Forum Discussion
Nimbostratusirule for command exectuion
Hi,
I'd like to execute command ldbutil inside an irule. Is that possible? Basically i want to validate password lenght for APM Local DB users and if lenght is below 9 i wanto to force user to change password in next-login. Any other suggestions to achieve this?
Regards. MC
8 Replies
Kevin_Davies_40Nacreous
iRules have no access to TMSH commands. Presently there is no iRule/iControl access to the local DB.
Marco_Castro_11ldbutil is not a TMSH i can execute them from config
/usr/bin/ldbutil --add --uname="LOGON" --instance="/Common/INSTANCE" -- password="PASSWORD" --change_passwd="0" --first_name="FIRST" --last_name="LAST " --email="EMAIL" --user_groups="GROUP" --login_failures="0" --locked_out="0"
- Kevin_Davies_40
Correction. I should have said no access to command line at all. This is by design. They are structured for very fast execution in memory and any IO or external program calls are avoided for that very reason.
- Marco_Castro_11
Thanks for the info. Any suggestions to configure what i need in a diferent way?
- Kevin_Davies_40
I thought about what you want to do. The issue is wider than it appears. Because they have deployed localDB without any iControl access it cannot be updated remotely. It is almost as though this is version 0.1 and a proper implementation will come in later releases. I can't see any way to do what you want to do.
kunjanHow about using iRule to log the user ids with password length than 9 and use cron job to trigger ldbutil to flip the change_password field for these users logged?
- Marco_Castro_11
Thanks i will try that. I was trying to intercept password post in Logon page before localdb auth but without success.
- Kevin_Davies_40If any of the above posts have provided a solution to your issue, please indicate so by clicking the tick to the left of them. This gives feedback and recognition to the volunteers who responded to your issue.
