Infoblox::Grid::KerberosKey - Grid kerberos key object.
This object is used to manage kerberos keys for GSS-TSIG.
#Constructor for an Grid KerberosKey object my $key = Infoblox::Grid::KerberosKey->new( principal => $string, #Required. domain => $string, #Optional / Default is undefined version => $num, #Optional / Default is undefined );
The following functions are available to be applied to an KerberosKey object.
Use this function to specify a Kerberos key at the grid level on the Infoblox appliance. See Infoblox::Grid::DNS->gss_tsig_keys() for parameters and return values.
#Create a Kerberos object. my $key = Infoblox::Grid::KerberosKey->new( principal => 'host/appliance.ivan.test@LADYBUG.LOCAL', domain => 'JACKIE.LOCAL', version => '3', );
#Configure kerberos key on the Infoblox grid object my $response = $grid->gss_tsig_keys([$key]);
Use this function to specify a Kerberos key at the grid level on the Infoblox appliance. See Infoblox::Grid::DHCP->gss_tsig_keys() for parameters and return values.
#Create a Kerberos object. my $key = Infoblox::Grid::KerberosKey->new( principal => 'host/appliance.ivan.test@LADYBUG.LOCAL', domain => 'JACKIE.LOCAL', version => '3', );
#Configure kerberos key on the Infoblox grid object my $response = $grid->gss_tsig_keys([$key]);
Use this function to specify a Kerberos key at the member level on the Infoblox appliance. See Infoblox::Grid::Member::DNS->gss_tsig_keys() for parameters and return values.
#Create a KerberosKey object. my $key = Infoblox::Grid::KerberosKey->new( principal => 'host/appliance.ivan.test@LADYBUG.LOCAL', domain => 'JACKIE.LOCAL', version => '3', );
#Configure KerberosKey on the Infoblox member object my $response = $member->gss_tsig_keys([$key]);
Use this function to specify a Kerberos key at the member level on the Infoblox appliance. See Infoblox::Grid::Member::DHCP->gss_tsig_keys() for parameters and return values.
#Create a KerberosKey object. my $key = Infoblox::Grid::KerberosKey->new( principal => 'host/appliance.ivan.test@LADYBUG.LOCAL', domain => 'JACKIE.LOCAL', version => '3', );
#Configure KerberosKey on the Infoblox member object my $response = $member->gss_tsig_keys([$key]);
This section describes all the methods in an Infoblox::Session module that you can apply to a Kerberos key object.
Use this method to retrieve all the matching objects from the Infoblox appliance. See Infoblox::Session->get() for parameters and return values.
Apply the following attributes to get a specific Kerberos key object:
principal - Required. The principal of the Kerberos key object you want to retrieve.
my @retrieved_objs = $session->get( object => "Infoblox::Grid::KerberosKey", principal => "my-principal");
Use this method to remove a Kerberos key object from the Infoblox appliance. See Infoblox::Session->remove() for parameters and return values.
To remove a specific object, first use get() or search() to retrieve the specific Kerberos key object, and then submit this object for removal.
# Get the objects with the same principal my @retrieved_objs = $session->get( object => "Infoblox::Grid::KerberosKey", principal => "my-principal"); # Find the desired object from the retrieved list. my $desired_kerberos_key = $retrieved_objs[0]; # Submit for removal my $response = $session->remove( $desired_kerberos_key );
Use this method to search for Kerberos key objects in the Infoblox appliance. See Infoblox::Session->search() for parameters and return values.
Apply the following attributes to search for a Kerberos key object:
principal - Required. The principal of the Kerberos key object you want to retrieve (regular expression is supported).
# search for all grid member objects my @retrieved_objs = $session->search( object => "Infoblox::Grid::KerberosKey", principal => ".*");
This section describes all the methods that you can used to configure and retrieve the attribute value of a KerberosKey object.
Use this method to retrieve the encryption type for the KerberosKey object. This is a read-only attribute.
None
The method returns the attribute value.
#Get enctype value my $enctype = $key->enctype();
Use this method to set or retrieve the domain of the KerberosKey object.
Include the specified parameter to set the attribute value. Omit the parameter to retrieve the attribute value.
Desired domain in string format with a maximum of 1023 bytes.
If you specified a parameter, the method returns true when the modification succeeds, and returns false when the operation fails.
If you did not specify a parameter, the method returns the attribute value.
#Get domain my $domain = $key->domain(); #Modify domain $key->domain("my-domain");
Use this method to retrieve the flag used to indicate whether the key has been assigned to a member. This is a read-only attribute.
