Delete user account on multiple Brocade SAN switches

I work in a SAN environment where we manage about 110+ SAN switches of both Brocade and Cisco models. Due to lucrative market we end up having attrition in the team which leads to clean-up of their user accounts as per security standards or policies. I did not mention how we create a new user’s account when they join our team. I’ll share that script sometime later (so keep browsing my blog…),Thanks to Perl script which takes care of it. Using that Perl script we can create multiple user accounts on multiple switches at one go 🙂

Let’s discuss about deleting an user account which took 6+ productive hours to come up with deletion script !!

user_remove

Since I’m a die-hard fan of Perl, I wanted to do this using Perl but for some reason, Net::SSH2::Expect module did not gel very well with Window$. Brocade CLI expects user to type “YES” for user delete confirmation. So, I had to learn and equip the old is gold “Expect” programming language… After few hours of trial and errors, I’ve finally succeeded with the script to delete user on multiple switches at one go 😀

Here is the script “expect.sh”

#! /bin/expect
set timeout 20
set user [lindex $argv 0]
set password [lindex $argv 1]
set prompt “(%|#|\\$|%\]) $”
;# — main activity
proc dostuff { currentswitch} {

;# do something with currentswitch

send — “userconfig –delete vinay\r”
return
}
set fd [open ./swlist.txt r]
set sws [read -nonewline $fd]
close $fd
foreach sw [split $sws”\n” ] {
spawn /usr/bin/ssh $user@$sw
while (1) {
expect {
“no)? ” {
send — “yes\r”
}
“password: ” {
send — “$password\r”
}
“>” {
send — “userconfig –delete vinay\ryes\r”
break
}
}
}
expect “>”
send — “exit\r”
}
expect eof

I know, hold your breath… Let me try to decode this for you and how to do copy-paste and use this in your setup.

PFB list of things to have, before we run this on management server

1. cygwin – Install cygwin

2. Expect – A good blog on howto install cygwin, Expect and ssh

3. swtlist.txt – A file having IP addresses of SAN switches

Now, copy both expect.sh and swlist.txt to a path e.g. /home/vinay/ [Under C:\ drive look for “cygwin” directory  C:\cygwin\home\<users> if you installed cygwin in C drive]

Launch cygwin and run the command “./expect.sh <username> <password>”

Note: I’ve same username and password across all switches. Hence its friendly to run the scripts. Some of the Brocade firmware versions are not compatible with the command “userconfig –delete <username>”. Please read the manual and replace the command accordingly,

After, you start the script using above command sit back and relax to watch the automation of user deletion!!!

Disclaimer: I’m not responsible for any outages, P1’s, Major Incidents etc by running this script in your setup. Use it with your brains by applying thought (little extra needed here…). Leave a comment if you need help to tweak this script…

Courtesy: iconfinder.com for the image and amsathishkumar.wordpress.com for the blog on cygwin, Expect and ssh installation

Advertisements

One thought on “Delete user account on multiple Brocade SAN switches

  1. Pingback: Create multiple user’s account on multiple Brocade SAN Switches | Vinusumi's Blog

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s