search

gabstopper / smc-python

Forcepoint Security Management Center python library:(Moved to official Forcepoint repo)
https://github.com/Forcepoint/fp-NGFW-SMC-python
Apache License 2.0
29 stars 13 forks source link

Force unlock on Engines #53

Closed sebbbastien closed 5 years ago

sebbbastien commented 5 years ago

Hi David,

It could be interesting to have something to unlock a locked Engine. (I think you already have something like that on Policies).

Nothing urgent, just a suggestion.

Best regards,

gabstopper commented 5 years ago

Hi Sebbastien, There is a lock_online and lock_offline capability for the engine nodes currently, is that what you mean? (Similar to going into SMC and right clicking the node, then saying Lock Online/Offline). You can do this by grabbing the node, and calling the function without arguments:

engine = Engine('myfw')
for node in engine.nodes:
    node.reboot()
    node.bind_license()
    node.go_online()
    node.go_offline()

Or do you mean force unlock if someone sits in edit mode on the engine? (i.e. this would be considered a 'global' type lock). This can also be done through a system level reference and specifying the element that is locked. For example:

engine = Engine('myengine')
system = System()
system.force_unlock(engine)

The latter function is undocumented due to the potential risk of doing this (i.e. losing existing edits, etc) but it is still possible.

sebbbastien commented 5 years ago

Hi David,

Or do you mean force unlock if someone sits in edit mode on the engine? (i.e. this would be considered a 'global' type lock).

It was precisely "this" unlock I was searching.

Thanks a lot.