You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The result of changing the user "admin" password hash ends with error:**
fatal: [192.168.233.51]: FAILED! => {"changed": false, "msg": "Checkpoint device returned error 400 with message {'code': 'err_validation_failed', 'errors': 'Cannot change this attribute of user admin', 'msg': 'Validation Error'}"}
This is the task failing:
collections:
- check_point.gaia
tasks:
- name: Set password for the admin user
cp_gaia_user:
name: admin
password_hash: '$6$OgI.RZCV3v8fzV31$1lUh7jWPnZ7Kgig.8GiLcB3aVvQKZBSoarUCIRDNMwUHonNvSnAT4XV3UT4x2ZifMuMGLWGay6T7STn4TcTKD0'
# set password to vpn123
register: updated_admin_user
This is from /var/log/gaia_api_server.log when using ansible moduled cp_gaia_user
12/12/24 09:43:46: MainThread: server_util.udsListener: INFO: remote_addr IP = 192.168.233.200
12/12/24 09:43:46: MainThread: infra.urlGeneratorIS: INFO: Handle request: <class 'requests.users.SetUserV18'>
12/12/24 09:43:46: MainThread: infra.urlGeneratorIS: INFO: Execute validators
12/12/24 09:43:46: MainThread: infra.urlGeneratorIS: INFO: Verify permissions
12/12/24 09:43:46: MainThread: infra.pipeline: INFO: Execute commit function for class <class 'requests.users.SetUserV18'>
12/12/24 09:43:46: MainThread: requests.users: ERROR: Cannot change this attribute of user admin
12/12/24 09:43:46: MainThread: infra.pipeline: ERROR: Failed to handle request, reason: 'Cannot change this attribute of user admin'
12/12/24 09:43:46: MainThread: infra.pipeline: ERROR: Cannot change this attribute of user admin
Traceback (most recent call last):
File "/rest_api/ckp/infra/urlGeneratorIS.py", line 67, in actor
res = execute(inst, requestData)
^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/rest_api/ckp/infra/pipeline.py", line 214, in execute
res = doCommit(inst, inst.CommitHandler, requestData)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/rest_api/ckp/infra/pipeline.py", line 175, in doCommit
res, buf = method(requestData)
^^^^^^^^^^^^^^^^^^^
File "/rest_api/ckp/requests/users.py", line 829, in commit
SetUser.commit(self, data)
File "/rest_api/ckp/requests/users.py", line 672, in commit
raise ValidationException("Cannot change this attribute of user admin")
genericException.ValidationException: Cannot change this attribute of user admin
12/12/24 09:43:46: MainThread: server_util.udsListener: INFO: Request for endpoint /set-user [method: POST], for source 192.168.233.200, FAILED [duration 136ms]
Doing the same task with user named "test" works fine:
collections:
- check_point.gaia
tasks:
- name: Set password for the admin user
cp_gaia_user:
name: test
password_hash: '$6$OgI.RZCV3v8fzV31$1lUh7jWPnZ7Kgig.8GiLcB3aVvQKZBSoarUCIRDNMwUHonNvSnAT4XV3UT4x2ZifMuMGLWGay6T7STn4TcTKD0'
# set password to vpn123
register: updated_admin_user
TASK [Set password for the test user] **********************************************************************************************************************************************************************************************************************
changed: [192.168.233.51]
This is the result from /var/log/gaia_api_server.log when using the same task with user named "test"
12/12/24 10:42:30: MainThread: server_util.udsListener: INFO: remote_addr IP = 192.168.233.200
12/12/24 10:42:30: MainThread: infra.urlGeneratorIS: INFO: Handle request: <class 'requests.users.SetUserV18'>
12/12/24 10:42:30: MainThread: infra.urlGeneratorIS: INFO: Execute validators
12/12/24 10:42:30: MainThread: infra.urlGeneratorIS: INFO: Verify permissions
12/12/24 10:42:30: MainThread: infra.pipeline: INFO: Execute commit function for class <class 'requests.users.SetUserV18'>
12/12/24 10:42:31: MainThread: infra.pipeline: INFO: Handling output
12/12/24 10:42:31: MainThread: objects.users: INFO: Collecting users data from the system
12/12/24 10:42:31: MainThread: objects.users: INFO: Processing users data from the system
12/12/24 10:42:32: MainThread: objects.users: INFO: Information collected and processed successfully
