Redfish: implement obtaining AccountService config #9403
Merged
+31
−1
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This comment was marked as outdated.
This comment was marked as outdated.
ansibullbot
added
ci_verified
paulfertser
force-pushed
the
redfish-add-get-accountservice
branch
2 times, most recently
from
825c11e to
2a820bb
Compare
ansibullbot
removed
ci_verified
felixfontein
added
check-before-release
Example result from querying OpenBMC's bmcweb Redfish server:
```
changed: false
failed: false
redfish_facts:
accountservice_config:
entries:
'@odata.id': /redfish/v1/AccountService
'@odata.type': '#AccountService.v1_15_0.AccountService'
AccountLockoutDuration: 0
AccountLockoutThreshold: 0
Accounts:
'@odata.id': /redfish/v1/AccountService/Accounts
ActiveDirectory:
Authentication:
AuthenticationType: UsernameAndPassword
Password: null
Username: ''
LDAPService:
SearchSettings:
BaseDistinguishedNames:
- ''
GroupsAttribute: ''
UsernameAttribute: ''
RemoteRoleMapping: []
ServiceAddresses:
- ''
ServiceEnabled: false
Description: Account Service
HTTPBasicAuth: Enabled
HTTPBasicAuth@AllowableValues:
- Enabled
- Disabled
Id: AccountService
LDAP:
Authentication:
AuthenticationType: UsernameAndPassword
Password: null
Username: ''
Certificates:
'@odata.id': /redfish/v1/AccountService/LDAP/Certificates
LDAPService:
SearchSettings:
BaseDistinguishedNames:
- ''
GroupsAttribute: ''
UsernameAttribute: ''
RemoteRoleMapping: []
ServiceAddresses:
- ''
ServiceEnabled: false
MaxPasswordLength: 20
MinPasswordLength: 8
MultiFactorAuth:
ClientCertificate:
CertificateMappingAttribute: CommonName
Certificates:
'@odata.id': /redfish/v1/AccountService/MultiFactorAuth/ClientCertificate/Certificates
'@odata.type': '#CertificateCollection.CertificateCollection'
Members: []
[email protected]: 0
Enabled: true
RespondToUnauthenticatedClients: true
Name: Account Service
Oem:
OpenBMC:
'@odata.id': /redfish/v1/AccountService#/Oem/OpenBMC
'@odata.type': '#OpenBMCAccountService.v1_0_0.AccountService'
AuthMethods:
BasicAuth: true
Cookie: true
SessionToken: true
TLS: true
XToken: true
Roles:
'@odata.id': /redfish/v1/AccountService/Roles
ServiceEnabled: true
ret: true
```
Signed-off-by: Paul Fertser <[email protected]>
paulfertser
force-pushed
the
redfish-add-get-accountservice
branch
from
2a820bb to
eb935b5
Compare
russoz
reviewed
Dec 29, 2024
|
Looks good to me! Thanks! |
felixfontein
removed
the
check-before-release
Backport to stable-10: 💚 backport PR created✅ Backport PR branch: Backported as #9511 🤖 @patchback |
patchback bot
pushed a commit
that referenced
this pull request
Jan 2, 2025
Example result from querying OpenBMC's bmcweb Redfish server:
```
changed: false
failed: false
redfish_facts:
accountservice_config:
entries:
'@odata.id': /redfish/v1/AccountService
'@odata.type': '#AccountService.v1_15_0.AccountService'
AccountLockoutDuration: 0
AccountLockoutThreshold: 0
Accounts:
'@odata.id': /redfish/v1/AccountService/Accounts
ActiveDirectory:
Authentication:
AuthenticationType: UsernameAndPassword
Password: null
Username: ''
LDAPService:
SearchSettings:
BaseDistinguishedNames:
- ''
GroupsAttribute: ''
UsernameAttribute: ''
RemoteRoleMapping: []
ServiceAddresses:
- ''
ServiceEnabled: false
Description: Account Service
HTTPBasicAuth: Enabled
HTTPBasicAuth@AllowableValues:
- Enabled
- Disabled
Id: AccountService
LDAP:
Authentication:
AuthenticationType: UsernameAndPassword
Password: null
