Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 4 replies
  • Subscribers 6 subscribers
  • Views 1728 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Python Code to Get User Details and to delete or disable sophos UTM 9 user

farha shaik

I was trying with the below code to get groups and users in that group..   but i am getting null output with success code!  Is that right way to follow the url pattern to get users? 

import requests
import base64
import json
import time
from requests.packages.urllib3.exceptions import InsecureRequestWarning
requests.packages.urllib3.disable_warnings(InsecureRequestWarning)

NETWORK_GROUP ='READONLY'
NETWORK_GROUP_MEMBERS = 'username'

def main():
    try:
       url = ("https:XXXXXX:1234/api/objects/network/group/")
       #headers = {"Authorization": "Basic %s" % SOPHOS_TOKEN , 'Content-Type': 'application/json'}
       headers={
         'content_type': 'application/json'
       }
       obj = {"name": NETWORK_GROUP, "members":NETWORK_GROUP_MEMBERS}
       response = requests.get(url, verify=False, headers = headers, json=obj, auth=('username', 'pswrd'))
       time.sleep(5)
       print(response)         # getting 200 success code
       print(response.json())  # printing [] null output
    except Exception as e:
        print(e)
if __name__ == '__main__':
    main()



This thread was automatically locked due to age.
  • 0

    Hi .

    The code looks like it should work if you changed your webadmin port to 1234. I tried it with my UTM and small modifications and it worked, but you will get a list of all group objects.

    This list would contain mainly all the groups you may see within the WebAdmin -> Network Definitions -> Filter: Groups

    If you want to filter this result, you can't profide parameters in the GET request here. But you want to get user and group details anyway. So you should look for the endpoints /objects/aaa/group and /objects/aaa/user/

    Sophos Gold Partner
    4TISO GmbH, Germany
    If a post solves your question click the 'Verify Answer' link.
  • 0 in reply to ThomW

    Hi Thom thanks for responding... 1234 port i just written for sample and that too i am taking the endpoint as XXXXXXX:1234/.../ then getting the output as below and this is Allowed networks information of my webadmin. 

    [{u'comment': u'', u'_type': u'network/group', u'name': u' Primary Addresses', u'_locked': u'user', u'members': [], u'_ref': u'REF_Addresses', u'types': [u'interface_address']}, {u'comment': u'', u'_type': u'network/group', u'name': u'ips', u'_locked': u'', u'members': [u'REF_NetHosin', u'REF_NetNetin2', u'REF_NetHosus', u'REF_NetHosin2'], u'_ref': u'REF_NetGroips', u'types': [u'network', u'host']}, {u'comment': u' World Server Pool', u'_type': u'network/group', u'name': u' World Server Pool', u'_locked': u'', u'members': [u'REF_NetDnsPool', u'REF_NetDnsPool', u'REF_NetDnsPool', u'REF_NetDnsPool', u'REF_NetDnsPool'], u'_ref': u'REF_NetGroPool', u'types': [u'dns_group']}]


    My request is to get the Group name such as we have 'READONLY' group and users of that group so that i need to place /objects/aaa/group endpoint right! i need to know what can be replaced instead of "aaa" in the endpoint.

    Thanks in Advance!!!

  • +1 in reply to farha shaik

    Hi.

    You can't replace aaa. You have to get all groups calling /objects/aaa/group  . Then you filter the result with all groups to get the group "READONLY" by name. Then you get the members array from the group object.

    def main():
    try:
       url = (API_ENDPOINT + "/objects/aaa/group/")
       headers={
         'content_type': 'application/json'
       }
       response = requests.get(url, verify=False, headers = headers, json=obj, auth=(API_USER, API_TOKEN))
       print(response)         # getting 200 success code

       # transform into python dict
       groups = json.loads(response.text)

       # show all groups
       print(groups)

       # get group with name readonly
       group_readonly = [x for x in groups if x['name'] == 'READONLY']

       # print readonly group
       print(group_readonly)

       # print refs of members in group (no check if group exists!!!)
       group_members = group_readonly[0]['members']
       print(group_members)

       # now iterate over refs to get user 
       # details call /object/aaa/user/{ref}
    except Exception as e:
        print(e)
if __name__ == '__main__':
    main()

    The code above is just an example. But be aware. I'm not a python developer.

    Sophos Gold Partner
    4TISO GmbH, Germany
    If a post solves your question click the 'Verify Answer' link.
  • 0 in reply to ThomW

    ThankYou Thom!! I got corresponding output which required.

Unfiltered HTML