12/12/24 10:42:32: MainThread: objects.users: INFO: Collecting users data from the system
12/12/24 10:42:32: MainThread: objects.users: INFO: Processing users data from the system
12/12/24 10:42:33: MainThread: objects.users: INFO: Information collected and processed successfully
12/12/24 10:42:33: MainThread: server_util.udsListener: INFO: Request for endpoint /set-user [method: POST], for source 192.168.233.200, SUCCEEDED [duration 2925ms]
Doing the same with mgmt._cli and set-user for user "admin" works fine:**
[Expert@rugg-sm:0]# mgmt_cli -m 192.168.233.51 set user name 'admin' password-hash '$6$OgI.RZCV3v8fzV31$1lUh7jWPnZ7Kgig.8GiLcB3aVvQKZBSoarUCIRDNMwUHonNvSnAT4XV3UT4x2ZifMuMGLWGay6T7STn4TcTKD0' --context gaia_api
Username: admin
Password:
[Expert@rugg-sm:0]#
This is from /var/log/gaia_api_server.log when using mgmt._cli set-user
12/12/24 09:40:09: MainThread: server_util.udsListener: INFO: remote_addr IP = 192.168.233.40
12/12/24 09:40:09: MainThread: infra.urlGeneratorIS: INFO: Handle request: <class 'requests.users.SetUserV18'>
12/12/24 09:40:09: MainThread: infra.urlGeneratorIS: INFO: Execute validators
12/12/24 09:40:09: MainThread: infra.urlGeneratorIS: INFO: Verify permissions
12/12/24 09:40:09: MainThread: infra.pipeline: INFO: Execute commit function for class <class 'requests.users.SetUserV18'>
12/12/24 09:40:10: MainThread: infra.pipeline: INFO: Handling output
12/12/24 09:40:10: MainThread: objects.users: INFO: Collecting users data from the system
12/12/24 09:40:10: MainThread: objects.users: INFO: Processing users data from the system
12/12/24 09:40:11: MainThread: objects.users: INFO: Information collected and processed successfully
12/12/24 09:40:11: MainThread: objects.users: INFO: Collecting users data from the system
12/12/24 09:40:11: MainThread: objects.users: INFO: Processing users data from the system
12/12/24 09:40:12: MainThread: objects.users: INFO: Information collected and processed successfully
12/12/24 09:40:12: MainThread: server_util.udsListener: INFO: Request for endpoint /set-user [method: POST], for source 192.168.233.40, SUCCEEDED [duration 2741ms]
12/12/24 09:40:12: MainThread: server_util.udsListener: INFO: url:http://192.168.233.51/set-user return response in text/plain format
The text was updated successfully, but these errors were encountered:
There is a bug in the ansible module: cp_gaia_user
Reproducible with the following playbook: cp_gaia_user.yml
The result of changing the user "admin" password hash ends with error:**
fatal: [192.168.233.51]: FAILED! => {"changed": false, "msg": "Checkpoint device returned error 400 with message {'code': 'err_validation_failed', 'errors': 'Cannot change this attribute of user admin', 'msg': 'Validation Error'}"}
This is the task failing:
This is from /var/log/gaia_api_server.log when using ansible moduled cp_gaia_user
12/12/24 09:43:46: MainThread: server_util.udsListener: INFO: remote_addr IP = 192.168.233.200
12/12/24 09:43:46: MainThread: infra.urlGeneratorIS: INFO: Handle request: <class 'requests.users.SetUserV18'>
12/12/24 09:43:46: MainThread: infra.urlGeneratorIS: INFO: Execute validators
12/12/24 09:43:46: MainThread: infra.urlGeneratorIS: INFO: Verify permissions
12/12/24 09:43:46: MainThread: infra.pipeline: INFO: Execute commit function for class <class 'requests.users.SetUserV18'>
12/12/24 09:43:46: MainThread: requests.users: ERROR: Cannot change this attribute of user admin
12/12/24 09:43:46: MainThread: infra.pipeline: ERROR: Failed to handle request, reason: 'Cannot change this attribute of user admin'
12/12/24 09:43:46: MainThread: infra.pipeline: ERROR: Cannot change this attribute of user admin
Traceback (most recent call last):
File "/rest_api/ckp/infra/urlGeneratorIS.py", line 67, in actor
res = execute(inst, requestData)
^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/rest_api/ckp/infra/pipeline.py", line 214, in execute
