'search-users.sh' Script Source Code

#!/bin/bash
###########################################################################
# search-users.sh                                                         #
# This script demonstrates how to use the ISE ERS GET Internal Users API  #
# with filters by executing a curl Linux command.                         #  
#                                                                         #
# USAGE:                                                                  #
# 'search-users.sh <username> <password> <ise-ip-address> <filter>'       #
#                                                                         #
# SECURITY WARNING - DO NOT USE THIS SCRIPT IN PRODUCTION!                #
# The curl -k switch allows connections to SSL sites without trusting     #
# the server certificates.                                                #
# For production, it is required to add certificate check.                #                                         
###########################################################################

if [ $# -ne 4 ]
  then
    echo "Missing Arguments, Expected: search-users.sh <username> <password> \
<ise-ip-address> <filter e.g. name.STARTSW.user>"
    exit	
fi


echo "searching internalusers on server: "$3" username: " $1", filter set: "$4


curl -v -k  -X GET -H 'ACCEPT: application/vnd.com.cisco.ise.identity.internaluser.1.2+xml' \
   'https://'$1':'$2'@'$3':9060/ers/config/internaluser?page=0&size=10&sortdsc=name&filter='$4

Script Execution

>search-users.sh ers password 10.56.52.187 identityGroup.EQ.Guest
searching internalusers on server: 10.56.52.187 username:  ers, filter set: identityGroup.EQ.Guest
* About to connect() to 10.56.52.187 port 9060
*   Trying 10.56.52.187... connected
* Connected to 10.56.52.187 (10.56.52.187) port 9060
* successfully set certificate verify locations:
*   CAfile: /etc/pki/tls/certs/ca-bundle.crt
  CApath: none
* SSLv2, Client hello (1):
SSLv3, TLS handshake, Server hello (2):
SSLv3, TLS handshake, CERT (11):
SSLv3, TLS handshake, Server key exchange (12):
SSLv3, TLS handshake, Request CERT (13):
SSLv3, TLS handshake, Server finished (14):
SSLv3, TLS handshake, CERT (11):
SSLv3, TLS handshake, Client key exchange (16):
SSLv3, TLS change cipher, Client hello (1):
SSLv3, TLS handshake, Finished (20):
SSLv3, TLS change cipher, Client hello (1):
SSLv3, TLS handshake, Finished (20):
SSL connection using DHE-RSA-AES256-SHA
* Server certificate:
*        subject: /CN=pmbu-dev-vm47.cisco.com
*        start date: 2013-06-02 10:19:58 GMT
*        expire date: 2014-06-02 10:19:58 GMT
*        common name: pmbu-dev-vm47.cisco.com (does not match '10.56.52.187')
*        issuer: /CN=pmbu-dev-vm47.cisco.com
* SSL certificate verify result: self signed certificate (18), continuing anyway.
* Server auth using Basic with user 'ers'
> GET /ers/config/internaluser?page=0&size=10&sortdsc=name&filter=identityGroup.EQ.Guest HTTP/1.1
> Authorization: Basic ZXJzOmRlZmF1bHQxQQ==
> User-Agent: curl/7.15.5 (x86_64-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5
> Host: 10.56.52.187:9060
> ACCEPT: application/vnd.com.cisco.ise.identity.internaluser.1.2+xml
>
< HTTP/1.1 200 OK
< Pragma: No-cache
< Cache-Control: no-cache
< Expires: Thu, 01 Jan 1970 00:00:00 UTC
< Set-Cookie: JSESSIONIDSSO=22C5876F8FCC2555DD4C31D4C17C46D2; Path=/; Secure
< Set-Cookie: JSESSIONID=656E3D6F97E05DA14736D26424F81C23; Path=/ers; Secure
< Date: Tue, 11 Jun 2013 19:29:02 GMT
< Content-Type: application/vnd.com.cisco.ise.ers.searchresult.1.0+xml
< Content-Length: 384
< Server:
Connection #0 to host 10.56.52.187 left intact
* Closing connection #0
* SSLv3, TLS alert, Client hello (1):
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<ns2:searchResult xmlns:ns2 = "ers.ise.cisco.com" total = "1">
       <resources>
              <resource
                     name = "userB"
                     id = "aac4ebc0-d1c9-11e2-a70b-005056a43a36"
                     description = "BBB">
                     <link
                            type = "application/xml"
                            href = "https://10.56.52.187:9060/ers/config/internaluser/aac4ebc0-d1c9-11e2-a70b-005056a43a36"
                            rel = "self"/>
              </resource>
       </resources>
</ns2:searchResult>