcgY29ycG9yYXRlIGludHJhbmV0cy4gSGlnaCB2b2x1bWUgZGF0YSB0cmFuc2ZlcnMsIGVzcGVjaWF\ + sbHkgc3VzdGFpbmVkIGhpZ2ggdm9sdW1lIGRhdGEgdHJhbnNmZXJzLCBhcmUgbm90IHBlcm1pdHRlZC4gSG9zdGluZyBhIHdlYiBzZXJ2ZXIgb3IgY\ + W55IG90aGVyIHNlcnZlciBieSB1c2Ugb2Ygb3VyIFNlcnZpY2UgaXMgcHJvaGliaXRlZC4gVHJ5aW5nIHRvIGFjY2VzcyBzb21lb25lIGVsc2UncyB\ + hY2NvdW50LCBzZW5kaW5nIHVuc29saWNpdGVkIGJ1bGsgZS1tYWlsLCBjb2xsZWN0aW9uIG9mIG90aGVyIHBlb3BsZSdzIHBlcnNvbmFsIGRhdGEgd\ + 2l0aG91dCB0aGVpciBrbm93bGVkZ2UgYW5kIGludGVyZmVyZW5jZSB3aXRoIG90aGVyIG5ldHdvcmsgdXNlcnMgYXJlIGFsbCBwcm9oaWJpdGVkLiB\ + DaXNjbyBTeXN0ZW1zIHJlc2VydmVzIHRoZSByaWdodCB0byBzdXNwZW5kIHRoZSBTZXJ2aWNlIGlmIENpc2NvIFN5c3RlbXMgcmVhc29uYWJseSBiZ\ + WxpZXZlcyB0aGF0IHlvdXIgdXNlIG9mIHRoZSBTZXJ2aWNlIGlzIHVucmVhc29uYWJseSBleGNlc3NpdmUgb3IgeW91IGFyZSB1c2luZyB0aGUgU2V\ + ydmljZSBmb3IgY3JpbWluYWwgb3IgaWxsZWdhbCBhY3Rpdml0aWVzLiBZb3UgZG8gbm90IGhhdmUgdGhlIHJpZ2h0IHRvIHJlc2VsbCB0aGlzIFNlc\ + nZpY2UgdG8gYSB0aGlyZCBwYXJ0eS4gQ2lzY28gU3lzdGVtcyByZXNlcnZlcyB0aGUgcmlnaHQgdG8gcmV2aXNlLCBhbWVuZCBvciBtb2RpZnkgdGh\ + lc2UgVGVybXMgJiBDb25kaXRpb25zLCBvdXIgb3RoZXIgcG9saWNpZXMgYW5kIGFncmVlbWVudHMsIGFuZCBhc3BlY3RzIG9mIHRoZSBTZXJ2aWNlI\ + Gl0c2VsZi4gTm90aWNlIG9mIGFueSByZXZpc2lvbiwgYW1lbmRtZW50LCBvciBtb2RpZmljYXRpb24gd2lsbCBiZSBwb3N0ZWQgb24gQ2lzY28gU3l\ + zdGVtJ3Mgd2Vic2l0ZSBhbmQgd2lsbCBiZSBlZmZlY3RpdmUgYXMgdG8gZXhpc3RpbmcgdXNlcnMgMzAgZGF5cyBhZnRlciBwb3N0aW5nLg==" + - key: ui_changepwd_optional_content_2 + value: "" + - key: ui_deny_account_success_multi_message + value: U2VsZWN0ZWQgYWNjb3VudHMgZGVuaWVkIHN1Y2Nlc3NmdWxseS4= + - key: ui_email_address_label + value: RW1haWwgYWRkcmVzczo= + - key: ui_changepwd_optional_content_1 + value: "" + - key: ui_column_location_header + value: TG9jYXRpb24= + - key: ui_date_picker_short_day_wednesday + value: Vw== + - key: ui_extend_account_partial_failure_message + value: TnVtYmVyIG9mIGVycm9yczo= + - key: ui_approve_account_confirm_single_message + value: QXJlIHlvdSBzdXJlIHlvdSB3YW50IHRvIGFwcHJvdmUgdGhpcyBhY2NvdW50Pw== + - key: ui_create_random_partial_failure_message + value: TnVtYmVyIG9mIGVycm9yczo= + - key: ui_reset_password_account_total_failure_message + value: VW5hYmxlIHRvIHJlc2V0IHBhc3N3b3JkLg== + - key: ui_contact_failure_code_label + value: RmFpbHVyZSBjb2RlOg== + - key: ui_date_picker_month_november + value: Tm92ZW1iZXI= + - key: ui_field_phone_error + value: SW52YWxpZCBtb2JpbGUgbnVtYmVyIGZvcm1hdC4= + - key: ui_reinstate_account_cancel_button + value: Q2FuY2Vs + - key: ui_notification_language_label + value: TGFuZ3VhZ2U6 + - key: ui_column_sms_provider_header + value: U01TIFByb3ZpZGVy + - key: ui_suspend_account_instruction_message + value: "" + - key: ui_account_state_pending_approval_state_label + value: UGVuZGluZyBBcHByb3ZhbA== + - key: ui_reinstate_account_confirm_multi_message + value: QXJlIHlvdSBzdXJlIHlvdSB3YW50IHRvIHJlaW5zdGF0ZSB0aGUgc2VsZWN0ZWQgYWNjb3VudHM/ + - key: ui_notices_column_status_header + value: U3RhdHVz + - key: ui_deny_account_success_single_message + value: QWNjb3VudCBkZW5pZWQgc3VjY2Vzc2Z1bGx5Lg== + - key: ui_unit_thursday + value: VGh1cnNkYXk= + - key: ui_list_refresh_button + value: UmVmcmVzaA== + - key: ui_notify_import_ok_button + value: T2s= + - key: ui_column_password_header + value: UGFzc3dvcmQ= + - key: ui_create_known_confirm_multi_message + value: QXJlIHlvdSBzdXJlIHlvdSB3YW50IGNyZWF0ZSB0aGVzZSBhY2NvdW50cz8= + - key: ui_delete_notice_confirm_single_message + value: QXJlIHlvdSBzdXJlIHlvdSB3YW50IGRlbGV0ZSB0aGlzIG5vdGljZT8= + - key: ui_deny_account_partial_success_message + value: U29tZSBlcnJvcnMgb2NjdXJyZWQuIFRoZSBudW1iZXIgb2YgYWNjb3VudHMgc3VjY2Vzc2Z1bGx5IGRlbmllZDo= + - key: ui_account_state_suspended_state_label + value: U3VzcGVuZGVk + - key: ui_field_date_dmy_error + value: SW52YWxpZCBkYXRlIGZvcm1hdCAoZGQvbW0veXl5eSku + - key: ui_delete_notice_partial_failure_message + value: TnVtYmVyIG9mIGVycm9yczo= + - key: ui_email_account_confirm_single_message + value: QXJlIHlvdSBzdXJlIHlvdSB3YW50IHRvIGVtYWlsIHRoaXMgYWNjb3VudD8= + - key: ui_one_click_login_instruction + value: UGxlYXNlIGVudGVyIHlvdXIgY3JlZGVudGlhbHMgdG8gYXBwcm92ZSBvciBkZW55IHRoZSBndWVzdCBhY2NvdW50Lg== + - key: ui_notify_email_address_label + value: U3BvbnNvcidzIEVtYWlsIGFkZHJlc3M= + - key: ui_email_account_success_multi_message + value: U2VsZWN0ZWQgYWNjb3VudHMgZW1haWxlZCBzdWNjZXNzZnVsbHku + - key: ui_notices_empty_error + value: Tm8gbm90aWNlcyBhdCB0aGlzIG1vbWVudC4= + - key: ui_create_random_partial_success_message + value: U29tZSBlcnJvcnMgb2NjdXJyZWQuIFRoZSBudW1iZXIgb2YgcmFuZG9tIGFjY291bnRzIHN1Y2Nlc3NmdWxseSBjcmVhdGVkOg== + - key: ui_suspend_account_success_single_message + value: QWNjb3VudCBzdXNwZW5kZWQgc3VjY2Vzc2Z1bGx5Lg== + - key: ui_date_picker_short_day_thursday + value: VA== + - key: ui_login_optional_content_1 + value: "" + - key: ui_date_picker_title + value: U2V0IERhdGU= + - key: ui_suspend_account_total_failure_message + value: VW5hYmxlIHRvIHN1c3BlbmQgYWNjb3VudC4= + - key: ui_login_optional_content_2 + value: "" + - key: ui_reset_password_ok_button + value: T0s= + - key: ui_field_date_range_unlimited_error + value: VmFsaWQgZGF0ZXMgc3RhcnQgZnJvbSB7MH0= + - key: ui_one_click_guest_link_expired + value: TGluayBoYXMgZXhwaXJlZC4gUGxlYXNlIHNpZ24gb24gdG8gdGhlIHNwb25zb3IgcG9ydGFsIHRvIGFwcHJvdmUvZGVueSBndWVzdHMu + - key: ui_post_access_message + value: WW91IGNhbiBwcm92aWRlIG5ldHdvcmsgYWNjZXNzIHRvIG90aGVycy4gQmUgc3VyZSB0byBmb2xsb3cgeW91ciBjb21wYW55J3MgcG9saWNpZXMgZm9yIGRvaW5nIHNvLg== + - key: ui_extend_account_partial_success_message + value: U29tZSBlcnJvcnMgb2NjdXJyZWQuIFRoZSBudW1iZXIgb2YgYWNjb3VudHMgc3VjY2Vzc2Z1bGx5IGV4dGVuZGVkOg== + - key: ui_field_first_name_error + value: UGxlYXNlIGVudGVyIGEgdmFsaWQgZmlyc3QgbmFtZS4= + - key: ui_account_action_delete_button + value: RGVsZXRl + - key: ui_notify_import_send_summary_email_label + value: U2VuZCBtZSBhIHN1bW1hcnkgb2YgaW1wb3J0 + - key: ui_extend_account_ok_button + value: T2s= + - key: ui_login_password_label + value: UGFzc3dvcmQ6 + - key: ui_account_details_sponsor_label + value: U3BvbnNvcjo= + - key: ui_notify_random_done_button + value: RG9uZQ== + - key: ui_user_name_label + value: VXNlcm5hbWU6 + - key: ui_approve_account_ok_button + value: T0s= + - key: ui_create_import_select_file_label + value: U2VsZWN0IGZpbGU6 + - key: ui_reset_password_account_confirm_single_message + value: QXJlIHlvdSBzdXJlIHlvdSB3YW50IHRvIHJlc2V0IHRoZSBwYXNzd29yZCBmb3IgdGhpcyBhY2NvdW50Pw== + - key: ui_account_action_edit_button + value: RWRpdA== + - key: ui_contact_ip_address_label + value: SVAgYWRkcmVzczo= + - key: ui_password_label + value: UGFzc3dvcmQ6 + - key: ui_extend_account_success_multi_message + value: U2VsZWN0ZWQgYWNjb3VudHMgZXh0ZW5kZWQgc3VjY2Vzc2Z1bGx5Lg== + - key: ui_create_known_partial_success_message + value: U29tZSBlcnJvcnMgb2NjdXJyZWQuIFRoZSBudW1iZXIgb2YgYWNjb3VudHMgc3VjY2Vzc2Z1bGx5IGNyZWF0ZWQ6 + - key: ui_reset_password_notify_guests_label + value: U2VuZCBndWVzdCBub3RpZmljYXRpb24gdXNpbmc6 + - key: ui_resend_account_success_single_message + value: QWNjb3VudCByZXNlbnQgc3VjY2Vzc2Z1bGx5Lg== + - key: ui_create_random_success_single_message + value: UmFuZG9tIGFjY291bnQgY3JlYXRlZCBzdWNjZXNzZnVsbHku + - key: ui_delete_account_partial_failure_message + value: TnVtYmVyIG9mIGVycm9yczo= + - key: ui_approve_accounts_filter_label + value: UGVuZGluZyBhY2NvdW50cyBmb3VuZA== + - key: ui_delete_notice_partial_success_message + value: U29tZSBlcnJvcnMgb2NjdXJyZWQuIFRoZSBudW1iZXIgb2Ygbm90aWNlcyBzdWNjZXNzZnVsbHkgZGVsZXRlZDo= + - key: ui_post_access_optional_content_1 + value: "" + - key: ui_post_access_optional_content_2 + value: "" + - key: ui_sms_account_async_message + value: + "QmVjYXVzZSBhIGxhcmdlIG51bWJlciBvZiBhY2NvdW50cyB3ZXJlIHNlbGVjdGVkLCBhY2NvdW50cyB3aWxsIGJlIHRleH\ + RlZCBpbiB0aGUgYmFja2dyb3VuZC4gQ2hlY2sgTm90aWNlcyBmb3Igc3RhdHVzLg==" + - key: ui_create_known_success_multi_message + value: QWNjb3VudHMgY3JlYXRlZCBzdWNjZXNzZnVsbHku + - key: ui_date_picker_month_march + value: TWFyY2g= + - key: ui_create_import_partial_success_message + value: U29tZSBlcnJvcnMgb2NjdXJyZWQuIFRoZSBudW1iZXIgb2YgYWNjb3VudHMgc3VjY2Vzc2Z1bGx5IGltcG9ydGVkOg== + - key: ui_email_account_async_message + value: + "QmVjYXVzZSBhIGxhcmdlIG51bWJlciBvZiBhY2NvdW50cyB3ZXJlIHNlbGVjdGVkLCBhY2NvdW50cyB3aWxsIGJlIGVtY\ + WlsZWQgaW4gdGhlIGJhY2tncm91bmQuIENoZWNrIE5vdGljZXMgZm9yIHN0YXR1cy4=" + - key: ui_create_accounts_back_button + value: QmFjaw== + - key: ui_notify_import_cancel_button + value: Q2FuY2Vs + - key: ui_delete_notice_total_failure_message + value: VW5hYmxlIHRvIGRlbGV0ZSBub3RpY2VzLg== + - key: ui_delete_account_success_multi_message + value: U2VsZWN0ZWQgYWNjb3VudHMgZGVsZXRlZCBzdWNjZXNzZnVsbHku + - key: ui_notify_print_label + value: UHJpbnQ= + - key: ui_account_action_suspend_button + value: U3VzcGVuZA== + - key: ui_reinstate_account_partial_failure_message + value: TnVtYmVyIG9mIGVycm9yczo= + - key: ui_edit_accounts_cancel_button + value: Q2FuY2Vs + - key: ui_time_picker_title + value: Q2hvb3NlIFRpbWU= + - key: ui_notices_action_random_label + value: Q3JlYXRlIFJhbmRvbSBBY2NvdW50cw== + - key: ui_from_time_label + value: RnJvbSB0aW1lOg== + - key: ui_create_accounts_guest_type_access_limit_label + value: TWF4aW11bSBhY2Nlc3MgZHVyYXRpb246 + - key: ui_changepwd_confirmpwd_label + value: Q29uZmlybSBwYXNzd29yZDo= + - key: ui_field_min_error + value: RmllbGQgdmFsdWUgY2Fubm90IGJlIGxlc3MgdGhhbiB7MH0= + - key: ui_create_import_confirm_single_message + value: QXJlIHlvdSBzdXJlIHlvdSB3YW50IGltcG9ydCB0aGlzIGFjY291bnQ/ + - key: ui_create_random_success_multi_message + value: UmFuZG9tIGFjY291bnRzIGNyZWF0ZWQgc3VjY2Vzc2Z1bGx5Lg== + - key: ui_unit_hours + value: aG91cnM= + - key: ui_print_account_confirm_multi_message + value: QXJlIHlvdSBzdXJlIHlvdSB3YW50IHRvIHByaW50IHRoZSBzZWxlY3RlZCBhY2NvdW50cz8= + - key: ui_footer_label + value: "" + - key: ui_login_instruction_message + value: + "VXNlIHRoZSBTcG9uc29yIHBvcnRhbCB0byBtYW5hZ2UgZ3Vlc3QgYWNjb3VudHMuIFNpZ24gb24gd2l0aCB5b3VyIHVzZXJuY\ + W1lIGFuZCBwYXNzd29yZCBhZnRlciB2ZXJpZnlpbmcgdGhhdCB5b3UgYWdyZWUgdG8gdGhlIHRlcm1zIGFuZCBjb25kaXRpb25zLCBpZiByZXF1aXJlZC4=" + - key: ui_one_click_login_to_other_portals + value: + "VHJ5IHJlLWVudGVyaW5nIHlvdXIgY3JlZGVudGlhbHMgb3IgbG9nZ2luZyBpbiB0byB0aGUgc3BvbnNvciBwb3J0YWwgeW91IHVzd\ + WFsbHkgdXNlIHRvIG1hbnVhbGx5IGFwcHJvdmUgb3IgZGVueSBhIGd1ZXN0IGFjY291bnQu" + - key: