Forum Discussion

Aaron_McMahon_2's avatar
Aaron_McMahon_2
Icon for Nimbostratus rankNimbostratus
Aug 01, 2007

Auth Partitions

I like the idea of auth partitioning and I did a quick test in iControl to see if it would filter a list of virtual servers down to only those that have been assigned to a particular auth account. Using iControl, I logged in with the partitioned account and requested the list of virtual servers. It gave me every virtual server on the BIG-IP, not the partitioned list. Is there another way to get the partitioned list of virtual servers?

 

 

Thanks!

 

 

- Aaron

 

6 Replies

  • You'll find that if you log into the GUI with that auth account, you'll see the full list of virtual servers as well. It looks to me like we need a new API method to return which partition the objects live in. I'll submit a change request to get the ball rolling.

     

     

    -Joe
  • 1) Was the new API mentioned in this thread added?

     

     

    2) If I create a new partition (e.g. test-partition) with one operator-level user(e.g. TP-user01 :-), with only one VS/Pool assigned to 'test-partition', is it correct that TP-user01 can only manipulate this one VS and no other VS in the common partion via iControl?
  • I wrote up a tech tip on admin partitions with the relevant methods:

     

     

    http://devcentral.f5.com/Default.aspx?tabid=63&articleType=ArticleView&articleId=176

     

    Click here

     

     

     

    As for 2, yes, if you create a user assigned to a single partition and there is only one vs/pool in that partition, then that user can only modify the objects in that partition.

     

     

    -Joe
  • Can anyone point me in the right direction to displaying the "get_partition_list" in PHP

     

    Here is relevant code:

     

     

    $client2 = new SoapClient($wsdl2,array('location'=>$location,'login'=>$username,'password'=>$password));

     

    $partitionlist=$client2->get_partition_list();

     

    foreach ($partitionlist as $partition)

     

    {

     

    echo $partition;

     

    }

     

     

     

     

    Here is the php error:

     

     

    Catchable fatal error: Object of class stdClass could not be converted to string in /ap/p/eem/apache/httpd-2.0.63/htdocs/networkmap.php on line 14

     

     

     

     

    iControl :: Management :: Partition :: AuthZPartition

     

    Looking at the data type I see that it is a structure containing these two members:

     

    partition_name String The name of the partition.

     

    description String The partition's description.

     

     

    I've tried also treating it as an array bt it gives me the same error. Any help would be appreciated.

     

  • I wish I could help you with PHP but I'm a complete noob with it. Actually, I'm not even a noob as I've never really coded with PHP at all.

     

     

    What I can tell you is that get_partition_list method returns an array of AuthZPartition structures which is defined as:

     

     

    struct AuthZParition { 
       string partition_name; 
       string description; 
     }

     

     

    In your echo code you are trying to echo a structure which could likely be the issue. You'll need to access the "partition_name" and "description" fields separately.

     

     

    -Joe
  • I figured it out and hope it helps others; quite simple once I understood how to parse out the object.

     

     

    $client2 = new SoapClient($wsdl2,array('location'=>$location,'login'=>$username,'password'=>$password));

     

    $partitionlist=$client2->get_partition_list();

     

    foreach ($partitionlist as $index=>$partitionstructure)

     

    {

     

    $partition_name=$partitionstructure->partition_name;

     

    echo $partition_name."

     

    ";

     

    }

     

     

     

     

    This concept will work with any non-standard structure.