beautypg.com

Changing group administrative privileges, Creating tokens for authentication, Sample commands – HP StoreAll Storage User Manual

Page 143

background image

Changing group administrative privileges

Table 17 Changing group administrative privileges

Command

Task

ibrix_objectstoreadmin -a -k GROUP_NAME

Grant all members of the group
administrative privileges.

ibrix_objectstoreadmin -d -k GROUP_NAME

Remove administrative privileges from a
group.

Sample commands

An example of granting administrative privileges to an AD group:

ibrix_objectstoreadmin –a –k IBRIX_DOMAIN\\GROUP_NAME

An example of granting administrative privileges to a Storeall local group:

ibrix_objectstoreadmin –a –k GROUP_NAME

Creating tokens for authentication

Object Store requires you to use an authentication token with all of its commands.

IMPORTANT:

Authentication tokens expire after 24 hours.

To create a token, enter the following command:

Format for an environment using StoreAll local users

curl -d '{"auth": {"tenantName": "",

"passwordCredentials":{"username": "", "password":

""}}}' -H "Content-type: application/" http://

user VIF>:/v2.0/tokens

Format for an environment using AD and LDAP groups

curl -d '{"auth": {"tenantName": "\\domain^users",

"passwordCredentials":{"username": "\\",

"password": ""}}}' -H "Content-type: application/"

http://:/v2.0/tokens

Sample command with request for output in JSON format in an Active Directory environment:

curl -d '{"auth": {"tenantName": "IBRQA1\\domain^users",

"passwordCredentials":{"username": "IBRQA1\\ibrixuser21", "password":

"mypassword"}}}' -H "Content-type: application/json"

http://10.10.104.115:35357/v2.0/tokens}'

In this instance:

10.10.104.115

is the IP address of the Fusion Manager user VIF.

35357

is the Keystone server admin port, which is a TCP port

json

is the output format. The output format can also be XML.

IBRQA1

is the domain the user was added to, as described in

“Add users to an administrator

group using the GUI” (page 140)

.

ibrixuser21

is the user name.

mypassword

is the password for the user name.

{"access": {"token": {"expires": "2013-08-21T20:08:48Z", "id": "1bb88b944f6c4c8fb7411f85d3bd6bf4", "tenant":
{"enabled": true, "id": "7b9a902423a582c9eda266dcf3ad6974a2b98e4b21ea7c9e1e8d38f76afdf1b4", "name":
"IBRQA1\\domain^users"}}, "serviceCatalog": [{"endpoints": [{"adminURL": "http://10.10.104.116:8888/", "region":
"RegionOne", "internalURL":
"http://10.10.104.116:8888/v1/AUTH_7b9a902423a582c9eda266dcf3ad6974a2b98e4b21ea7c9e1e8d38f76afdf1b4", "id":
"b83cb54998f54781ab9905aff878cab2", "publicURL":

Changing group administrative privileges

143

See also other documents in the category HP Storage: