Make an AXL Query Against CUCM with Python

I recently had a need to interact with Cisco Unified Communications Manager (CUCM) in an automated way. Some quick searched returned some code that worked a little bit, but not all the way. Here is the code that I ended up with that works.


#!/usr/bin/python
#The purpose of this script is to execute a basic query against CUCM via AXL
from suds.client import Client
from suds.sax.element import Element
import base64
import ssl
if hasattr(ssl, '_create_unverified_context'):
ssl._create_default_https_context = ssl._create_unverified_context
cmserver = 'IP-ADDRESS'
cmport = '8443'
wsdl = 'file:///var/www/html/AXLAPI.wsdl'
location = 'https://' + cmserver + ':' + cmport + '/axl/'
username = 'MyAXLUser'
password = 'MyPassword'
def getUser(userName):
base64string = base64.encodestring('%s:%s' % (username, password)).replace('\n', '')
authenticationHeader = {
"SOAPAction" : "ActionName",
"Authorization" : "Basic %s" % base64string
}
client = Client(wsdl, location=location, username=username, password=password, headers=authenticationHeader)
userName = str(userName)[:-1].lower()
agentName = Element('userid').setText(userName)
try:
getUser = client.service.getUser(agentName)
DEVICEID = getUser[0][0][11][0][0]
return DEVICEID
except:
return "no device associated"
print getUser('Rick.Breidenstein')

GitHub Link: Here it is

 

 

Snippets of problems and errors along the way

Hopefully providing the errors that I came across will help others with the same issue find a solution faster.

Creating the unverified ssl context resolved the issue below

Traceback (most recent call last):
File "test.py", line 15, in
result = client.service.getOSVersion()
File "build/bdist.linux-x86_64/egg/suds/client.py", line 535, in __call__
File "build/bdist.linux-x86_64/egg/suds/client.py", line 595, in invoke
File "build/bdist.linux-x86_64/egg/suds/client.py", line 620, in send
File "build/bdist.linux-x86_64/egg/suds/transport/http.py", line 85, in send
File "build/bdist.linux-x86_64/egg/suds/transport/http.py", line 107, in __open
File "/usr/lib/python2.7/urllib2.py", line 429, in open
response = self._open(req, data)
File "/usr/lib/python2.7/urllib2.py", line 447, in _open
'_open', req)
File "/usr/lib/python2.7/urllib2.py", line 407, in _call_chain
result = func(*args)
File "/usr/lib/python2.7/urllib2.py", line 1241, in https_open
context=self._context)
File "/usr/lib/python2.7/urllib2.py", line 1198, in do_open
raise URLError(err)
urllib2.URLError:

adding the authentication header resolved the issue below

Traceback (most recent call last):
File "test.py", line 16, in
result = client.service.getOSVersion()
File "build/bdist.linux-x86_64/egg/suds/client.py", line 535, in __call__
File "build/bdist.linux-x86_64/egg/suds/client.py", line 595, in invoke
File "build/bdist.linux-x86_64/egg/suds/client.py", line 630, in send
File "build/bdist.linux-x86_64/egg/suds/client.py", line 687, in failed
Exception: (401, u'Unauthorized')

Introducing the Element to pass through the suds client resolved the issue below

No handlers could be found for logger "suds.client"
Traceback (most recent call last):
File "test.py", line 29, in
result = client.service.getPhone(name = 'SEPD0C282D1ECE0')
File "build/bdist.linux-x86_64/egg/suds/client.py", line 535, in __call__
File "build/bdist.linux-x86_64/egg/suds/client.py", line 595, in invoke
File "build/bdist.linux-x86_64/egg/suds/client.py", line 630, in send
File "build/bdist.linux-x86_64/egg/suds/client.py", line 681, in failed
File "build/bdist.linux-x86_64/egg/suds/bindings/binding.py", line 235, in get_fault
suds.WebFault: Server raised fault: 'No uuid or name element found'

Error below became present when passing the user name through as a variable. Removing the last character from the string resolved this.

No handlers could be found for logger "suds.client"
Traceback (most recent call last):
File "test.py", line 29, in
result = client.service.getUser(user = 'Tony.Hasting')
File "build/bdist.linux-x86_64/egg/suds/client.py", line 535, in __call__
File "build/bdist.linux-x86_64/egg/suds/client.py", line 595, in invoke
File "build/bdist.linux-x86_64/egg/suds/client.py", line 630, in send
File "build/bdist.linux-x86_64/egg/suds/client.py", line 681, in failed
File "build/bdist.linux-x86_64/egg/suds/bindings/binding.py", line 235, in get_fault
suds.WebFault: Server raised fault: 'Item not valid: The specified User was not found'

Error below is when you do not create an element for searchCriteria and returnedTags. reference the listUser function.

No handlers could be found for logger "suds.client"
Traceback (most recent call last):
File "./cucm-axl.py", line 46, in
listUser(user[:-1])
File "./cucm-axl.py", line 42, in listUser
result = client.service.listUser()
File "build/bdist.linux-x86_64/egg/suds/client.py", line 535, in __call__
File "build/bdist.linux-x86_64/egg/suds/client.py", line 595, in invoke
File "build/bdist.linux-x86_64/egg/suds/client.py", line 630, in send
File "build/bdist.linux-x86_64/egg/suds/client.py", line 681, in failed
File "build/bdist.linux-x86_64/egg/suds/bindings/binding.py", line 235, in get_fault
suds.WebFault: Server raised fault: 'No Search Criteria Defined'

References:

This is the result from a collection of many different sources. Sorry I do no have all the links to site.

Setup GNS3 Server w/ IOU support on a remote server (CLI only)

Get a VPS to host your GNS3 Server (or use an existing server you have)

  1. Go to VPS Dime (This link gives me credit for the referral)
  2. Create an instance using Ubuntu 16.04 LTS (Xenial)

Install GNS3

  • add-apt-repository ppa:gns3/ppa
  • apt-get update
  • apt-get install python3-setuptools python3-pyqt4 python3-ws4py python3-netifaces
  • apt-get install cmake libelf-dev uuid-dev libpcap-dev software-properties-common
  • apt-get install libssl1.0.0/xenial libssl-dev/xenial openssl/xenial
  • apt-get install gns3-server
  • dpkg –add-architecture i386 (two dashes, add, dash,architecture,space,i386)
  • apt-get update
  •  apt-get install gns3-iou
  • setcap cap_net_raw+ep /usr/bin/iouyap (If you want details)

Stuff you need to figure out 🙂

  • Get your IOU images and upload them
  • Install your iou license
    • Vi ~/.iourc
    • echo ‘127.0.0.127 xml.cisco.com’ >> /etc/hosts

Start using your GNS3 server from your GNS3 client

  • Make sure your client and server versions match or it will yell at you

Now to create a docker container to run this on my Synology instead of a externally hosted VPS

 

 

Configure SNMPv3 read write access for HP and Cisco switches, routers, etc.

HP switches

tested on the following gear

  • E-series 3800


snmpv3 enable
(complete the wizard)
snmpv3 group managerpriv user <user-name> sec-model ver3
snmpv3 user <user-name> auth md5 <password> priv des <password>

 

Cisco switches and routers

tested on the following gear

  • switch: 3750
  • router: 3845


snmp-server group v3ReadWrite v3 priv read v1default write v1default
snmp-server user <user-name> v3 auth md5 <password> priv des <password>

note:If your software version doesn’t support encryption, then you will not be able to have authentication encrypted. You may verify you software version with the ‘show version’ command