Username: ''
Certificates:
'@odata.id': /redfish/v1/AccountService/LDAP/Certificates
LDAPService:
SearchSettings:
BaseDistinguishedNames:
- ''
GroupsAttribute: ''
UsernameAttribute: ''
RemoteRoleMapping: []
ServiceAddresses:
- ''
ServiceEnabled: false
MaxPasswordLength: 20
MinPasswordLength: 8
MultiFactorAuth:
ClientCertificate:
CertificateMappingAttribute: CommonName
Certificates:
'@odata.id': /redfish/v1/AccountService/MultiFactorAuth/ClientCertificate/Certificates
'@odata.type': '#CertificateCollection.CertificateCollection'
Members: []
[email protected]: 0
Enabled: true
RespondToUnauthenticatedClients: true
Name: Account Service
Oem:
OpenBMC:
'@odata.id': /redfish/v1/AccountService#/Oem/OpenBMC
'@odata.type': '#OpenBMCAccountService.v1_0_0.AccountService'
AuthMethods:
BasicAuth: true
Cookie: true
SessionToken: true
TLS: true
XToken: true
Roles:
'@odata.id': /redfish/v1/AccountService/Roles
ServiceEnabled: true
ret: true
```
Signed-off-by: Paul Fertser <[email protected]>
(cherry picked from commit e853bdf)
|
@paulfertser thanks for your contribution! |
felixfontein
pushed a commit
that referenced
this pull request
Jan 2, 2025
…AccountService config (#9511) Redfish: implement obtaining AccountService config (#9403) Example result from querying OpenBMC's bmcweb Redfish server: ``` changed: false failed: false redfish_facts: accountservice_config: entries: '@odata.id': /redfish/v1/AccountService '@odata.type': '#AccountService.v1_15_0.AccountService' AccountLockoutDuration: 0 AccountLockoutThreshold: 0 Accounts: '@odata.id': /redfish/v1/AccountService/Accounts ActiveDirectory: Authentication: AuthenticationType: UsernameAndPassword Password: null Username: '' LDAPService: SearchSettings: BaseDistinguishedNames: - '' GroupsAttribute: '' UsernameAttribute: '' RemoteRoleMapping: [] ServiceAddresses: - '' ServiceEnabled: false Description: Account Service HTTPBasicAuth: Enabled HTTPBasicAuth@AllowableValues: - Enabled - Disabled Id: AccountService LDAP: Authentication: AuthenticationType: UsernameAndPassword Password: null Username: '' Certificates: '@odata.id': /redfish/v1/AccountService/LDAP/Certificates LDAPService: SearchSettings: BaseDistinguishedNames: - '' GroupsAttribute: '' UsernameAttribute: '' RemoteRoleMapping: [] ServiceAddresses: - '' ServiceEnabled: false MaxPasswordLength: 20 MinPasswordLength: 8 MultiFactorAuth: ClientCertificate: CertificateMappingAttribute: CommonName Certificates: '@odata.id': /redfish/v1/AccountService/MultiFactorAuth/ClientCertificate/Certificates '@odata.type': '#CertificateCollection.CertificateCollection' Members: [] [email protected]: 0 Enabled: true RespondToUnauthenticatedClients: true Name: Account Service Oem: OpenBMC: '@odata.id': /redfish/v1/AccountService#/Oem/OpenBMC '@odata.type': '#OpenBMCAccountService.v1_0_0.AccountService' AuthMethods: BasicAuth: true Cookie: true SessionToken: true TLS: true XToken: true Roles: '@odata.id': /redfish/v1/AccountService/Roles ServiceEnabled: true ret: true ``` Signed-off-by: Paul Fertser <[email protected]> (cherry picked from commit e853bdf) Co-authored-by: Paul Fertser <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
SUMMARY
The AccountService endpoint provides plenty of essential configuration which might be needed to e.g. backup settings or to check the right setup.
ISSUE TYPE
COMPONENT NAME
Redfish
ADDITIONAL INFORMATION
Example result from querying OpenBMC's bmcweb Redfish server: