Skip to content

nertwork/change-acs-password

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

ACS Password change

This project is a simple implementation to change a users password on the CiscoACS server, it is built using python2 and will give you a neat and simple web form for your users to change their passwords.

I’ve only tested this with ACS 5.6 and python 2.7 but it may work with other version of the ACS and python2.

It’s built with Bottle, a WSGI micro web-framework for Python. It’s built with SOAPpy, a Simple to use SOAP library for Python.

Requirements

Valid SSL on your ACS and certificate chain on the server running this script

You must also enable the UCP service:

acs config-web-interface ucp enable

Or you can use this guide: EnablingUCP

Installation

Clone this repository and install dependencies:

git clone [email protected]:nertwork/change-acs-password.git
cd change-password
pip install -r requirements.txt

Configuration

Configuration is read from the file settings.ini. You may change location of the settings file using the environment variable CONF_FILE.

Run it

There are multiple ways how to run it:

  • with the built-in default WSGI server based on wsgiref,

  • under a {wikip}/Web_Server_Gateway_Interface[WSGI] server like uWSGI, Gunicorn, {pypi}/mod_wsgi[mod_wsgi], … (recommended)

  • as a {wikip}/Common_Gateway_Interface[CGI] script.

Run with the built-in server

Simply execute the acs-cp.py:

python acs-cp.py

Then you can access the app on http://localhost:8080. The port and host may be changed in settings.ini.

Run with uWSGI and nginx

If you have many micro-apps like this, or you just want to have a simpler NGINX configuration you would want to use uWSGI and nginx. It’s not so well known, but uWSGI allows to “mount” multiple application in a single uWSGI process and with a single socket.

Sample uWSGI configuration:
[uwsgi]
process = 4
plugins = python
wsgi-file = /usr/share/nginx/www/change-acs-password/acs-cp.py
uid = www-data
gid = www-data
Sample nginx configuration as a reverse proxy in front of uWSGI:
server {
    listen 443 ssl;
    server_name example.org;

    ssl_certificate     /etc/ssl/nginx/nginx.crt;
    ssl_certificate_key /etc/ssl/nginx/nginx.key;

    # uWSGI scripts
    location / {
      uwsgi_pass  unix:/run/uwsgi/app/acs-cp/socket;
      include     uwsgi_params;
    }
}

Screenshot

screenshot

Thanks

A special thanks to this project on LDAP password changes for the inspiration jirutka/change-password!

Contributing

  1. Fork it.

  2. Create your feature branch (git checkout -b my-new-feature).

  3. Commit your changes (git commit -am 'Add some feature').

  4. Push to the branch (git push origin my-new-feature).

  5. Create a new Pull Request.

License

This project is licensed under MIT License. For the full text of the license, see the LICENSE file.

About

For the Cisco ACS Appliance

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published