Register Sign in Need help? FAQ SailPoint directory
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Interactive application: Expect usage

Interactive application: Expect usage

 

Abstract

Sometimes while we deal with interactive systems, we may not be able to set the password via stdin method.

Such as HP-UX, there is a possible workaround that may solve this problem: using "Expect".

 

Implementation steps

Step one: Create a custom script

#!/usr/bin/expect

# Usage: /opt/custom/bin/chpasswd -p <password> <userid>

 

set arglen [llength $argv]

set index 0

while {$index < $arglen} {

    set arg [lindex $argv $index]

    switch -exact $arg {

        -p {

            set args($arg) [lindex $argv [incr index]]

        }

        default  {

            set filename [lindex $argv $index]

        }

    }

    incr index

}

 

set user [lindex $argv 2]

 

if {[info exists args(-p)]} {

   puts "-p switch set with arg $args(-p)"

   set password $args(-p)

}

 

spawn passwd $user

set password $password

expect "New password:"

send "$password\n"

expect "Retype new password:"

send "$password\n"

expect eof

 

Unlike bash, Except uses Tcl Commands,

    1.    The while loop will read all the parameter specified as target flags, you can customize your script flags, here we set a flag as -p indicates pass password
    2.    Store userid in to $user variable
    3.    spawn:  open a new process for passwd $user
    4.    expect:  waiting for the previous spawn to output "expected" string
    5.    send:  write to spawn process via stdin

 

Step two: Configure application

Please reference the step below.

 

Step three: Test

After setting, let's try to do provisioning, we may found out that is will execute as follow in side the debug:

 

<TSUDO /opt/custom/bin/chpasswd -p "Passwr0d" uat_test_01

-p switch set with arg Passwr0d

spawn passwd uat_test_01

Changing password for user uat_test_01.

New password:

Retype new password:

passwd: all authentication tokens updated successfully.

SAILPOINT>sudo -p %SAILPOINTSUDO echo $?

0

 

Update

Using Expect might be powerful and can be customized for your need, also it provide a workaround, however, the endpoint need to be install and support Expect, so it does have some other concerns.

 

Regarding set password for interactive application, we can simply add the follow entry to the application xml:

<entry key="interactiveSetPassword" value="true" />

And configure related PasswordPrompts correlate to your system passwd output.

This will execute in the SAILPOINT Prompt instead of stdin by setPassword()

 

- Last Updated 12/16/2016

 

If there is any wrong info, please indicate my false, thanks.

 

- Mike

Labels (1)
Labels:
0 Kudos
Version history
Revision #:
2 of 2
Last update:
‎Mar 15, 2023 09:19 PM
Updated by:
Community Administrator
 
View Article History
Contributors