Automation

Expand all | Collapse all

Slax script to delete not working on SRX

Jump to Best Answer
  • 1.  Slax script to delete not working on SRX

    Posted 12-18-2018 06:42

    Hi,

     

    I got a basis slax script which deletes existing radius-servers on an EX switch.

     

    version 1.0;
    
    ns junos = "http://xml.juniper.net/junos/*/junos";
    ns xnm = "http://xml.juniper.net/xnm/1.1/xnm";
    ns jcs = "http://xml.juniper.net/junos/commit-scripts/1.0";
    ns ext = "http://xmlsoft.org/XSLT/namespace";
    
    import "../import/junos.xsl";
    
    match / {
    <op-script-results> {
    
            var $config-rpc = <get-configuration> {
                <configuration> {
                    <system>;
                }
            }
            /* Request configuration and assign to $config variable */
            var $config = jcs:invoke( $config-rpc );
    
    	/* delete all the existing radius-servers */
            var $config-changes-1 = {
            <configuration> {
                <system> {
    				 <radius-server delete="delete"> {
                     }
                    }
                }
            }
    		var $load-action = "merge";
    		var $conn_handle = jcs:open();
    		var $results := {
    		call jcs:load-configuration( $action=$load-action,$configuration=$config-changes-1, $connection=$conn_handle);
    		}
    }
    }
    

    but for some reason, running the same script on an SRX doesn't work, and it won't delete the existing radius-servers.

    any reason why it won't work on the SRX?

     if( $results//xnm:error ) {
            for-each( $results//xnm:error ) {
                <output> message;
            }
        }
    }
    
    including the xnm error gives me a 'syntax error"

     

    when I fill in an existing radius-server IP with the <name> stanza , it will work, but it won't just delete the <radius-server> in full.

     

    version 1.0;
    
    ns junos = "http://xml.juniper.net/junos/*/junos";
    ns xnm = "http://xml.juniper.net/xnm/1.1/xnm";
    ns jcs = "http://xml.juniper.net/junos/commit-scripts/1.0";
    ns ext = "http://xmlsoft.org/XSLT/namespace";
    
    import "../import/junos.xsl";
    
    match / {
    <op-script-results> {
    
            var $config-rpc = <get-configuration> {
                <configuration> {
                    <system>;
                }
            }
            /* Request configuration and assign to $config variable */
            var $config = jcs:invoke( $config-rpc );
    
            /* delete all the existing radius-servers */
            var $config-changes-1 = {
            <configuration> {
                <system> {
                     <radius-server delete="delete">{
                            <name> "10.9.8.7";
                            }
                    }
                }
            }
                    var $load-action = "merge";
                    var $conn_handle = jcs:open();
                    var $results := {
                    call jcs:load-configuration( $action=$load-action,$configuration=$config-changes-1, $connection=$conn_handle);
                    }
    
     if( $results//xnm:error ) {
            for-each( $results//xnm:error ) {
                <output> message;
            }
        }
    }
    }
    


  • 2.  RE: Slax script to delete not working on SRX

    Posted 12-18-2018 07:56

    1. Ohy do you bother with the get-configuration ?  The script doesn't do anything with it.
    2. I think you have extraneous {} here:

    <radius-server delete="delete"> {
                     }

      What happens if you just do this, removing the extra {};

    <radius-server delete="delete">;

     ?

     

    /doug



  • 3.  RE: Slax script to delete not working on SRX

    Posted 12-18-2018 08:29

    still get a syntax error

     

    version 1.0;
    
    ns junos = "http://xml.juniper.net/junos/*/junos";
    ns xnm = "http://xml.juniper.net/xnm/1.1/xnm";
    ns jcs = "http://xml.juniper.net/junos/commit-scripts/1.0";
    ns ext = "http://xmlsoft.org/XSLT/namespace";
    
    import "../import/junos.xsl";
    
    match / {
    <op-script-results> {
    
            var $config-changes-1 = {
            <configuration> {
                <system> {
                     <radius-server delete="delete">;
                    }
                }
            }
                    var $load-action = "merge";
                    var $conn_handle = jcs:open();
                    var $results := {
                    call jcs:load-configuration( $action=$load-action,$configuration=$config-changes-1, $connection=$conn_handle);
                    }
    
    
     if( $results//xnm:error ) {
            for-each( $results//xnm:error ) {
                <output> message;
            }
        }
    }
    }
    


  • 4.  RE: Slax script to delete not working on SRX

    Posted 12-18-2018 13:36

    OK.  I just took a look at a junos configuration with radius-server configured and now I see what's wrong.

     

    radius-server is a *list*, so your logic needs to iterate thru it with a "for-each" loop so it can  emit a
    <delete="delete">  { <name> "x.x.x";}   
    into the config xml for _each_ entry. Even if there's only 1.

     

     

     

    /doug



  • 5.  RE: Slax script to delete not working on SRX

    Posted 12-18-2018 16:04

    Hi Doug,

     

    I'm really a rookie at Slax , could you ellaborate a bit more on that?



  • 6.  RE: Slax script to delete not working on SRX
    Best Answer

    Posted 12-19-2018 01:20

    Hi Doug,

     

    I was able to get what I want by using JunOS space Confligets, and using XPATH values there.

     

     



  • 7.  RE: Slax script to delete not working on SRX

    Posted 12-19-2018 06:28

    Glad you found a solution. I was a little rushed for time so didn't provide an example.

    If you have Space and configlets, that's a much easier way to go, than getting deep into SLAX.

     

    For CLI Configlets, you'll probably want to get acquainted with Apache Velocity templating language (and, of course XPATH) if you're not already.


    Good luck!