ui_sms_account_confirm_multi_message + value: QXJlIHlvdSBzdXJlIHlvdSB3YW50IHRvIHRleHQgdGhlIHNlbGVjdGVkIGFjY291bnRzPw== + - key: ui_post_access_page_title + value: UG9zdCBBY2Nlc3M= + - key: ui_contact_page_title + value: Q29udGFjdCBJbmZvcm1hdGlvbg== + - key: ui_notify_guests_delivery_label + value: RGVsaXZlciBub3RpZmljYXRpb24gdXNpbmc6 + - key: ui_suspend_account_success_multi_message + value: U2VsZWN0ZWQgYWNjb3VudHMgc3VzcGVuZGVkIHN1Y2Nlc3NmdWxseS4= + - key: ui_guest_type_label + value: R3Vlc3QgdHlwZTo= + - key: ui_delete_notice_confirm_multi_message + value: QXJlIHlvdSBzdXJlIHlvdSB3YW50IGRlbGV0ZSB0aGUgc2VsZWN0ZWQgbm90aWNlcz8= + - key: ui_unit_friday + value: RnJpZGF5 + - key: ui_account_state_expired_state_label + value: RXhwaXJlZA== + - key: ui_login_aup_agreement_label + value: QWdyZWUgdG8= + - key: ui_create_accounts_next_button + value: TmV4dA== + - key: ui_reinstate_account_ok_button + value: T2s= + - key: ui_menu_home_button + value: SG9tZQ== + - key: ui_notices_column_accounts_num_header + value: TnVtYmVyIG9mIEFjY291bnRz + - key: ui_login_change_password_button + value: SSB3YW50IHRvIGNoYW5nZSBteSBwYXNzd29yZCBhZnRlciBsb2dpbg== + - key: ui_notices_column_start_time_header + value: U3RhcnQ= + - key: ui_extend_account_confirm_single_message + value: QXJlIHlvdSBzdXJlIHlvdSB3YW50IGV4dGVuZCB0aGlzIGFjY291bnQ/ + - key: ui_login_content_label + value: U2lnbiBPbg== + - key: ui_email_account_partial_failure_message + value: TnVtYmVyIG9mIGVycm9yczo= + - key: ui_aup_page_title + value: QWNjZXB0YWJsZSBVc2UgUG9saWN5 + - key: ui_column_ssid_header + value: U1NJRA== + - key: ui_changepwd_policy_help_label + value: UGFzc3dvcmRzIG11c3QgYmUgOCBjaGFyYWN0ZXJzIGFuZCBjb250YWluIGEgbGV0dGVyIGFuZCBudW1iZXIu + - key: ui_deny_account_confirm_multi_message + value: QXJlIHlvdSBzdXJlIHlvdSB3YW50IHRvIGRlbnkgYWNjZXNzIGZvciB0aGUgc2VsZWN0ZWQgYWNjb3VudHM/ + - key: ui_approve_account_success_multi_message + value: U2VsZWN0ZWQgYWNjb3VudHMgYXBwcm92ZWQgc3VjY2Vzc2Z1bGx5Lg== + - key: ui_print_account_partial_success_message + value: U29tZSBlcnJvcnMgb2NjdXJyZWQuIFRoZSBudW1iZXIgb2YgYWNjb3VudHMgc3VjY2Vzc2Z1bGx5IHByaW50ZWQ6 + - key: ui_delete_account_success_single_message + value: QWNjb3VudCBkZWxldGVkIHN1Y2Nlc3NmdWxseS4= + - key: ui_list_sort_by_label + value: U29ydCBieTo= + - key: ui_sms_account_confirm_single_message + value: QXJlIHlvdSBzdXJlIHlvdSB3YW50IHRvIHRleHQgdGhpcyBhY2NvdW50Pw== + - key: ui_aup_optional_content_2 + value: "" + - key: ui_column_person_visited_header + value: UGVyc29uIEJlaW5nIFZpc2l0ZWQ= + - key: ui_reinstate_account_confirm_single_message + value: QXJlIHlvdSBzdXJlIHlvdSB3YW50IHRvIHJlaW5zdGF0ZSB0aGlzIGFjY291bnQ/ + - key: ui_contact_mac_address_label + value: TUFDIGFkZHJlc3M6 + - key: ui_aup_optional_content_1 + value: "" + - key: ui_error_instruction_message + value: "" + - key: ui_from_date_label + value: RnJvbSBkYXRlICh5eXl5LW1tLWRkKTo= + - key: ui_column_expiration_date_header + value: RXhwaXJhdGlvbiBEYXRl + - key: ui_date_picker_month_october + value: T2N0b2Jlcg== + - key: ui_contact_title_label + value: Q29udGFjdCBJbmZvcm1hdGlvbg== + - key: ui_column_group_tag_header + value: R3JvdXAgVGFn + - key: ui_resend_account_ok_button + value: T0s= + - key: ui_unit_days_symbol + value: RA== + - key: ui_print_account_confirm_single_message + value: QXJlIHlvdSBzdXJlIHlvdSB3YW50IHRvIHByaW50IHRoaXMgYWNjb3VudD8= + - key: ui_column_account_state_header + value: U3RhdGU= + - key: ui_sms_account_partial_failure_message + value: TnVtYmVyIG9mIGVycm9yczo= + - key: ui_changepwd_instruction_message + value: WW91IGFyZSByZXF1aXJlZCB0byBjaGFuZ2UgeW91ciBwYXNzd29yZCBub3cuIFBsZWFzZSBlbnRlciBhIG5ldyBwYXNzd29yZC4= + - key: ui_unit_hours_symbol + value: SA== + - key: ui_field_last_name_error + value: UGxlYXNlIGVudGVyIGEgdmFsaWQgbGFzdCBuYW1lLg== + - key: ui_create_accounts_aup_link + value: VGVybXMgYW5kIENvbmRpdGlvbnM= + - key: ui_account_details_suspension_reason_label + value: UmVhc29uIGZvciBzdXNwZW5zaW9uOg== + - key: ui_no_user_error + value: VXNlciBkb2Vzbid0IGV4aXN0Lg== + - key: ui_create_accounts_access_info_location_label + value: TG9jYXRpb246 + - key: ui_reinstate_account_total_failure_message + value: VW5hYmxlIHRvIHJlaW5zdGF0ZSBhY2NvdW50Lg== + - key: ui_reset_password_account_success_single_message + value: QWNjb3VudCBwYXNzd29yZCByZXNldCBzdWNjZXNzZnVsbHku + - key: ui_create_accounts_access_info_hours_label + value: SG91cnM= + - key: ui_notify_known_notify_button + value: Tm90aWZ5 + - key: ui_create_import_confirm_multi_message + value: QXJlIHlvdSBzdXJlIHlvdSB3YW50IGltcG9ydCB0aGVzZSBhY2NvdW50cz8= + - key: ui_home_page_title + value: U3BvbnNvciBIb21l + - key: ui_notify_known_auto_notify_text + value: R3Vlc3Qgbm90aWZpY2F0aW9ucyBhcmUgc2VudCBhdXRvbWF0aWNhbGx5 + - key: ui_unit_pm + value: UE0= + - key: ui_reason_visit_label + value: UmVhc29uIGZvciB2aXNpdDo= + - key: ui_approve_accounts_content_label + value: UGVuZGluZyBBY2NvdW50cw== + - key: ui_column_notification_language_header + value: TGFuZ3VhZ2U= + - key: ui_column_guest_type_header + value: R3Vlc3QgVHlwZQ== + - key: ui_aup_instruction_message + value: UGxlYXNlIHJlYWQgdGhlIEFjY2VwdGFibGUgVXNlIFBvbGljeS4= + - key: ui_reset_password_account_success_multi_message + value: U2VsZWN0ZWQgYWNjb3VudHMgcGFzc3dvcmQgcmVzZXQgc3VjY2Vzc2Z1bGx5Lg== + - key: ui_unit_am + value: QU0= + - key: ui_resend_account_total_failure_message + value: VW5hYmxlIHRvIHJlc2VuZCBpbmZvcm1hdGlvbi4= + - key: ui_unit_saturday + value: U2F0dXJkYXk= + - key: ui_portal_label + value: UG9ydGFsIE5hbWU= + - key: ui_notify_known_cancel_button + value: Q2FuY2Vs + - key: ui_print_account_success_single_message + value: QWNjb3VudCBwcmludGVkIHN1Y2Nlc3NmdWxseS4= + - key: ui_create_random_confirm_multi_message + value: QXJlIHlvdSBzdXJlIHlvdSB3YW50IGNyZWF0ZSB0aGVzZSByYW5kb20gYWNjb3VudHM/ + - key: ui_account_action_print_button + value: UHJpbnQ= + - key: ui_edit_accounts_save_button + value: U2F2ZQ== + - key: ui_reset_password_account_confirm_multi_message + value: QXJlIHlvdSBzdXJlIHlvdSB3YW50IHRvIHJlc2V0IHRoZSBwYXNzd29yZCBmb3IgdGhlIHNlbGVjdGVkIGFjY291bnRzPw== + - key: ui_home_instruction_message + value: Q3JlYXRlLCBtYW5hZ2UsIGFuZCBhcHByb3ZlIGd1ZXN0IGFjY291bnRzLg== + - key: ui_column_reason_visit_header + value: UmVhc29uIGZvciBWaXNpdA== + - key: ui_guest_duration_error + value: VGhlIHBlcmlvZCBiZXR3ZWVuIHN0YXJ0IGFuZCBlbmQgZGF0ZSBleGNlZWRzIG1heGltdW0gZHVyYXRpb24gY29uZmlndXJlZCBvbiBndWVzdCB0eXBlLg== + - key: ui_notices_action_sms_label + value: VGV4dCBHdWVzdHM= + - key: ui_create_accounts_guest_type_device_limit_label + value: TWF4aW11bSBkZXZpY2VzIHRoYXQgY2FuIGJlIGNvbm5lY3RlZDo= + - key: ui_create_accounts_access_info_to_time_label + value: VG8gVGltZQ== + - key: ui_time_left_label + value: VGltZSBsZWZ0Og== + - key: ui_user_last_login_pass_time_label + value: TGFzdCBMb2dpbjo= + - key: ui_email_account_confirm_multi_message + value: QXJlIHlvdSBzdXJlIHlvdSB3YW50IHRvIGVtYWlsIHRoZSBzZWxlY3RlZCBhY2NvdW50cz8= + - key: ui_create_random_prefix_label + value: VXNlcm5hbWUgcHJlZml4Og== + - key: ui_approve_account_total_failure_message + value: VW5hYmxlIHRvIGFwcHJvdmUgYWNjb3VudC4= + - key: ui_manage_accounts_content_label + value: TWFuYWdlIEFjY291bnRz + - key: ui_notify_content_label + value: QWNjb3VudCBJbmZvcm1hdGlvbg== + - key: ui_login_signon_button + value: U2lnbiBPbg== + - key: ui_delete_notice_async_message + value: + "QmVjYXVzZSBhIGxhcmdlIGFtb3VudCBvZiBub3RpY2VzIHdlcmUgc2VsZWN0ZWQuIE5vdGljZX\ + Mgd2lsbCBiZSBkZWxldGVkIGluIHRoZSBiYWNrZ3JvdW5kLiBDaGVjayBOb3RpY2VzIGZvciBzdGF0dXMu" + - key: ui_error_page_title + value: RXJyb3I= + - key: ui_create_import_total_failure_message_suffix + value: VGhlIGltcG9ydCBmaWxlIG1heSBjb250YWluIGFkZGl0aW9uYWwgZXJyb3JzLCBidXQgdGhlIGltcG9ydCBvcGVyYXRpb24gZGlkIG5vdCByZWFkIHBhc3QgdGhpcyBsaW5lLg== + - key: ui_approve_account_cancel_button + value: Q2FuY2Vs + - key: ui_contact_sessioninfo_text + value: VGhlIGZvbGxvd2luZyBpbmZvcm1hdGlvbiBtaWdodCBiZSB1c2VmdWwgdG8gdGhlIEhlbHAgRGVzayByZXByZXNlbnRhdGl2ZSB3aG8gYXNzaXN0cyB5b3Uu + - key: ui_column_creation_date_header + value: Q3JlYXRpb24gRGF0ZQ== + - key: ui_home_title_label + value: U3BvbnNvciBQb3J0YWw= + - key: ui_edit_accounts_content_label + value: RWRpdCBBY2NvdW50 + - key: ui_date_picker_month_april + value: QXByaWw= + - key: ui_email_account_total_failure_message + value: VW5hYmxlIHRvIHNlbmQgZW1haWwu + - key: ui_notices_action_print_label + value: Q3JlYXRlIFByaW50IEpvYg== + - key: ui_column_last_name_header + value: TGFzdCBOYW1l + - key: ui_create_import_success_single_message + value: QWNjb3VudCBpbXBvcnRlZCBzdWNjZXNzZnVsbHku + - key: ui_create_import_async_message + value: QWNjb3VudCBpbXBvcnRpbmcgd2lsbCBiZSBwcm9jZXNzZWQgaW4gdGhlIGJhY2tncm91bmQuIENoZWNrIE5vdGljZXMgZm9yIHN0YXR1cy4= + - key: ui_extend_account_success_single_message + value: QWNjb3VudCBleHRlbmRlZCBzdWNjZXNzZnVsbHku + - key: ui_unit_minutes_symbol + value: TQ== + - key: ui_notify_sms_label + value: U01T + - key: ui_extend_account_cancel_button + value: Q2FuY2Vs + - key: ui_unit_days + value: ZGF5cw== + - key: ui_create_import_tab_label + value: SW1wb3J0 + - key: ui_to_label + value: VG86 + - key: ui_changepwd_currentpwd_label + value: Q3VycmVudCBwYXNzd29yZDo= + - key: ui_column_time_left_header + value: VGltZSBMZWZ0 + - key: ui_account_action_approve_button + value: QXBwcm92ZQ== + - key: ui_create_known_instruction_message + value: "" + - key: ui_create_known_confirm_single_message + value: QXJlIHlvdSBzdXJlIHlvdSB3YW50IGNyZWF0ZSB0aGlzIGFjY291bnQ/ + - key: ui_reinstate_account_async_message + value: + "QmVjYXVzZSBhIGxhcmdlIGFtb3VudCBvZiBhY2NvdW50cyB3ZXJlIHNlbGVjdGVkLCBhY2NvdW50c\ + yB3aWxsIGJlIHJlaW5zdGF0ZWQgaW4gdGhlIGJhY2tncm91bmQuIENoZWNrIE5vdGljZXMgZm9yIHN0YXR1cy4=" + - key: ui_date_picker_month_december + value: RGVjZW1iZXI= + - key: ui_notify_import_accounts_showing_label + value: U2hvd2luZzog + - key: ui_one_click_guest_link_invalid + value: TGluayBpcyBpbnZhbGlkLiBQbGVhc2Ugc2lnbiBvbiB0byB0aGUgc3BvbnNvciBwb3J0YWwgdG8gYXBwcm92ZS9kZW55IGd1ZXN0cy4= + - key: ui_date_picker_calendar_header_format + value: JUIgJVk= + - key: ui_resend_account_async_message + value: + "QmVjYXVzZSBhIGxhcmdlIGFtb3VudCBvZiBhY2NvdW50cyB3ZXJlIHNlbGVjdGVkLCBhY2NvdW50cyB3a\ + WxsIGJlIHJlc2VudCBpbiB0aGUgYmFja2dyb3VuZC4gQ2hlY2sgTm90aWNlcyBmb3Igc3RhdHVzLg==" + - key: ui_field_email_error + value: RW50ZXIgYSB2YWxpZCBlbWFpbCBhZGRyZXNzLg== + - key: ui_suspend_account_reason_label + value: UmVhc29uIGZvciBzdXNwZW5zaW9uOg== + - key: ui_creation_date_label + value: Q3JlYXRpb24gZGF0ZTo= + - key: ui_field_date_range_limited_error + value: VmFsaWQgZGF0ZXMgYXJlIHswfSB0byB7MX0= + - key: ui_date_picker_short_day_tuesday + value: VA== + - key: ui_menu_switch_mobile_button + value: U3dpdGNoIHRvIG1vYmlsZSBtb2Rl + - key: ui_suspend_account_partial_failure_message + value: TnVtYmVyIG9mIGVycm9yczo= + - key: ui_deny_account_async_message + value: + "QmVjYXVzZSBhIGxhcmdlIGFtb3VudCBvZiBhY2NvdW50cyB3ZXJlIHNlbGVjdGVkLCBhY2NvdW50\ + cyB3aWxsIGJlIGRlbmllZCBpbiB0aGUgYmFja2dyb3VuZC4gQ2hlY2sgTm90aWNlcyBmb3Igc3RhdHVzLg==" + - key: ui_person_visited_label + value: UGVyc29uIGJlaW5nIHZpc2l0ZWQgKGVtYWlsKTo= + - key: ui_create_import_success_multi_message + value: QWNjb3VudHMgaW1wb3J0ZWQgc3VjY2Vzc2Z1bGx5Lg== + - key: ui_changepwd_newpwd_label + value: TmV3IHBhc3N3b3JkOg== + - key: ui_column_guest_location_header + value: TG9jYXRpb24= + - key: ui_field_digit_error + value: RW50ZXIgYSB2YWxpZCBudW1iZXIu + - key: ui_date_picker_short_day_sunday + value: Uw== + - key: ui_create_accounts_guest_info_content_label + value: R3Vlc3QgSW5mb3JtYXRpb24= + - key: ui_unit_minutes + value: bWludXRlcw== + - key: ui_account_action_extend_button + value: RXh0ZW5k + - key: ui_account_details_account_state_label + value: U3RhdGU6 + - key: ui_from_label + value: RnJvbQ== + - key: ui_extend_account_instruction_message + value: "" + - key: ui_account_details_done_button + value: RG9uZQ== + - key: ui_unit_tuesday + value: VHVlc2RheQ== + - key: ui_notify_import_auto_notify_text + value: R3Vlc3Qgbm90aWZpY2F0aW9ucyBhcmUgc2VudCBhdXRvbWF0aWNhbGx5 + - key: ui_company_label + value: Q29tcGFueTo= + - key: ui_date_picker_month_january + value: SmFudWFyeQ== + - key: ui_sms_account_total_failure_message + value: VW5hYmxlIHRvIHNlbmQgdGV4dC4= + - key: ui_delete_account_partial_success_message + value: U29tZSBlcnJvcnMgb2NjdXJyZWQuIFRoZSBudW1iZXIgb2YgYWNjb3VudHMgc3VjY2Vzc2Z1bGx5IGRlbGV0ZWQ6 + - key: ui_delete_account_ok_button + value: T0s= + - key: ui_notify_random_accounts_created_label + value: QWNjb3VudHMgY3JlYXRlZDog + - key: ui_notices_delete_button + value: RGVsZXRlIE5vdGljZQ== + - key: ui_create_known_tab_label + value: S25vd24= + - key: ui_extend_account_confirm_multi_message + value: QXJlIHlvdSBzdXJlIHlvdSB3YW50IGV4dGVuZCB0aGUgc2VsZWN0ZWQgYWNjb3VudHM/ + - key: ui_create_accounts_access_info_to_date_label + value: VG8gRGF0ZSAoeXl5eS1tbS1kZCk= + - key: ui_time_picker_button + value: U2V0IFRpbWU= + - key: ui_post_access_continue_button + value: Q29udGludWU= + - key: ui_javascript_disabled_message + value: WW91IG11c3QgdHVybiBvbiBKYXZhU2NyaXB0IHRvIHVzZSB0aGlzIHdlYiBzaXRlLg== + - key: ui_field_date_ymd_error + value: SW52YWxpZCBkYXRlIGZvcm1hdCAoeXl5eS1tbS1kZCku + - key: ui_create_import_download_template_link + value: RG93bmxvYWQgVGVtcGxhdGU= + - key: ui_contact_policy_server_label + value: UG9saWN5IHNlcnZlcjo= + - key: ui_prefix_mismatch_policy_error + value: UHJlZml4IGRpZCBub3QgbWF0Y2ggVXNlcm5hbWUgUG9saWN5 + - key: ui_column_company_header + value: Q29tcGFueQ== + - key: ui_notify_import_accounts_created_label + value: QWNjb3VudHMgY3JlYXRlZDog + - key: ui_date_picker_month_september + value: U2VwdGVtYmVy + - key: ui_reset_password_account_async_message + value: + "QmVjYXVzZSBhIGxhcmdlIGFtb3VudCBvZiBhY2NvdW50cyB3ZXJlIHNlbGVjdGVkLCBhY2NvdW50cyB3\ + aWxsIGJlIHBhc3N3b3JkIHJlc2V0IGluIHRoZSBiYWNrZ3JvdW5kLiBDaGVjayBOb3RpY2VzIGZvciBzdGF0dXMu" + - key: ui_delete_account_total_failure_message + value: VW5hYmxlIHRvIGRlbGV0ZSBhY2NvdW50Lg== + - key: ui_create_accounts_create_button + value: Q3JlYXRl + - key: ui_contact_helpdesk_title + value: SGVscCBEZXNrIEluZm9ybWF0aW9u + - key: ui_notify_known_done_button + value: RG9uZQ== + - key: ui_notices_done_button + value: RG9uZQ== + - key: ui_phone_number_label + value: TW9iaWxlIG51bWJlcjo= + - key: ui_column_email_address_header + value: RW1haWwgQWRkcmVzcw== + - key: ui_deny_account_total_failure_message + value: VW5hYmxlIHRvIGRlbnkgYWNjb3VudC4= + - key: ui_email_mismatch_policy_error + value: RW1haWwgZGlkIG5vdCBtYXRjaCBVc2VybmFtZSBQb2xpY3k= + - key: ui_aup_decline_button + value: RGVjbGluZQ== + - key: ui_changepwd_username_label + value: VXNlcm5hbWU6 + - key: ui_notify_random_accounts_showing_label + value: U2hvd2luZzog + - key: ui_notices_content_label + value: Tm90aWNlcw== + - key: ui_account_action_deny_button + value: RGVueQ== + - key: ui_delete_account_confirm_single_message + value: QXJlIHlvdSBzdXJlIHlvdSB3YW50IHRvIGRlbGV0ZSB0aGlzIGFjY291bnQ/ + - key: ui_field_max_error + value: RmllbGQgdmFsdWUgY2Fubm90IGJlIGdyZWF0ZXIgdGhhbiB7MH0= + - key: ui_contact_message + value: Q29udGFjdCBJbmZvcm1hdGlvbg== + - key: ui_approve_account_partial_success_message + value: U29tZSBlcnJvcnMgb2NjdXJyZWQuIFRoZSBudW1iZXIgb2YgYWNjb3VudHMgc3VjY2Vzc2Z1bGx5IGFwcHJvdmVkOg== + - key: ui_create_accounts_guest_type_content_label + value: R3Vlc3QgdHlwZTo= + - key: ui_unit_monday + value: TW9uZGF5 + - key: ui_create_accounts_access_info_ssid_label + value: U1NJRDo= + - key: ui_invalid_input_error + value: SW52YWxpZCBpbnB1dC4= + - key: ui_banner_label + value: U3BvbnNvciBQb3J0YWw= + - key: ui_date_label + value: RGF0ZTo= + - key: ui_create_import_instruction_message + value: Q2xpY2sgdG8gZG93bmxvYWQgdGhlIGltcG9ydCB0ZW1wbGF0ZSBmaWxlLg== + - key: ui_create_random_confirm_single_message + value: QXJlIHlvdSBzdXJlIHlvdSB3YW50IGNyZWF0ZSB0aGlzIHJhbmRvbSBhY2NvdW50Pw== + - key: ui_firstname_mismatch_policy_error + value: Rmlyc3ROYW1lIGRpZCBub3QgbWF0Y2ggVXNlcm5hbWUgUG9saWN5 + - key: ui_date_picker_short_day_saturday + value: Uw== + register: result + + - name: Print result + ansible.builtin.debug: + var: result diff --git a/ansible_collections/cisco/ise/playbooks/support_bundle.yml b/ansible_collections/cisco/ise/playbooks/support_bundle.yml new file mode 100644 index 000000000..9568bfd0e --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/support_bundle.yml @@ -0,0 +1,57 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + # - name: Create or update an support_bundle + # cisco.ise.support_bundle: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # name: supportBundle + # description: Support Bundle Generation + # hostName: ise + # supportBundleIncludeOptions: + # includeConfigDB: true + # includeDebugLogs: true + # includeLocalLogs: true + # includeCoreFiles: true + # mntLogs: true + # includeSystemLogs: true + # policyXml: true + # fromDate: 07/19/2021 + # toDate: 07/20/2021 + # register: result + + - name: Support bundle status + cisco.ise.support_bundle_status_info: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + id: ise + register: support_bundle_status_result + + - name: Print result + ansible.builtin.debug: + var: support_bundle_status_result + + - name: Support bundle download + cisco.ise.support_bundle_download: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + dirPath: /Users/wilhelm32/Downloads/result/ + fileName: "{{ support_bundle_status_result['ise_response']['fileName']}}" + saveFile: true + when: + - support_bundle_status_result['ise_response'] is defined + - support_bundle_status_result['ise_response']['status'] == "complete" + - support_bundle_status_result['ise_response']['fileName'] + register: support_bundle_download_result + + - name: Print support_bundle_download_result + ansible.builtin.debug: + var: support_bundle_status_result + when: support_bundle_download_result diff --git a/ansible_collections/cisco/ise/playbooks/system_certificate.yml b/ansible_collections/cisco/ise/playbooks/system_certificate.yml new file mode 100644 index 000000000..9986d0ecf --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/system_certificate.yml @@ -0,0 +1,67 @@ +--- +- hosts: ise_servers + gather_facts: false + tasks: + # - name: Get all + # cisco.ise.system_certificate_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # register: result + + # - name: Print all + # ansible.builtin.debug: + # var: result + + # - name: Get by id + # cisco.ise.system_certificate_info: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # id: d704e911-a916-11eb-8830-2ec507028ea8 + # register: result + + - name: Get System Certificate by name + cisco.ise.system_certificate_info: + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + ise_debug: "{{ ise_debug }}" + hostName: ise + register: result + + - name: Print result + ansible.builtin.debug: + var: result + + # - name: Update a system_certificate + # cisco.ise.system_certificate: + # ise_hostname: "{{ ise_hostname }}" + # ise_username: "{{ ise_username }}" + # ise_password: "{{ ise_password }}" + # ise_verify: "{{ ise_verify }}" + # state: present + # admin: false + # allowReplacementOfPortalGroupTag: false + # description: ISE + # eap: false + # expirationTTLPeriod: 5 + # expirationTTLUnits: years + # hostName: ise + # ims: false + # name: OU=Certificate Services System Certificate,CN=ise.securitydemo.net#Certificate + # Services Endpoint Sub CA - ise#00002 + # portal: false + # portalGroupTag: Default Portal Certificate Group + # pxgrid: false + # radius: false + # renewSelfSignedCertificate: false + # saml: false + # register: result + + # - name: Print result + # ansible.builtin.debug: + # var: result diff --git a/ansible_collections/cisco/ise/playbooks/trustsec_nbarapp.yml b/ansible_collections/cisco/ise/playbooks/trustsec_nbarapp.yml new file mode 100644 index 000000000..98937292c --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/trustsec_nbarapp.yml @@ -0,0 +1,106 @@ +--- +- hosts: ise_servers + gather_facts: false + + vars: + ise_login: &ise_login + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + ise_debug: "{{ ise_debug }}" + + tasks: + # - name: '[Get Nbar Apps]' + # cisco.ise.trustsec_nbar_app_info: + # <<: *ise_login + # page: 1 + # size: 100 + # register: nbar_app_all + + # - name: '[Print Nbar Apps]' + # ansible.builtin.debug: + # var: nbar_app_all + + - name: Get Nbar App filtered by name + cisco.ise.trustsec_nbar_app_info: + <<: *ise_login + filter: name.EQ.hyperwave-isp + register: nbar_app_filtered + + - name: Get Nbar App by id + cisco.ise.trustsec_nbar_app_info: + <<: *ise_login + id: "{{ nbar_app_filtered.ise_responses[0].id }}" + when: + - nbar_app_filtered is defined + - nbar_app_filtered.ise_responses is defined + - nbar_app_filtered.ise_responses | length > 0 + register: nbar_app_by_id + + - name: Print Nbar App by id + ansible.builtin.debug: + var: nbar_app_by_id + + - name: Create Nbar App duplicate + cisco.ise.trustsec_nbar_app: + <<: *ise_login + state: present + name: "{{ nbar_app_by_id.ise_response[0].name}}-2" + description: "{{ nbar_app_by_id.ise_response[0].description|int + 1 }}" + networkIdentities: + - ports: "{{ nbar_app_by_id.ise_response[0].networkIdentities[0].ports|int +1 }}" + protocol: "{{ nbar_app_by_id.ise_response[0].networkIdentities[0].protocol }}" + - ports: "{{ nbar_app_by_id.ise_response[0].networkIdentities[1].ports|int +1 }}" + protocol: "{{ nbar_app_by_id.ise_response[0].networkIdentities[1].protocol }}" + when: + - nbar_app_by_id is defined + - nbar_app_by_id.ise_response is defined + - nbar_app_by_id.ise_response | length == 1 + register: nbar_app_manage + + - name: Print Create Nbar + ansible.builtin.debug: + var: nbar_app_manage + + - name: Update Nbar App duplicate + cisco.ise.trustsec_nbar_app: + <<: *ise_login + state: present + name: "{{ nbar_app_by_id.ise_response[0].name}}-2" + description: "{{ nbar_app_by_id.ise_response[0].description|int + 1 }}" + networkIdentities: + - ports: "{{ nbar_app_by_id.ise_response[0].networkIdentities[0].ports|int +2 }}" + protocol: "{{ nbar_app_by_id.ise_response[0].networkIdentities[0].protocol }}" + - ports: "{{ nbar_app_by_id.ise_response[0].networkIdentities[1].ports|int +2 }}" + protocol: "{{ nbar_app_by_id.ise_response[0].networkIdentities[1].protocol }}" + when: + - nbar_app_by_id is defined + - nbar_app_by_id.ise_response is defined + - nbar_app_by_id.ise_response | length == 1 + register: nbar_app_manage + + - name: Print Update Nbar + ansible.builtin.debug: + var: nbar_app_manage + + - name: Delete Nbar App duplicate + cisco.ise.trustsec_nbar_app: + <<: *ise_login + state: absent + name: "{{ nbar_app_by_id.ise_response[0].name}}-2" + description: "{{ nbar_app_by_id.ise_response[0].description|int + 1 }}" + networkIdentities: + - ports: "{{ nbar_app_by_id.ise_response[0].networkIdentities[0].ports|int +1 }}" + protocol: "{{ nbar_app_by_id.ise_response[0].networkIdentities[0].protocol }}" + - ports: "{{ nbar_app_by_id.ise_response[0].networkIdentities[1].ports|int +1 }}" + protocol: "{{ nbar_app_by_id.ise_response[0].networkIdentities[1].protocol }}" + when: + - nbar_app_by_id is defined + - nbar_app_by_id.ise_response is defined + - nbar_app_by_id.ise_response | length == 1 + register: nbar_app_manage + + - name: "Print Delete Nbar" + ansible.builtin.debug: + var: nbar_app_manage diff --git a/ansible_collections/cisco/ise/playbooks/trustsec_sg_vn_mapping.yml b/ansible_collections/cisco/ise/playbooks/trustsec_sg_vn_mapping.yml new file mode 100644 index 000000000..8dba781d8 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/trustsec_sg_vn_mapping.yml @@ -0,0 +1,81 @@ +--- +- hosts: ise_servers + gather_facts: false + + vars: + ise_login: &ise_login + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + ise_debug: "{{ ise_debug }}" + + tasks: + - name: "Create VN 1" + cisco.ise.trustsec_vn: + <<: *ise_login + state: present + name: vn1 + additionalAttributes: '{"Created": "1616961914"}' + register: vn_manage + - name: "Create VN 2" + cisco.ise.trustsec_vn: + <<: *ise_login + state: present + name: vn2 + additionalAttributes: '{"Created": "1616961914"}' + register: vn_manage + + - name: "Create SG_VN_Mapping" + cisco.ise.trustsec_sg_vn_mapping: + <<: *ise_login + state: present + sgName: BYOD + vnName: vn1 + register: sg_vn_mapping_manage + + - name: "Print Create sg_vn_mapping_manage" + ansible.builtin.debug: + var: sg_vn_mapping_manage + + - name: "Get SG_VN_Mapping filtered" + cisco.ise.trustsec_sg_vn_mapping_info: + <<: *ise_login + filter: vnName.EQ.vn1,sgName.EQ.BYOD + register: sg_vn_mapping_filtered + + - name: "Print Get SG_VN_Mapping filtered" + ansible.builtin.debug: + var: sg_vn_mapping_filtered + + - name: "Delete SG_VN_Mapping" + cisco.ise.trustsec_sg_vn_mapping: + <<: *ise_login + state: absent + sgName: BYOD + vnName: vn1 + # id: "{{ sg_vn_mapping_filtered.ise_response[0].id }}" + when: + - sg_vn_mapping_filtered is defined + - sg_vn_mapping_filtered.ise_response is defined + - sg_vn_mapping_filtered.ise_response | length > 0 + register: sg_vn_mapping_manage + - name: "Print Delete sg_vn_mapping_manage" + ansible.builtin.debug: + var: sg_vn_mapping_manage + + - name: "Delete VN 1" + cisco.ise.trustsec_vn: + <<: *ise_login + state: absent + name: vn1 + additionalAttributes: '{"Created": "1616961914"}' + register: vn_manage + + - name: "Delete VN 2" + cisco.ise.trustsec_vn: + <<: *ise_login + state: absent + name: vn2 + additionalAttributes: '{"Created": "1616961914"}' + register: vn_manage diff --git a/ansible_collections/cisco/ise/playbooks/trustsec_vn.yml b/ansible_collections/cisco/ise/playbooks/trustsec_vn.yml new file