res = doCommit(inst, inst.CommitHandler, requestData)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/rest_api/ckp/infra/pipeline.py", line 175, in doCommit
res, buf = method(requestData)
^^^^^^^^^^^^^^^^^^^
File "/rest_api/ckp/requests/users.py", line 829, in commit
SetUser.commit(self, data)
File "/rest_api/ckp/requests/users.py", line 672, in commit
raise ValidationException("Cannot change this attribute of user admin")
genericException.ValidationException: Cannot change this attribute of user admin
12/12/24 09:43:46: MainThread: server_util.udsListener: INFO: Request for endpoint /set-user [method: POST], for source 192.168.233.200, FAILED [duration 136ms]
Doing the same task with user named "test" works fine:
TASK [Set password for the test user] **********************************************************************************************************************************************************************************************************************
changed: [192.168.233.51]
This is the result from /var/log/gaia_api_server.log when using the same task with user named "test"
12/12/24 10:42:30: MainThread: server_util.udsListener: INFO: remote_addr IP = 192.168.233.200
12/12/24 10:42:30: MainThread: infra.urlGeneratorIS: INFO: Handle request: <class 'requests.users.SetUserV18'>
12/12/24 10:42:30: MainThread: infra.urlGeneratorIS: INFO: Execute validators
12/12/24 10:42:30: MainThread: infra.urlGeneratorIS: INFO: Verify permissions
12/12/24 10:42:30: MainThread: infra.pipeline: INFO: Execute commit function for class <class 'requests.users.SetUserV18'>
12/12/24 10:42:31: MainThread: infra.pipeline: INFO: Handling output
12/12/24 10:42:31: MainThread: objects.users: INFO: Collecting users data from the system
12/12/24 10:42:31: MainThread: objects.users: INFO: Processing users data from the system
12/12/24 10:42:32: MainThread: objects.users: INFO: Information collected and processed successfully
12/12/24 10:42:32: MainThread: objects.users: INFO: Collecting users data from the system
12/12/24 10:42:32: MainThread: objects.users: INFO: Processing users data from the system
12/12/24 10:42:33: MainThread: objects.users: INFO: Information collected and processed successfully
12/12/24 10:42:33: MainThread: server_util.udsListener: INFO: Request for endpoint /set-user [method: POST], for source 192.168.233.200, SUCCEEDED [duration 2925ms]
Doing the same with mgmt._cli and set-user for user "admin" works fine:**
This is from /var/log/gaia_api_server.log when using mgmt._cli set-user
12/12/24 09:40:09: MainThread: server_util.udsListener: INFO: remote_addr IP = 192.168.233.40
12/12/24 09:40:09: MainThread: infra.urlGeneratorIS: INFO: Handle request: <class 'requests.users.SetUserV18'>
12/12/24 09:40:09: MainThread: infra.urlGeneratorIS: INFO: Execute validators
12/12/24 09:40:09: MainThread: infra.urlGeneratorIS: INFO: Verify permissions
12/12/24 09:40:09: MainThread: infra.pipeline: INFO: Execute commit function for class <class 'requests.users.SetUserV18'>
12/12/24 09:40:10: MainThread: infra.pipeline: INFO: Handling output
12/12/24 09:40:10: MainThread: objects.users: INFO: Collecting users data from the system
12/12/24 09:40:10: MainThread: objects.users: INFO: Processing users data from the system
12/12/24 09:40:11: MainThread: objects.users: INFO: Information collected and processed successfully
12/12/24 09:40:11: MainThread: objects.users: INFO: Collecting users data from the system
12/12/24 09:40:11: MainThread: objects.users: INFO: Processing users data from the system
12/12/24 09:40:12: MainThread: objects.users: INFO: Information collected and processed successfully
12/12/24 09:40:12: MainThread: server_util.udsListener: INFO: Request for endpoint /set-user [method: POST], for source 192.168.233.40, SUCCEEDED [duration 2741ms]
12/12/24 09:40:12: MainThread: server_util.udsListener: INFO: url:http://192.168.233.51/set-user return response in text/plain format
The text was updated successfully, but these errors were encountered: