How to set partion after creating a user thru iControl API

Hi, i had the same problem at first. If you look at the SDK, under the Management namespace, you will see a Partition section. There is a function defined:

void set_active_partition(
    in String active_partition
);

the wsdl file is:

bigip/iControl/sdk/wsdl/Management.Partition.wsdl

The set_active_partition, will set the context of the current iControl client as to what partition they are accessing. I believe the question was how to assign a partition to a specific users authorization settings.

If you look into the Management::UserManagement interface you will see the following method:

struct UserPermission {
    UserRole role;
    String partition;
};
Management.UserManagement.set_user_permission(
    in String [] user_names,
    in Management__UserManagement__UserPermission [] [] permissions
);

You use this method to specify what role the user is (admin, manager, operator, etc) as well as the partition that he is authorized to access.

Then, in your iControl application, you will have to make a call to Management.UserManagement.get_my_permission() to retrieve which partition the calling user is authorized to access and then call Management.Partition.set_active_partition() to set the context of the current caller's partition.

Hopefully this clears things up...

-Joe

Joe, you are right I am looking to assign a partition to a specific user.

 

i am able to create set partition using - Management.UserManagement.set_user_permission

 

Thanks for help.

 

Glad to help! Just make sure that your calling application checks the current users partition from the get_my_permission() method and then calls the set_active_partition() method with that partition name.

 

 

-Joe

I am planing to provide SOAP API on top of iControl API so I need to use single user to login (lets say admin) on F5 and then change the partion information on user, Virtual Server and Pool to seperate out the customer configration.

 

By using - Management.UserManagement.set_user_permission i am able to change the user partion information. Is there a way to change the partion information on Virtual Server and Pool after it got created with default user(in my case admin) partion?

 

 

Thanks for help.

Unfortunately the answer is no at this point. When an object is created, there is no way to "move" it to another partition aside from deleting it and recreating it in the new partition. This is true in the GUI, CLI, and iControl.

 

 

-Joe

Joe,

 

 

Let me be little more specific, Is their way we can create (rather then change later) VirtualServer, pool, and node with different partition then user belongs to?

 

 

Thru F5 GUI, Once user is created I can't even see which partion user is belog too, is their a place or link i should be accesing to see the user partion?

 

 

Thanks for your quick responces.

 

Joe,

 

 

Thru GUI, I am login as a admin user with administrator permission and able to create VR, POOL and node with different partition so now all i have to see how i can create VR, POOL and node thru iControl API in different partition.

 

 

I am also able to see which partion user belongs too which is located on top right cornor of the screen.

 

Thanks

 

I am able to set the parttion using following API before creating Virtual Server, Pool, and Node. This is the way i am going to seperate out the Customer confiration. Let me know if i am off track on my thought.

 

 

iControl.ManagementPartitionBindingStub m_partition;

 

m_partition.set_active_partition("TestPartition");

 

 

Thanks

You are exactly on the right track. Management.Partition.set_active_partition() sets the current "working" partition for the currently connected user. Here's some pseudo-code for the process for creating the following

 

 

Pool1 in partition part_1

 

Pool2 in partition part_2

 

Pool3 in partition part_3

 

 

Partition.set_active_partition: "part_1"
Pool.create: "Pool1"
Partition.set_active_partition: "part_2" 
Pool.create: "Pool2"
Partition.set_active_partition: "part_3"
Pool.create: "Pool3"

 

 

You'll have to make sure that you are an administrator during this process so that you have write access in all of the partitions.

 

 

-Joe