Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Jason_Carrillo
Collaborator

Add access-role argument help

Jump to solution

Trying to create a batch of Access Roles and add a user group to them at the same time. I've got the "add access-role" set up to create the ARs, but I run into issues when I try to add the user group to the access role. Newbie to the new API and scripting engine for R80.10 I guess.

add access-role name FW_AR machines "any" networks "any" remote-access-clients "any" users "????????"

The group I want to add is an internal user group, everything else is very vanilla.

1 Solution

Accepted Solutions
Joshua_Hatter
Employee
Employee

The users field if being specific needs to be an 'object'. So we will access the internal users keys source and selection with users.source, and users.selection. 

Example:

#mgmt_cli add access-role name "<access-role-name>" machines "any" networks "any" remote-access-clients "any" users.source "Internal User Groups" users.selection "<name-of-internal-group>"

Hope this helps.

View solution in original post

4 Replies
Joshua_Hatter
Employee
Employee

The users field if being specific needs to be an 'object'. So we will access the internal users keys source and selection with users.source, and users.selection. 

Example:

#mgmt_cli add access-role name "<access-role-name>" machines "any" networks "any" remote-access-clients "any" users.source "Internal User Groups" users.selection "<name-of-internal-group>"

Hope this helps.

View solution in original post

Robert_Decker
Employee Alumnus
Employee Alumnus

Correct, and in the case of several users, you should use a list notation - 

users.1.source "src1" users.1.selection "sel1" users.2.source "src2" users.2.selection "sel2" etc.

Robert.

Jason_Carrillo
Collaborator

Thank you Robert, I didn't realize that I would need this until you mentioned it. Thanks!

Jason_Carrillo
Collaborator

Boom, that's exactly what I was looking for.  Thanks!