Keeping existing session but prevent new connections to node in pool

You can certainly do this with an iControl application. I'm a bit unclear as to your requirements about not needing admin permissions or needing to log into the F5 unit.

 

 

It sounds to me like you are asking for a way to modify the configuration without proper access which obviously we don't support for security reasons. Otherwise anyone out there could muck with anyone elses configuration. Maybe I'm missing something from your requirements.

 

 

If you create a script remotely, then you will need to have operator level access to be able to modify the configuration. The iControl interfaces follow the same authorization model as the GUI. If you want to create a script locally, you can do so but you will still need to log into the device to be able to execute it.

 

 

-Joe

Hi Joe -

 

 

Thanks for the quick response.

 

 

Basically what we want to accomplished is to prevent all direct

 

access to the F5 devices altogher, however, we want the users

 

to enable/disable sessions/connections to a node within a pool

 

via a script or calling this script (with proper access) from a remote location. The userid/pw with permissions will not be made

 

known to the non-admin users. do you have a sample of this script?

 

or a perl/shell script to do this?

 

 

 

Thanks,

 

Anthony

The SDK has a Perl sample that will allow enabling or disabling pool members. Check out the SDK/samples/soap/perl/soaplite/LocalLB/PoolMember.pl sample.

 

 

There are also a few samples in the iControl Code Share section of DevCentral (under the Downloads menu).

 

 

-Joe