McAfee ePO Orchestrator Server Scripts

ePO Core Commands are all available in the core.help file and are listed here:

https://[ePO Server]:8443/remote/core.help
avecto.challengeResponse keyType key challenge [duration] - BeyondTrust Privilege Management Challenge Response

Parameter descriptions:

keyType=Key Type [key|name|id]
key=[Key Value|Policy Name|Policy ID]
challenge=Challenge Code
duration=Duration [once(default)|session|forever]
avecto.createPolicy policyName filePath - BeyondTrust Privilege Management Create New Policy
avecto.exportPolicy policyID - BeyondTrust Privilege Management Export Policy XML
avecto.importPolicy policyID filePath - BeyondTrust Privilege Management Import Policy XML
avecto.listPolicies - rcmd.listPolicies.shortDescKey

For more information, please refer to Explanation of ePO Web API and where to find Web API documentation.

Referenced Libraries

Two libraries are referenced in these scripts:

  • McAfee python Support Library
  • URL Encoder Support Library

Challenge Response Scripting

import mcafee
import sys
mc = mcafee.client('[ePOServerAddress]','8443','[username]','[password]')
mc.help('avecto.challengeResponse')
print '\nKey based generation'
response = mc.avecto.challengeResponse('key','test','12345678')
print 'response for one use - test/12345678: %s' % (response)
response = mc.avecto.challengeResponse('key','test','98765432X','once')
print 'response for once    - test/98765432X: %s' % (response)
response = mc.avecto.challengeResponse('key','test','98765432X','session')
print 'response for session - test/98765432X: %s' % (response)
response = mc.avecto.challengeResponse('key','test','98765432X','forever')
print 'response for forever - test/98765432X: %s' % (response)
policies = mc.avecto.listPolicies()
id = 0
print '\nAll Policies...'
for policy in policies:
print 'name: %s ID: %d' % (policy['name'],policy['id'])
if (policy['name'] == 'NewSimpleCR'):
id = policy['id']
print '\nNamed Policy generation'
response = mc.avecto.challengeResponse('name','NewSimpleCR','12345678')
print 'response for one use - 12345678: %s' % (response)
response = mc.avecto.challengeResponse('name','NewSimpleCR','98765432X','once')
print 'response for once    - 98765432X: %s' % (response)
response = mc.avecto.challengeResponse('name','NewSimpleCR','98765432X','session')
print 'response for session - 98765432X: %s' % (response)
response = mc.avecto.challengeResponse('name','NewSimpleCR','98765432X','forever')
print 'response for forever - 98765432X: %s' % (response)
print '\nID Policy generation for id %d' % id
response = mc.avecto.challengeResponse('id',id,'12345678')
print 'response for one use - 12345678: %s' % (response)
response = mc.avecto.challengeResponse('id',id,'98765432X','once')
print 'response for once    - 98765432X: %s' % (response)
response = mc.avecto.challengeResponse('id',id,'98765432X','session')
print 'response for session - 98765432X: %s' % (response)
response = mc.avecto.challengeResponse('id',id,'98765432X','forever')
print 'response for forever - 98765432X: %s' % (response)

ePO Create Policy

import mcafee
import sys
mc = mcafee.client('[ePOServerAddress]','8443','[username]','[password]')
mc.help('avecto.createPolicy')
print '\nCreate New Policy called NewSimpleCR'
#resp = mc.avecto.createPolicy('NewSimpleCR','file:///path-to-policy/policy.xml')
resp = mc.avecto.createPolicy('NewSimpleCR','file:///policy.xml')
print '\nPolicy Create Response: %s' % resp
policies = mc.avecto.listPolicies()
print '\nAll Policies...'
for policy in policies:
print 'name: %s ID: %d' % (policy['name'],policy['id'])

ePO Import Policy

import mcafee
import sys
mc = mcafee.client('[ePOServerAddress]','8443','[username]','[password]') mc.help('avecto.listPolicies') policies = mc.avecto.listPolicies() print '\nJSON %s' % (policies) id = 0
print '\nAll Policies...' for policy in policies: print 'name: %s ID: %d' % (policy['name'],policy['id']) if (policy['name'] == 'My Default'): id = policy['id'] resp = mc.avecto.importPolicy(id,'file:///policy.xml') print '\nPolicy Import Response: %s' % resp

 

ePO Export Policy

import mcafee
import sys
mc = mcafee.client('[ePOServerAddress]','8443','[username]','[password]')
mc.help('avecto.listPolicies')
policies = mc.avecto.listPolicies()
print '\nJSON %s' % (policies)
id = 0
print '\nAll Policies...'
for policy in policies:
print 'name: %s ID: %d' % (policy['name'],policy['id'])
if (policy['name'] == 'My Default'):
id = policy['id']
xml = mc.avecto.exportPolicy(id)
print '\nPolicy XML:\n%s' % xml