mode 100644 index 000000000..18197a71e --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/trustsec_vn.yml @@ -0,0 +1,90 @@ +--- +- hosts: ise_servers + gather_facts: false + + vars: + ise_login: &ise_login + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + ise_debug: "{{ ise_debug }}" + + tasks: + # - name: '[Get Virtual Network]' + # cisco.ise.trustsec_vn_info: + # <<: *ise_login + # page: 1 + # size: 100 + # register: vn_all + + # - name: '[Print Virtual Network all]' + # ansible.builtin.debug: + # var: vn_all + + - name: "Get VN filtered by name" + cisco.ise.trustsec_vn_info: + <<: *ise_login + filter: name.EQ.vn1 + register: vn_filtered + + - name: "Create VN" + cisco.ise.trustsec_vn: + <<: *ise_login + state: present + name: vn1 + additionalAttributes: '{"Created": "1616961914"}' + when: + - vn_filtered is defined + - vn_filtered.ise_response is defined + - vn_filtered.ise_response | length == 0 + register: vn_manage + + - name: "Print Create Vn" + ansible.builtin.debug: + var: vn_manage + + - name: "Update Vn" + cisco.ise.trustsec_vn: + <<: *ise_login + state: present + name: vn1 + additionalAttributes: '{"Created": "1616961914", "Update": "1616962914"}' + when: + - vn_filtered is defined + - vn_filtered.ise_response is defined + - vn_filtered.ise_response | length > 0 + register: vn_manage + + - name: "Print Update VN" + ansible.builtin.debug: + var: vn_manage + + - name: "Get VN by id" + cisco.ise.trustsec_vn_info: + <<: *ise_login + id: "{{ vn_manage.ise_response.id }}" + when: + - vn_manage is defined + - vn_manage.ise_response is defined + register: vn_by_id + + - name: "Print VN by id" + ansible.builtin.debug: + var: vn_by_id + + - name: "Delete Vn" + cisco.ise.trustsec_vn: + <<: *ise_login + state: absent + name: vn1 + additionalAttributes: '{"Created": "1616961914", "Update": "1616962914"}' + when: + - vn_filtered is defined + - vn_filtered.ise_response is defined + - vn_filtered.ise_response | length > 0 + register: vn_manage + + - name: "Print Delete VN" + ansible.builtin.debug: + var: vn_manage diff --git a/ansible_collections/cisco/ise/playbooks/trustsec_vn_vlan_mapping.yml b/ansible_collections/cisco/ise/playbooks/trustsec_vn_vlan_mapping.yml new file mode 100644 index 000000000..583cd2b05 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/trustsec_vn_vlan_mapping.yml @@ -0,0 +1,86 @@ +--- +- hosts: ise_servers + gather_facts: false + + vars: + ise_login: &ise_login + ise_hostname: "{{ ise_hostname }}" + ise_username: "{{ ise_username }}" + ise_password: "{{ ise_password }}" + ise_verify: "{{ ise_verify }}" + ise_debug: "{{ ise_debug }}" + + tasks: + - name: "Create VN 1" + cisco.ise.trustsec_vn: + <<: *ise_login + state: present + name: vn1 + additionalAttributes: '{"Created": "1616961914"}' + register: vn_manage + - name: "Create VN 2" + cisco.ise.trustsec_vn: + <<: *ise_login + state: present + name: vn2 + additionalAttributes: '{"Created": "1616961914"}' + register: vn_manage + + - name: "Create VN_VLAN_Mapping" + cisco.ise.trustsec_vn_vlan_mapping: + <<: *ise_login + state: present + isData: true + isDefaultVlan: true + maxValue: 12 + name: vlan1 + vnName: vn1 + register: vn_vlan_mapping_manage + + - name: "Print Create vn_vlan_mapping_manage" + ansible.builtin.debug: + var: vn_vlan_mapping_manage + + - name: "Update VN_VLAN_Mapping" + cisco.ise.trustsec_vn_vlan_mapping: + <<: *ise_login + state: present + isData: true + isDefaultVlan: true + maxValue: 10 + name: vlan1 + vnName: vn1 + register: vn_vlan_mapping_manage + - name: "Print Update vn_vlan_mapping_manage" + ansible.builtin.debug: + var: vn_vlan_mapping_manage + + - name: "Delete VN_VLAN_Mapping" + cisco.ise.trustsec_vn_vlan_mapping: + <<: *ise_login + state: absent + isData: true + isDefaultVlan: true + maxValue: 10 + name: vlan1 + vnName: vn1 + register: vn_vlan_mapping_manage + - name: "Print Delete vn_vlan_mapping_manage" + ansible.builtin.debug: + var: vn_vlan_mapping_manage + + - name: "Delete VN 1" + cisco.ise.trustsec_vn: + <<: *ise_login + state: absent + name: vn1 + additionalAttributes: '{"Created": "1616961914"}' + register: vn_manage + + - name: "Delete VN 2" + cisco.ise.trustsec_vn: + <<: *ise_login + state: absent + name: vn2 + additionalAttributes: '{"Created": "1616961914"}' + register: vn_manage diff --git a/ansible_collections/cisco/ise/playbooks/vars/device_administration_time_date_conditions.yml b/ansible_collections/cisco/ise/playbooks/vars/device_administration_time_date_conditions.yml new file mode 100644 index 000000000..b531eeb29 --- /dev/null +++ b/ansible_collections/cisco/ise/playbooks/vars/device_administration_time_date_conditions.yml @@ -0,0 +1,16 @@ +--- +condition_type: TimeAndDateCondition +name: Test2 +hours_range_start_time: "22:02" +hours_range_end_time: "13:02" +hours_range_exception_start_time: "23:02" +hours_range_exception_end_time: "23:50" +dates_range_start_date: "2021-06-30" +dates_range_end_date: "2021-07-03" +dates_range_exception_start_date: "2021-06-30" +dates_range_exception_end_date: "2021-06-30" +week_days: + - Saturday + - Sunday +week_days_exception: + - Sunday |