File: Mod_SSO_Settings.sh

package info (click to toggle)
ilorest 5.2.0.0-7
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid, trixie
  • size: 12,668 kB
  • sloc: python: 45,028; javascript: 10,504; sh: 3,041; makefile: 301; ruby: 204
file content (119 lines) | stat: -rw-r--r-- 5,353 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
 
#!/bin/bash

#    RESTful Interface Tool Sample Script for HPE iLO Products    #
#  Copyright 2014, 2020 Hewlett Packard Enterprise Development LP #

# Description: This a sample bash script to configure HPE SIM     #
#              Single Sign-ON (SSO) settings on Integrated        #
#              Lights-Out(iLO).                                   #

# NOTE:  You will need to replace the USER_LOGIN and PASSWORD     #
#        and other values inside the quotation marks with values  #
#        that are appropriate for your environment.               #

#        HPE SIM Single Sign-On requires iLO Advanced or iLO      #
#        Select license.                                          #

#        Modification of SSO settings requires Configure iLO      #
#        privilege.                                               #

#        Firmware support information for this script:            #
#            iLO 5 - All versions                                 #
#            iLO 4 - All Versions                                 #
runLocal(){
  ilorest select SSO. -u USER_LOGIN -p PASSWORD
  # Specify the desired trust mode value                          #
  #  Options: TrustNone    (default)                              #
  #           Trustbycert (recommended)                           #
  #           TrustbyName                                         #
  #           TrustAll                                            #
  ilorest set SSOsettings/SSOTrustMode=Trustbycert

  # Specify the privileges assigned to the user role              #
  ilorest set SSOsettings/UserPrivilege/LoginPriv=True
  ilorest set SSOsettings/UserPrivilege/RemoteConsolePriv=False
  ilorest set SSOsettings/UserPrivilege/VirtualPowerAndResetPriv=False
  ilorest set SSOsettings/UserPrivilege/VirtualMediaPriv=False
  ilorest set SSOsettings/UserPrivilege/iLOConfigPriv=Fls

  # Specify the privileges assigned to the operator role          #
  ilorest set SSOsettings/OperatorPrivilege/LoginPriv=True
  ilorest set SSOsettings/OperatorPrivilege/RemoteConsolePriv=True
  ilorest set SSOsettings/OperatorPrivilege/VirtualPowerAndResetPriv=True
  ilorest set SSOsettings/OperatorPrivilege/VirtualMediaPriv=True
  ilorest set SSOsettings/OperatorPrivilege/iLOConfigPriv=False

  # Specify the privileges assigned to the administrator role.    #
  ilorest set SSOsettings/AdminPrivilege/LoginPriv=True
  ilorest set SSOsettings/AdminPrivilege/RemoteConsolePriv=True
  ilorest set SSOsettings/AdminPrivilege/VirtualPowerAndResetPriv=True
  ilorest set SSOsettings/AdminPrivilege/VirutalMediaPriv=True
  ilorest set SSOsettings/AdminPrivilege/iLOConfigPriv=True

  # Add an SSO server record using indirect iLO import from       #
  # the network name.                                             #
  #ilorest singlesignon importdns hpesim01.hpe.net

  # Add an SSO server certificate record using direct iLO         #
  # import of valid data.                                         #
  #ilorest singlesignon importcert cert.txt
  ilorest commit
  ilorest logout
}

runRemote(){
  ilorest select SSO. --url=$1 --user $2 --password $3
  # Specify the desired trust mode value                          #
  #  Options: TrustNone    (default)                              #
  #           Trustbycert (recommended)                           #
  #           TrustbyName                                         #
  #           TrustAll                                            #
  ilorest set SSOsettings/SSOTrustMode=Trustbycert

  # Specify the privileges assigned to the user role              #
  ilorest set SSOsettings/UserPrivilege/LoginPriv=True
  ilorest set SSOsettings/UserPrivilege/RemoteConsolePriv=False
  ilorest set SSOsettings/UserPrivilege/VirtualPowerAndResetPriv=False
  ilorest set SSOsettings/UserPrivilege/VirtualMediaPriv=False
  ilorest set SSOsettings/UserPrivilege/iLOConfigPriv=Fls

  # Specify the privileges assigned to the operator role          #
  ilorest set SSOsettings/OperatorPrivilege/LoginPriv=True
  ilorest set SSOsettings/OperatorPrivilege/RemoteConsolePriv=True
  ilorest set SSOsettings/OperatorPrivilege/VirtualPowerAndResetPriv=True
  ilorest set SSOsettings/OperatorPrivilege/VirtualMediaPriv=True
  ilorest set SSOsettings/OperatorPrivilege/iLOConfigPriv=False

  # Specify the privileges assigned to the administrator role.    #
  ilorest set SSOsettings/AdminPrivilege/LoginPriv=True
  ilorest set SSOsettings/AdminPrivilege/RemoteConsolePriv=True
  ilorest set SSOsettings/AdminPrivilege/VirtualPowerAndResetPriv=True
  ilorest set SSOsettings/AdminPrivilege/VirutalMediaPriv=True
  ilorest set SSOsettings/AdminPrivilege/iLOConfigPriv=True

  # Add an SSO server record using indirect iLO import from       #
  # the network name.                                             #
  #ilorest singlesignon importdns hpesim01.hpe.net

  # Add an SSO server certificate record using direct iLO         #
  # import of valid data.                                         #
  #ilorest singlesignon importcert cert.txt
  ilorest commit
  ilorest logout
}

error(){
  echo "Usage:"
  echo        "remote: Mod_SSO_Settings.sh ^<iLO url^> ^<iLO username^>  ^<iLO password^>"
  echo        "local:  Mod_SSO_Settings.sh"
}

if [ "$#" -eq "3" ]
then 
  runRemote "$1" "$2" "$3"
elif [ "$#" -eq "0" ]
then
  runLocal
else
  error
fi