Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
nbose
Explorer

Script to export the list of users with admin privileges & export to remote server

Jump to solution

Hi,

I am trying to create a script to run the following command to export the list of users with admin privileges to a text file.

I then need to export the file to a remote server via sftp or email.

Please let me know how I can accomplish it.

 

What I've done so far:

#!/bin/bash

mgmt_cli show administrators --domain 'System Data' details-level "full" | egrep " name:| type:|authentication-method|permissions-profile" > /tmp/Checkpoint-Admin-List.txt

The above command requires authentication, how do I include the username and password to the above command?  I did try the -u <username> -p <password> but that did not work.

Do let me know how i can include the sftp/email command lines as well.

 

Many thanks in advance,

 

regards,

 

nibose

0 Kudos
1 Solution

Accepted Solutions
Stuart_Green1
Employee
Employee

you could redirect the output from your command to a file and then transfer that to your remote server:

 

mgmt_cli -u "admin" -p "password" show administrators --format json > admin_users.json

scp admin_users.json admin@192.168.1.1:/home/directory

 

Or - you could skip the transfer part and connect to the management server from your remote server using the REST API over HTTPS and save the results directly on the server / incorporate them into the next part of your workflow.

View solution in original post

0 Kudos
(1)
5 Replies
Stuart_Green1
Employee
Employee

Hi Nibose,

 

Have you checked out the session management notes here? https://sc1.checkpoint.com/documents/latest/APIs/#cli/login~v1.8%20

 

There are a couple of ways to handle authentication and session creation but the way you've tried above should be fine - you might just need to quote your username and password values. Something like:

 

mgmt_cli -u "adminuser" -p "password123456" --domain "System Data"....

0 Kudos
nbose
Explorer

Original Command:

mgmt_cli show administrators --domain 'System Data' details-level "full" | egrep " name:| type:|authentication-method|permissions-profile" >Checkpoint-Admin-List.txt

Command entered:

mgmt_cli -u admuser -p letmein show administrators --domain 'System Data' details-level "full" | egrep " name:| type:|authentication-method|permissions-profile" >Checkpoint-Admin-List.txt

Output:

-bash: show: command not found
[Expert@SDC-CPSMGP01:0]# Error: No command name was specified!

 

0 Kudos
nbose
Explorer

Hi Stuart,

Just got it to work.  Apparently it appears the user ID should not contain anything related to admin, changed to a generic user and it worked.

0 Kudos
nbose
Explorer

How can I automatically export the above generated file to a remote server?

IP: 10.1.1.1

username: uname

password: passwd

protocol: sftp

0 Kudos
Stuart_Green1
Employee
Employee

you could redirect the output from your command to a file and then transfer that to your remote server:

 

mgmt_cli -u "admin" -p "password" show administrators --format json > admin_users.json

scp admin_users.json admin@192.168.1.1:/home/directory

 

Or - you could skip the transfer part and connect to the management server from your remote server using the REST API over HTTPS and save the results directly on the server / incorporate them into the next part of your workflow.

View solution in original post

0 Kudos
(1)