None
The return value is "true" if KerberosKey object has been assigned to a member and "false" if it hasn't.
#Get in_use value my $in_use = $key->in_use();
Use this method to set or retrieve the principal string of the KerberosKey object.
Include the specified parameter to set the attribute value. Omit the parameter to retrieve the attribute value.
Desired principal in string format with a maximum of 1023 bytes.
If you specified a parameter, the method returns true when the modification succeeds, and returns false when the operation fails.
If you did not specify a parameter, the method returns the attribute value.
#Get principal my $string = $key->principal(); #Modify principal $key->principal("my-principal");
Use this method to set or retrieve the version number of the KerberosKey object.
Include the specified parameter to set the attribute value. Omit the parameter to retrieve the attribute value.
Enter an unsigned integer between 0 and 4294967295.
If you specified a parameter, the method returns true when the modification succeeds, and returns false when the operation fails.
If you did not specify a parameter, the method returns the attribute value.
#Get version my $version = $key->version(); #Modify version $key->version("5");
Use this method to retrieve the timestamp when the KerberosKey object was uploaded. This is a read-only attribute.
None
The return value is the date and time in the ISO 8601 extended format (e.g. 2008-10-21T10:56:33Z or 2008-10-21T10:56:33.001Z).
#Get upload_timestamp value my $upload_timestamp = $key->upload_timestamp();
The following sample code demonstrates different operations that can be applied to an object such as create, get, and remove an object. Also this sample code also includes error handling for the operations.
#PROGRAM STARTS: Include all the modules that will be used use strict; use Infoblox;
#Create a session to the Infoblox appliance my $session = Infoblox::Session->new( master => "192.168.1.2", username => "admin", password => "infoblox" ); unless ($session) { die("Construct session failed: ", Infoblox::status_code() . ":" . Infoblox::status_detail()); } print "Session created successfully\n";
#import kerberos key object
my $result = $session->import_data( type => "keytab", path => "/infoblox/tests/datasets/dnsone.keytab", service => 'dhcp', );
unless($result) { die("import kerberos key object failed: ", Infoblox::status_code() . ":" . Infoblox::status_detail()); } print "import kerberos key object successfully\n";
#retrieve kerberos key object
my @keys = $session->get( object => "Infoblox::Grid::KerberosKey", principal => 'host/appliance.ivan.test@LADYBUG.LOCAL', );
unless ($key) { die("Get KerberosKey object failed: ", $session->status_code() . ":" . $session->status_detail()); } print "Get KerberosKey object found at least 1 matching entry\n";
my $grid_dhcp = $session->get( object => 'Infoblox::Grid::DHCP', cluster => 'Infoblox', ); unless ($grid_dhcp) { die("Get Grid DHCP object failed: ", $session->status_code() . ":" . $session->status_detail()); }
$grid_dhcp->gss_tsig_keys([$key]); $grid_dhcp->kdc_server('test.com');
#Applying the changes to appliance through session. $session->modify($grid_dhcp) or die("modify Grid DHCP properties failed:" , $session->status_code(), $session->status_detail()); print "Grid DHCP properties modified successfully for assigning KerberosKey object\n";
#Removing an KerberosKey object
# remove the reference to kerberos key $grid_dhcp->gss_tsig_keys(undef); $grid_dhcp->kdc_server(undef);
#Applying the changes to appliance through session. $session->modify($grid_dhcp) or die("modify Grid DHCP properties failed:" , $session->status_code(), $session->status_detail()); print "Grid DHCP properties modified successfully for unassigning KerberosKey object\n";
$session->remove(object => 'Infoblox::Grid::KerberosKey', principal => 'host/appliance.ivan.test@LADYBUG.LOCAL') or die("remove KerberosKey object failed:" , $session->status_code(), $session->status_detail()); print "remove KerberosKey object successfully\n";
####PROGRAM ENDS####
Infoblox Inc. http://www.infoblox.com/
Infoblox::Session, Infoblox::Grid::DNS, Infoblox::Grid::DHCP, Infoblox::Grid::Member::DNS, Infoblox::Grid::Member::DHCP, Infoblox::Grid::DNS->gss_tsig_keys(), Infoblox::Grid::DHCP->gss_tsig_keys(), Infoblox::Grid::Member::DNS->gss_tsig_keys(), Infoblox::Grid::Member::DHCP->gss_tsig_keys(), Infoblox::Session->get(), Infoblox::Session->modify(),Infoblox::Session->remove()
Copyright (c) 2017 Infoblox Inc.