cisco.ise.selfregportal module – Resource module for Selfregportal
Note
This module is part of the cisco.ise collection (version 3.0.0).
To install it, use: ansible-galaxy collection install cisco.ise.
You need further requirements to be able to use this module,
see Requirements for details.
To use it in a playbook, specify: cisco.ise.selfregportal.
New in cisco.ise 1.0.0
Synopsis
Manage operation create of the resource Selfregportal.
Note
This module has a corresponding action plugin.
Requirements
The below requirements are needed on the host that executes this module.
ciscoisesdk >= 2.0.1
python >= 3.5
Parameters
Parameter |
Comments |
|---|---|
Selfregportal’s customizations. |
|
Selfregportal’s globalCustomizations. |
|
Selfregportal’s backgroundImage. |
|
Represented as base 64 encoded string of the image byte array. |
|
Selfregportal’s bannerImage. |
|
Represented as base 64 encoded string of the image byte array. |
|
Selfregportal’s bannerTitle. |
|
Selfregportal’s contactText. |
|
Selfregportal’s footerElement. |
|
Selfregportal’s mobileLogoImage. |
|
Represented as base 64 encoded string of the image byte array. |
|
This property is supported only for Read operation and it allows to show the customizations in English. Other languages are not supported. |
|
Selfregportal’s pageCustomizations. |
|
The Dictionary will be exposed here as key value pair. |
|
Selfregportal’s portalTheme. |
|
The unique internal identifier of the portal theme. |
|
The system- or user-assigned name of the portal theme. |
|
A CSS file, represented as a Base64-encoded byte array. |
|
Selfregportal’s portalTweakSettings. |
|
Selfregportal’s banneColor. |
|
Selfregportal’s bannerTextColor. |
|
Selfregportal’s pageBackgroundColor. |
|
Selfregportal’s pageLabelAndTextColor. |
|
Description. |
|
Id. |
|
Flag for Identity Services Engine SDK to enable debugging. Choices: |
|
The Identity Services Engine hostname. |
|
The Identity Services Engine password to authenticate. |
|
Timeout (in seconds) for RESTful HTTP requests. Default: :ansible-option-default:`60` |
|
The Identity Services Engine username to authenticate. |
|
Flag that informs the SDK whether to use the Identity Services Engine’s API Gateway to send requests. If it is true, it uses the ISE’s API Gateway and sends requests to https://{{ise_hostname}}. If it is false, it sends the requests to https://{{ise_hostname}}:{{port}}, where the port value depends on the Service used (ERS, Mnt, UI, PxGrid). Choices: |
|
Flag that informs the SDK whether we send the CSRF token to ISE’s ERS APIs. If it is True, the SDK assumes that your ISE CSRF Check is enabled. If it is True, it assumes you need the SDK to manage the CSRF token automatically for you. Choices: |
|
Flag to enable or disable SSL certificate verification. Choices: |
|
Informs the SDK which version of Identity Services Engine to use. |
|
Flag for Identity Services Engine SDK to enable automatic rate-limit handling. Choices: |
|
Name. |
|
URL to bring up a test page for this portal. |
|
Allowed values byod, hotspotGuest, mydevice, selfRegGuest, sponsor and sponsoredGuest. |
|
Selfregportal’s settings. |
|
Selfregportal’s aupSettings. |
|
How the AUP should be displayed, either on page or as a link. Only valid if includeAup = true. Allowed Values firstLogin, everyLogin and recurring. |
|
Number of days between AUP confirmations (when displayFrequency = recurring). |
|
Require the portal user to read and accept an AUP. Choices: |
|
Require the portal user to scroll to the end of the AUP. Only valid if requireAupAcceptance = true. Choices: |
|
Only valid if requireAupAcceptance = true. Choices: |
|
Only valid if requireAupAcceptance = true. Choices: |
|
Selfregportal’s authSuccessSettings. |
|
Target URL for redirection, used when successRedirect = url. |
|
After an Authentication Success where should user be redirected. Allowed Values authSuccessPage, originatingURL and url. |
|
Selfregportal’s byodSettings. |
|
Selfregportal’s byodRegistrationSettings. |
|
TIdentity group id for which endpoint belongs. |
|
Display Device ID field during registration. Choices: |
|
Selfregportal’s byodRegistrationSuccessSettings. |
|
Target URL for redirection, used when successRedirect = url. |
|
After an Authentication Success where should device be redirected, allowedValues authSuccessPage, originatingURL and url. |
|
Selfregportal’s byodWelcomeSettings. |
|
How the AUP should be displayed, either on page or as a link. Only valid if includeAup = true. AllowedValues onPage, asLink. |
|
EnableBYOD flag. Choices: |
|
EnableGuestAccess flag. Choices: |
|
IncludeAup flag. Choices: |
|
RequireAupAcceptance flag. Choices: |
|
RequireMDM flag. Choices: |
|
Require BYOD devices to scroll down to the bottom of the AUP, Only valid if includeAup = true. Choices: |
|
Selfregportal’s guestChangePasswordSettings. |
|
Allow guest to change their own passwords. Choices: |
|
Selfregportal’s guestDeviceRegistrationSettings. |
|
Allow guests to register devices. Choices: |
|
Automatically register guest devices. Choices: |
|
Selfregportal’s loginPageSettings. |
|
Access code that must be entered by the portal user (only valid if requireAccessCode = true). |
|
AllowAlternateGuestPortal flag. Choices: |
|
Require the portal user to enter an access code. Choices: |
|
AllowGuestToCreateAccounts flag. Choices: |
|
Selfregportal’s alternateGuestPortal. |
|
How the AUP should be displayed, either on page or as a link. Only valid if includeAup = true. Allowed Values onPage and asLink. |
|
Include an Acceptable Use Policy (AUP) that should be displayed during login. Choices: |
|
Maximum failed login attempts before rate limiting. |
|
Require the portal user to enter an access code. Choices: |
|
Require the portal user to accept the AUP. Only valid if includeAup = true. Choices: |
|
Time between login attempts when rate limiting. |
|
Selfregportal’s portalSettings. |
|
Interfaces that the portal will be reachable on. Allowed values eth0, eth1, eth2, eth3, eth4, eth5, bond0, bond1 and bond2. |
|
Used when displayLang = alwaysUse. |
|
Unique Id of a guest type. Employees using this portal as a guest inherit login options from the guest type. |
|
Unique Id of the identity source sequence . |
|
Logical name of the x.509 server certificate that will be used for the portal. |
|
Allowed values useBrowserLocale and alwaysUse. |
|
Used when displayLang = useBrowserLocale. |
|
The port number that the allowed interfaces will listen on. Range from 8000 to 8999. |
|
Selfregportal’s postLoginBannerSettings. |
|
Include a Post-Login Banner page. Choices: |
|
Selfregportal’s selfRegPageSettings. |
|
Self-registered guest account is valid for this many account_validity_time_units. |
|
Time units for account_validity_duration. Allowed Values days, hours and minutes. |
|
Only valid if requireGuestApproval = true and sendApprovalRequestTo = selectedEmailAddresses. |
|
This attribute, along with approveDenyLinksValidFor, specifies how long the link can be used. Only valid if requireGuestApproval = true. Allowed Values days, hours and minutes. |
|
This attribute, along with approveDenyLinksTimeUnits, specifies how long the link can be used. Only valid if requireGuestApproval = true. |
|
Guests are assigned to this guest type. |
|
How the AUP should be displayed, either on page or as a link. Only valid if includeAup = true. Allowed Values onPage and asLink. |
|
Allow guests to login automatically from self-registration after sponsor’s approval. No need to provide the credentials by guest to login. Choices: |
|
Waiting period for auto login until sponsor’s approval. If time exceeds, guest has to login manually by providing the credentials. Default value is 5 minutes. |
|
If true, send credential notification upon approval using email. Only valid if requireGuestApproval = true. Choices: |
|
If true, send credential notification upon approval using SMS. Only valid if requireGuestApproval = true. Choices: |
|
Allow guests with an e-mail address from selected domains. Choices: |
|
Disallow guests with an e-mail address from selected domains. Choices: |
|
Selfregportal’s fieldCompany. |
|
Only applicable if include = true. Choices: |
|
Selfregportal’s fieldEmailAddr. |
|
Only applicable if include = true. Choices: |
|
Selfregportal’s fieldFirstName. |
|
Only applicable if include = true. Choices: |
|
Selfregportal’s fieldLastName. |
|
Only applicable if include = true. Choices: |
|
Selfregportal’s fieldLocation. |
|
Only applicable if include = true. Choices: |
|
Selfregportal’s fieldPersonBeingVisited. |
|
