vRealize Network Insight - Add usergroup with an underscore

Submitted by Robin van Altena on Tue, 08/04/2020 - 11:56
 
 
Follow your favourite author

Leave us your email address and be the first to receive a notification when Robin posts a new blog.

vRealize Network Insight - Add usergroup with an underscore
Tue 04 Aug, 2020
Recently I was working with vRNI at a customer who had vRNI connected to Identity Manager for user authentication. When I tried to add additional user groups to vRNI is was unable to search for groups containing an ‘_’ underscore.
Image
Add user step 1
Textarea

Unfortunately, vRNI shows only 5 results when the search is performed without the underscore and naturally the required group is not in the list.

Image
Add user step 2
Textarea

Knowing that vRNI has a well-documented API, I set out to add the group using the API.
The API is documented at the VMware {code} and in the application itself.

Image
Add user step 3
Textarea

And a postman collection for vRNI can be found at: https://lostdomain.org/2019/01/24/postman-collection-for-vrealize-network-insight-apis/ This collection is very helpful, because the API documentation isn’t showing the complete API call. So in my first try is was missing /api/ni in my API call.

Before you can retrieve information from vRNI you need to request an access token. This can be done using the api call: https://<vRNI server>/api/ni/auth/token and you need a body containing the user and password. For example, the body for the local admin account:

Text highlighted

{
  "username": "admin@local",
  "password": "password",
  "domain": {
    "domain_type": "LOCAL"
  }
}

Textarea

The API call in Postman should return a token, which needs to be used for the next API calls.

Image
Add user step 4
Textarea

Once a token has been retrieved the group can be added to vRNI. Since we need to add a group from vIDM we need the API call: https://<vRNI server>/api/ni/settings/user-groups/vidm

Before you can POST the API call, the access token needs to be placed in the header of the call.
Select the Header and create a new key. Call this key Authorization and enter the value NetworkInsight <access token>. The Header should look like this:

Image
Add user step 5
Textarea

In the Body the name of the group and domain location need to be entered, for example:

Text highlighted

{
  "group_type": "VIDM",
  "group_name": "testgroup",
  "domain": "vidmlabs.com",
  "role": "ADMIN"
}

Textarea

In Postman the API call, the Body and result should look similar to the screenshot below.

Image
Add user step 6
Textarea

Using the API method I was able to add multiple groups containing an ‘_‘ underscore in the name. Hopefully this post saves you some time in searching thru logs and documentation.

Tags

Questions, Remarks & Comments

If you have any questions and need more clarification, we are more than happy to dig deeper. Any comments are also appreciated. You can either post it online or send it directly to the author, it’s your choice.
Let us know  

 
 
Questions, Remarks & Comments

Message Robin directly, in order to receive a quick response.

More about RedLogic