Solved: Re: multidomain and mgmt_cli

Maarten_Sjouw · ‎2018-09-19

I was trying to add a number of object this week, I had done some last week. Last week I added them to 1 domain and now I wanted to add them to another domain, what I did upfront was mdsenv <Domain> and started issuing the commands, this worked like a charm.

Today however when I tried to add some objects to another domain, using the same way, first set the mdsenv to the correct domain, then started issuing the (copy paste) the mgmt_cli commands, the objects ended up in the domain that I used last week???

I found out by going in the second domain and use the new network objects but were not there. Then when I issued the mgmt_cli show networks command, it showed me all the network objects from the other domain I worked on last week.

Hmm, ok maybe I need to do a set domain name <domain> command first? Well in the expert mode with mgmt_cli, that did not work, unknown object.

So ok lets try from clish and use the mgmt commands instead, as the first command used mgmt set domain name <Domain> and then issued the add network commands. they were accepted, no error messages. Going into Smartconsole, none of the networks I added are there, nor in the other domain nor in the Global domain.

What am I doing wrong?

Regards, Maarten

Amiad_Stern · ‎2018-09-20

Lari is right, you need to login to the desired domain then perform desired commands.

Copy pasting Lari's answer with some comments:

// login to domain named MyDomain and save 'session-id' into text file called id.txt. (you can use -d "MyDomain" as well)

# mgmt_cli login user admin password vpn123 domain "MyDomain" > id.txt

// use the id.txt as a file from which the session-id (your token) is taken and perform add host command.

# mgmt_cli add host name “Minion1” ip-address 1.2.3.4 color “yellow” -s id.txt

// publish and logout (again using the same session-id)

# mgmt_cli publish –s id.txt
# mgmt_cli logout –s id.txt

Few comments on your issue:

No need for mdsenv when working with API since you should specify which domain you would like to login to.
If you don't specify domain, the default is 'System Data' (which means the MDS)
In your case, the fact that you didn't see you object in Global or domain is because i guess you didn't specify any domain on your login and thus objects were created in 'System Data' domain (the MDS) so GUI will not show you these kind of objects in MDS....

View solution in original post

Kaspars_Zibarts · ‎2018-09-20

There's is a switch you must add to your mgmt_cli, think it was -s but could be -d, just run help for the command. Works for me every time not at my desk to check

Lari_Luoma · ‎2018-09-20

Hi Maarten!

In MDS there is one API server serving all the domains, so you should use the MDS leading interface IP address and authenticate to the domain that you want to manipulate.

Example:

# mgmt_cli login user admin password vpn123 domain "MyDomain" > id.txt
# mgmt_cli add host name “Minion1” ip-address 1.2.3.4 color “yellow” -s id.txt
# mgmt_cli publish –s id.txt
# mgmt_cli logout –s id.txt

Kaspars_Zibarts · ‎2018-09-20

agreed - i normally use session id to carry out all commands, else just add domain every time

[--domain, -d]
Name, uid or IP-address of the management domain.
Environment variable: MGMT_CLI_DOMAIN

Maarten_Sjouw · ‎2018-09-21

Ok thank you very Lari, this was the missing bit. My guess that the mdsenv command would put you in the right environment was incorrect then.

Still I really do not understand why it worked the first time?