Only applicable if include = true. Choices: |
|
Selfregportal’s fieldPhoneNo. |
|
Only applicable if include = true. Choices: |
|
Selfregportal’s fieldReasonForVisit. |
|
Only applicable if include = true. Choices: |
|
Selfregportal’s fieldSMSProvider. |
|
Only applicable if include = true. Choices: |
|
Selfregportal’s fieldUserName. |
|
Only applicable if include = true. Choices: |
|
Self-registered guests whose e-mail address is in one of these domains will be allowed. Only valid if enableGuestEmailWhitelist = true. |
|
Self-registered guests whose e-mail address is in one of these domains will be disallowed. Only valid if enableGuestEmailBlacklist = true. |
|
Include an Acceptable Use Policy (AUP) that should be displayed during login. Choices: |
|
After the registration submission direct the guest user to one of the following pages. Only valid if requireGuestApproval = true. Allowed Values selfRegistrationSuccess, loginPageWithInstructions and url. |
|
URL where guest user is redirected after registration. Only valid if requireGuestApproval = true and postRegistrationRedirect = url. |
|
The registration code that the guest user must enter. |
|
When self-registered guests require approval, an approval request is e-mailed to one or more sponsor users. If the ISE Administrator chooses to include an approval link in the e-mail, a sponsor user who clicks the link will be required to enter their username and password if this attribute is true. Only valid if requireGuestApproval = true. Choices: |
|
Require the portal user to accept the AUP. Only valid if includeAup = true. Choices: |
|
Require self-registered guests to be approved if true. Choices: |
|
Self-registered guests are required to enter a registration code. Choices: |
|
Guests can choose from these locations to set their time zone. |
|
This attribute is an array of SMS provider names. |
|
Specifies where approval requests are sent. Only valid if requireGuestApproval = true. Allowed Values selectedEmailAddresses and personBeingVisited. |
|
When self-registered guests require approval, an approval request is e-mailed to one or more sponsor users. If the ISE Administrator chooses to include an approval link in the e-mail, a sponsor user who clicks the link will be authenticated against the selected sponsor portals in the order specified. Only valid if requireGuestApproval = true. The array should contain the names of the selected portals. |
|
Selfregportal’s selfRegSuccessSettings. |
|
AllowGuestLoginFromSelfregSuccessPage flag. Choices: |
|
AllowGuestSendSelfUsingEmail flag. Choices: |
|
AllowGuestSendSelfUsingPrint flag. Choices: |
|
AllowGuestSendSelfUsingSMS flag. Choices: |
|
IncludeAup flag. Choices: |
|
IncludeCompany flag. Choices: |
|
IncludeEmailAddr flag. Choices: |
|
IncludeFirstName flag. Choices: |
|
IncludeLastName flag. Choices: |
|
IncludeLocation flag. Choices: |
|
IncludePassword flag. Choices: |
|
IncludePersonBeingVisited flag. Choices: |
|
IncludePhoneNo flag. Choices: |
|
IncludeReasonForVisit flag. Choices: |
|
IncludeSMSProvider flag. Choices: |
|
IncludeUserName flag. Choices: |
|
RequireAupAcceptance flag. Choices: |
|
RequireAupScrolling flag. Choices: |
|
Selfregportal’s supportInfoSettings. |
|
The default value displayed for an empty field Only valid when emptyFieldDisplay = displayWithDefaultValue. |
|
Specifies how empty fields are handled on the Support Information Page. AllowedValues hide, displayWithNoValue and displayWithDefaultValue. |
|
IncludeBrowserUserAgent flag. Choices: |
|
IncludeFailureCode flag. Choices: |
|
IncludeIpAddress flag. Choices: |
|
IncludeMacAddr flag. Choices: |
|
IncludePolicyServer flag. Choices: |
|
IncludeSupportInfoPage flag. Choices: |
Notes
Note
SDK Method used are selfregportal.Selfregportal.create_selfregportal,
Paths used are post /selfregportal/,
Does not support
check_modeThe plugin runs on the control node and does not use any ansible connection plugins, but instead the embedded connection manager from Cisco ISE SDK
The parameters starting with ise_ are used by the Cisco ISE Python SDK to establish the connection
Examples
---
- name: Create
cisco.ise.selfregportal:
ise_hostname: "{{ise_hostname}}"
ise_username: "{{ise_username}}"
ise_password: "{{ise_password}}"
ise_verify: "{{ise_verify}}"
state: present
customizations:
globalCustomizations:
bannerImage:
data: base 64 encoded value of image
bannerTitle: Banner Title
contactText: 'Contact Information '
desktopLogoImage:
data: base 64 encoded value of image
footerElement: Footer Element
mobileLogoImage:
data: base 64 encoded value of image
language:
viewLanguage: English
pageCustomizations:
data:
- key: ui_contact_link
value: Contact Support
portalTheme:
id: themeId
name: ThemeName
themeData: Base 64 encoded string of Theme CSS file
portalTweakSettings:
bannerColor: Banner Color from GUI
bannerTextColor: Banner Text color code from GUI
pageBackgroundColor: Color code from GUI
pageLabelAndTextColor: Label and Text color from GUI
description: description
id: f75760e7-a4f9-40ef-93bb-88a97e9fb171
name: name
portalType: SELFREGGUEST
settings:
aupSettings:
displayFrequency: FIRSTLOGIN
includeAup: false
requireAccessCode: false
requireScrolling: true
skipAupForEmployees: true
useDiffAupForEmployees: false
authSuccessSettings:
redirectUrl: www.cisco.com
successRedirect: AUTHSUCCESSPAGE
guestChangePasswordSettings:
allowChangePasswdAtFirstLogin: false
guestDeviceRegistrationSettings:
allowGuestsToRegisterDevices: true
autoRegisterGuestDevices: false
loginPageSettings:
accessCode: Access Code
allowAlternateGuestPortal: false
allowForgotPassword: false
allowGuestToChangePassword: false
allowGuestToCreateAccounts: false
allowGuestToUseSocialAccounts: false
allowShowGuestForm: false
aupDisplay: ASLINK
includeAup: false
maxFailedAttemptsBeforeRateLimit: 5
requireAccessCode: false
requireAupAcceptance: false
requireAupScrolling: false
socialConfigs: []
timeBetweenLoginsDuringRateLimit: 2
portalSettings:
allowedInterfaces:
- eth0
- bond0
alwaysUsedLanguage: English
assignedGuestTypeForEmployee: Guest Type configured
authenticationMethod: Identity Sequence
availableSsids: []
certificateGroupTag: Default Portal Certificate Group
displayLang: USEBROWSERLOCALE
endpointIdentityGroup: f14227b0-6e5c-11e6-8f6a-005056873bd0
fallbackLanguage: English
httpsPort: 8443
postLoginBannerSettings:
includePostAccessBanner: true
selfRegPageSettings:
accountValidityDuration: 1
accountValidityTimeUnits: DAYS
allowGraceAccess: false
approveDenyLinksTimeUnits: DAYS
assignGuestsToGuestType: Guest Type
aupDisplay: ASLINK
authenticateSponsorsUsingPortalList: false
autoLoginSelfWait: false
autoLoginTimePeriod: 1
credentialNotificationUsingEmail: false
credentialNotificationUsingSms: false
enableGuestEmailBlacklist: false
enableGuestEmailWhitelist: false
fieldCompany:
include: true
require: false
fieldEmailAddr:
include: true
require: false
fieldFirstName:
include: true
require: false
fieldLastName:
include: true
require: false
fieldLocation:
include: true
require: false
fieldPhoneNo:
include: true
require: false
fieldReasonForVisit:
include: true
require: false
fieldSmsProvider:
include: true
require: false
fieldUserName:
include: true
require: false
graceAccessExpireInterval: 10
graceAccessSendAccountExpiration: false
guestEmailBlacklistDomains:
- test1@cisco.com
guestEmailWhitelistDomains:
- test@cisco.com
includeAup: false
postRegistrationRedirect: SELFREGISTRATIONSUCCESS
registrationCode: Registration Code
requireAupAcceptance: false
requireGuestApproval: false
requireRegistrationCode: false
selectableLocations:
- location1
- location2
selectableSmsProviders:
- Sms1
sendApprovalRequestTo: SELECTEDEMAILADDRESSES
sponsorPortalList: []
selfRegSuccessSettings:
allowGuestLoginFromSelfregSuccessPage: true
allowGuestSendSelfUsingEmail: true
allowGuestSendSelfUsingPrint: true
allowGuestSendSelfUsingSms: true
aupOnPage: false
includeAup: false
includeCompany: true
includeEmailAddr: true
includeFirstName: true
includeLastName: true
includeLocation: true
includePassword: true
includePersonBeingVisited: true
includePhoneNo: true
includeReasonForVisit: true
includeSmsProvider: true
includeUserName: true
requireAupAcceptance: false
requireAupScrolling: false
supportInfoSettings:
emptyFieldDisplay: HIDE
includeBrowserUserAgent: true
includeFailureCode: true
includeIpAddress: true
includeMacAddr: true
includePolicyServer: true
includeSupportInfoPage: false
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key |
Description |
|---|---|
A dictionary or list with the response returned by the Cisco ISE Python SDK Returned: always |