Skip to main content

Sync Chromebook MAC addresses from your GSuite into Cisco ISE

Project description

GSuite_Sync

Sync MAC addresses from your GSuite into Cisco ISE

Build Status


INSTALL PROCESS

To set up gsync as a service on Linux, follow the below process

Prep the Linux OS with Python3

  1. Install required OS packages for Python
  • Raspberry Pi may need Python and PIP sudo apt install -y python-pip as well as sudo apt-get install libffi-dev
  • Debian (Ubuntu) distributions may need Python and PIP
    • Install Python and PIP: sudo apt install -y python-pip
  • RHEL (CentOS) distributions usually need PIP
    • Install the EPEL package: sudo yum install -y epel-release
    • Install PIP: sudo yum install -y python36-pip
    • Back up the old Python2 binary: mv /usr/bin/python /usr/bin/python-old
    • Make Python3 the default binary: sudo ln -fs /usr/bin/python36 /usr/bin/python

Install GSync from PyPi

  1. Install using PIP: pip install gsuite_sync

Install GSync from source

  1. Retrieve the source code repository using one of the two below methods
  • Method #1: Install a Git client (process differs depending on OS) and clone the GSuite_Sync repository using Git git clone https://github.com/PackeTsar/gsuite_sync.git
    • Change to the branch you want to install using git checkout <branch_name>
  • Method #2: Download and extract the repository files from the Github Repo
    • Make sure to download the branch you want to install
  1. Move into the gsuite_sync project directory cd gsuite_sync
  2. Run the setup.py file to build the package into the ./build/ directory python setup.py build
  3. Use PIP to install the package pip install .
  4. Once the install completes, you should be able to run the command gsync -h and see the help menu. GSync is now ready to use.

Help Output

usage: gsync [-h] [-v] [-gc CREDENTIAL_FILE] [-gm REGEX] [-ia IP/ADDRESS]
             [-iu USERNAME] [-ip PASSWORD] [-ig GROUP_NAME] [-c CONFIG_FILE]
             [-l LOG_FILE] [-d] [-fs] [-um MAC_ADDRESS] [-us SERIAL_NUMBER]
             [-m]

GSuite_Sync - Sync Chromebook MAC addresses from your GSuite into Cisco ISE

Misc Arguments:
  -h, --help            show this help message and exit
  -v, --version         show program's version number and exit

Required Arguments:
  -gc CREDENTIAL_FILE, --gsuite_credential CREDENTIAL_FILE
                        GSuite Credential File
  -ia IP/ADDRESS, --ise_address IP/ADDRESS
                        ISE DNS or IP Address
  -iu USERNAME, --ise_username USERNAME
                        ISE Login Username
  -ip PASSWORD, --ise_password PASSWORD
                        ISE Login Password
  -ig GROUP_NAME, --ise_group GROUP_NAME
                        ISE Target Endpoint Group

Optional Arguments:
  -gm REGEX, --gsuite_path_match REGEX
                        GSuite Object Path Match Pattern
  -c CONFIG_FILE, --config_file CONFIG_FILE
                        Config File Path
  -l LOG_FILE, --logfiles LOG_FILE
                        Log File Path
  -d, --debug           Set debug level (WARNING by default)
                                Debug level INFO:  '-d'
                                Debug level DEBUG: '-d'

Action Arguments:
  -fs, --full_sync      Perform full sync of GSuite MACs to ISE Group
  -um MAC_ADDRESS, --update_mac MAC_ADDRESS
                        Push an individual MAC to the ISE Group
  -us SERIAL_NUMBER, --update_serial SERIAL_NUMBER
                        Lookup a device's MAC and update it in the ISE Group
  -m, --maintain        maintain pushing devices

Example Config Files

Arguments can be passed in at the command line or with a config file. It is often easier to use a config file and that is what we will do for setting up the service. The /root/credentials.json file referenced is an API credential file for your GSuite account.

Example Config File (/root/config.json)

{
  "gsuite_credential": "/root/credentials.json",
  "gsuite_path_match": "SOMEREGEXPATHMATCH",
  "ise_address": "192.168.1.100",
  "ise_username": "admin",
  "ise_password": "admin123",
  "ise_group": "my_special_group",
  "logfiles": ["/etc/gsync/logs.log"]
}

Create the Service File

Use VI to create a new file (vi /etc/init.d/gsync) and insert the below BASH script for the file contents

#!/bin/bash
# gsync daemon
# chkconfig: 345 20 80
# description: gsync Daemon
# processname: gsync

DAEMON_PATH="/usr/local/bin/"

DAEMON=gsync
STDOUTFILE=/etc/gsync/stdout.log
STDERR=/etc/gsync/stderr.log

NAME=gsync
DESC="gsync Daemon"
PIDFILE=/var/run/$NAME.pid
SCRIPTNAME=/etc/init.d/$NAME

case "$1" in
start)
        printf "%-50s" "Starting $NAME..."
        cd $DAEMON_PATH
        PID=`stdbuf -o0 $DAEMON -c /root/config.json -m >> $STDOUTFILE 2>>$STDERR & echo $!`
        #echo "Saving PID" $PID " to " $PIDFILE
        if [ -z $PID ]; then
            printf "%s
" "Fail"
        else
            echo $PID > $PIDFILE
            printf "%s
" "Ok"
        fi
;;
status)
        if [ -f $PIDFILE ]; then
            PID=`cat $PIDFILE`
            if [ -z "`ps axf | grep ${PID} | grep -v grep`" ]; then
                printf "%s
" "Process dead but pidfile exists"
            else
                echo "$DAEMON (pid $PID) is running..."
            fi
        else
            printf "%s
" "$DAEMON is stopped"
        fi
;;
stop)
        printf "%-50s" "Stopping $NAME"
            PID=`cat $PIDFILE`
            cd $DAEMON_PATH
        if [ -f $PIDFILE ]; then
            kill -HUP $PID
            printf "%s
" "Ok"
            rm -f $PIDFILE
        else
            printf "%s
" "pidfile not found"
        fi
;;

restart)
        $0 stop
        $0 start
;;

*)
        echo "Usage: $0 {status|start|stop|restart}"
        exit 1
esac

Finish and Start Up Service

chmod 777 /etc/init.d/gsync
chkconfig gsync on
service gsync start
service gsync status

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

gsuite_sync-0.2.1.tar.gz (27.3 kB view hashes)

Uploaded Source

Built Distribution

gsuite_sync-0.2.1-py3-none-any.whl (26.4 kB view hashes)

Uploaded Python 3

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page