Security

I am trying to delete a Endpoint from the Database via an API call.  We have several orphaned Endpoints (~2000) that exist and need deleted.  Can someone show me an example of how to do this with the API?  I was trying to do the following, but not successful.

To delete Endpoint with MAC Address = "00037f500001"

wget -q -O - --no-check-certificate --http-user=apiadmin --http-password=<password> https://10.238.32.32/tipsapi/config/delete/Endpoint/equals?macAddress=00037f500001

Thanks for the help.

pratikgadekar,

Not sure your post came through.  Can you repost?  Thanks.

Hi, 

When using operations such as DELETE you mostly need to post it in JSON, which you can read in this guide : https://support.arubanetworks.com/Documentation/tabid/77/DMXModule/512/Command/Core_Download/Default.aspx?EntryId=14976

The ClearPass APIs are designed to expect the JSON content type when the API call requires a HTTP body to be submitted (typically in unsafe operations such as POST, PUT, PATCH and DELETE).

Unfortunately I don't have the complete string for you, but I hope this will help !

Thanks.  I have that doc, but am still unclear in the syntax of the curl command needed.

Well that teased me and I ended up trying to achieve it. Wasn't able to do it with JSON. The "API Explorer" in clearpass doesn't have any Endpoint section neither and documentation isn't talking much about it. When I try it with cURL + XML, I always end up with 403 Access Forbidden error message.

Still I have a solution for you :D

You could tag your Orphaned endpoints with an attribute and then go within the Endpoint tab in clearpass and filter them based on that Attribute, then simply delete them all using the select all checkbox.

First create a new attribute (let's call it Orphaned) :

You can use the following cURL code to add an attribute to an Endpoint (You would need to set-up a script to automate MAC entries in the list or use Notepad++)

curl -sk -o - -u apiadmin:YOUR_PASSWORD -d '<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<TipsApiRequest xmlns="http://www.avendasys.com/tipsapiDefs/1.0">
<TipsHeader version="3.0"/>
<Endpoints>
<Endpoint status="Known" macAddress="YOUR_MAC">
<EndpointTags tagName="Orphaned" tagValue="True"/>
</Endpoint>
</Endpoints>
</TipsApiRequest>' https://YOUR_CLEARPASS_IP/tipsapi/config/write/Endpoint

Then, simply add a filter like this :

Should save you some time :)

Overclock,

That is a great idea.  I did open a Support Case today and asking for help on it.  If they give me an answer I will post it here.

I agree the API documentation is lacking.  I am not clear what options I even have to work with.

Thank you, yes please let me know if they find a way ;)

Mark,

The ClearPass API configuration guide has the information to handle the guest user accounts. Followed the same for endpoints with appropriate tags and got it working.

Deleting endpoint using tips-api requires two steps.

1.Do deleteConfirm to fetch the identifier(element_id).

2.And then delete the endpoint using the returned identifier.

Refer the below examples,

Post the request to https://<cppm_ip>/tipsapi/config/deleteConfirm/Endpoint

curl -sk -o - -u apiadmin:<password> -d '<?xml version="1.0" encoding="UTF-8" standalone="yes"?>

<TipsApiRequest xmlns="http://www.avendasys.com/tipsapiDefs/1.0">
<TipsHeader version="6.4"/>
<Filter entity="Endpoint">
<Criteria fieldName="macAddress" filterString="112233445566" match="contains"/>
</Filter>
</TipsApiRequest>'

Response will look like,

<?xml version="1.0" encoding="UTF-8" standalone="yes"?><TipsApiResponse xmlns="http://www.avendasys.com/tipsapiDefs/1.0"><TipsHeader exportTime="Fri Feb 05 16:56:44 IST 2016" version="6.4"/><StatusdCount>1</EntityMaxRecordCount><Endpoints><Endpoint macAddress="112233445566" status="Unknown"><element-id>Endpoint_112233445566_s7m</element-id></Endpoint></Endpoints></TipsApiResponse>

Use the returned element id and Post the delete request to https://<cppm_ip>/tipsapi/config/delete/Endpoint

curl -sk -o - -u apiadmin:<password> -d '<?xml version="1.0" encoding="UTF-8" standalone="yes"?>

<TipsApiRequest xmlns="http://www.avendasys.com/tipsapiDefs/1.0">
<TipsHeader version="6.4"/>
<Delete>
<Element-Id>Endpoint_112233445566_s7m</Element-Id>
</Delete>
</TipsApiRequest>'

Response will look like,

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>

<TipsApiResponse xmlns="http://www.avendasys.com/tipsapiDefs/1.0">

<TipsHeader exportTime="Fri Feb 05 17:13:24 IST 2016" version="6.4"/><StatusCode>Success</StatusCode>

<LogMessages>

<Message>Endpoint deleted successfully</Message>

</LogMessages>

</TipsApiResponse>

I get the element id but then I launch the following :

curl -sk -o - -u apiadmin:mypassword -d '<?xml version="1.0" encoding="UTF-8" standalone="yes"?>

<TipsApiRequest xmlns="http://www.avendasys.com/tipsapiDefs/1.0">

<TipsHeader version="6.4"/>

<Delete>

<Element-Id>Endpoint_MYMAC_Mrx</Element-Id>

</Delete>

</TipsApiRequest>' https://MYCPPMIP/tipsapi/config/delete/Endpoint

and I get this response : This request requires HTTP authentication.

Here is a workable 2 step script that successfuly deletes the Endpoint.  Soluiton came from TAC and has been tested in my lab on ClearPass 6.5.2.

Delete Endpoint with MAC Address:  00eebdad6094

1.  Create an XML file test2.xml with the following content.

<TipsApiRequest xmlns="http://www.avendasys.com/tipsapiDefs/1.0">
<TipsHeader version="6.4"/>
<Filter entity="Endpoint">
<Criteria fieldName="macAddress" filterString="00eebdad6094" match="contains"/>
</Filter>
</TipsApiRequest>

2.  Send HTML request to server with the above XML file to Retrieve <Element-Id> to delete.

curl -k -X POST https://10.238.32.32/tipsapi/config/deleteConfirm/Endpoint -u admin:eTIPS123 -H "Content-Type: text/xml" -d@test2.xml

<?xml version="1.0" encoding="UTF-8" standalone="yes"?><TipsApiResponse xmlns="http://www.avendasys.com/tipsapiDefs/1.0"><TipsHeader exportTime="Fri Feb 12 10:05:42 EST 2016" version="6.5"/><StatusCode>Success</StatusCode><EntityMaxRecordCount>1</EntityMaxRecordCount><Endpoints><Endpoint macVendor="Intel Corporate" macAddress="fcf8ae7787ab" status="Unknown"><element-id>Endpoint_fcf8ae7787ab_5cc</element-id><EndpointProfile updatedAt="Sep 02, 2015 09:16:54 EDT" addedAt="Aug 17, 2015 09:02:40 EDT" fingerprint="{&quot;host&quot;: {&quot;os_type&quot;: &quot;Windows 7&quot;}}" conflict="false" name="Windows 7" family="Windows" category="Computer" hostname="81CLTZ1.Limited.brands.com" staticIP="true" ipAddress="10.23.70.91"/></Endpoint></Endpoints></TipsApiResponse>

3.  Create XML file test3.xml with the content that includes the Element-Id (case sensentive)

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<TipsApiRequest xmlns="http://www.avendasys.com/tipsapiDefs/1.0">
<TipsHeader version="6.4"/>
<Delete>
<Element-Id>Endpoint_fcf8ae7787ab_5cc</Element-Id>
</Delete>
</TipsApiRequest>

4.  Send HTML request to delete the endpoint

curl -k -X POST https://10.238.32.32/tipsapi/config/delete/Endpoint -u admin:eTIPS123 -H "Content-Type: text/xml" -d@test3.xml

<?xml version="1.0" encoding="UTF-8" standalone="yes"?><TipsApiResponse xmlns="http://www.avendasys.com/tipsapiDefs/1.0"><TipsHeader exportTime="Fri Feb 12 10:07:25 EST 2016" version="6.5"/><StatusCode>Success</StatusCode><LogMessages><Message>Endpoint deleted successfully</Message></LogMessages></TipsApiResponse>