For an IPAM power user, in our 4.8 environment we can update an IPNode object but in 4.9 we cannot.
Python repro code:
import requests
from orionsdk import SwisClient
verify = False
if not verify:
from requests.packages.urllib3.exceptions import InsecureRequestWarning
requests.packages.urllib3.disable_warnings(InsecureRequestWarning)
def getUri(results):
return [results['results'][0]['Uri']]
swis48 = SwisClient("solarwinds48", "ipampoweruser", "password")
swis49 = SwisClient("solarwinds49", "ipampoweruser", "password")
r48 = swis48.query("SELECT IpNodeId, Uri FROM IPAM.IPNode WHERE IPAddress='10.30.59.90'")
r49 = swis49.query("SELECT IpNodeId, Uri FROM IPAM.IPNode WHERE IPAddress='10.30.63.90'")
# This works (and the single update)
swis48.bulkupdate(getUri(r48), Status="Used", AllocPolicy="Static", Comments="test alloc1")
#Direct Update
# Fails (and single update fails too)
#swis49.bulkupdate(getUri(r49), Status="Used", AllocPolicy="Static", Comments="test alloc1")
# Exploring alternatives
#Update Status first
# Works (invoke ipam.subnetmanagement)
ip_reserve = swis49.invoke('IPAM.SubnetManagement', 'ChangeIPStatus', '10.30.63.90', 'Used')
# Fails (on CRUD operation on IPNode obj)
swis49.bulkupdate(getUri(r49), AllocPolicy="Static", Comments="test alloc1")
The exception is always:
requests.exceptions.HTTPError: 403 Client Error: Access to IPAM.IPNode denied. for url: solarwinds49:17778/.../BulkUpdate
Is this a regression? Workaround for now is to grant systemwide admin rights but this is not acceptable.