blockaccess user

This action cancels all existing tickets for the specified user. For information about blocking, see How Tickets Work.

Syntax

CLI

maprcli blockaccess user 
     -name username to be added to blocked users
     [ -blockaccesstime millis from epoch or date in MM/DD/YYYY format ]
     [ -cluster name of the cluster ]

REST

Request Type	POST
Request URL	`http[s]://<host>:<port>/rest/blockaccess/user?<parameters>`

Parameters

Parameter	Description
name	(Required) Username to block.
blockaccesstime	(Optional) Invalidates all user's tickets raised before the specified date (in the format <MM/DD/YYYY>). Alternatively, you can set the time in milliseconds from epoch time (the number of milliseconds that have elapsed since Jan 1, 1970, midnight UTC).
cluster	(Optional) Name of the cluster from which to block the user. The default is the cluster on which the command is run.

Example

Block the rogueuser user name from the cluster my.cluster.com:

CLI

maprcli blockaccess user -name rogueuser -cluster my.cluster.com

REST

curl -X POST -u <username> https://r1n1.sj.us:8443/rest/blockaccess/user?name=rogueuser&cluster=my.cluster.com

Deny the rogueuser user's tickets that were raised prior to 1st September 2020 from the cluster my.cluster.com:

CLI

maprcli blockaccess user -name rogueuser -cluster my.cluster.com -blockaccesstime 09/01/2020

REST

curl -X POST -u <username> https://r1n1.sj.us:8443/rest/blockaccess/user?name=rogueuser&cluster=my.cluster.com&blockaccesstime=09/01/2020

Deny the rogueuser user's tickets that were raised prior to 1605418200155 milliseconds from epoch, from the cluster my.cluster.com:

CLI

maprcli blockaccess user -name rogueuser -cluster my.cluster.com -blockaccesstime 1605418200155

REST

curl -X POST -u <username> https://r1n1.sj.us:8443/rest/blockaccess/user?name=rogueuser&cluster=my.cluster.com&blockaccesstime=1605418200155

The value 1605418200155 corresponds to the time November 15th 2020, 11:00:00 am IST+05:30. Therefore, all rogueuser tickets that were raised prior to November 15th 2020, 11:00:00 am IST+05:30 are blocked.

Related Log File

The log file /opt/mapr/logs/cldbaudit.log.json contains the log of the deny operation including the updated deny time. For example:

{"timestamp":{"$date":"2020-11-13T08:37:36.524Z"},"resource":"mapruser4","operation":"blacklist",
             "username":"root","uid":0,"clientip":"10.10.50.42","properties":
             [{"property":"denylisttime","oldvalue":"1605254599376","newvalue":"1605875766173"}],
             "status":0}{"timestamp":{"$date":"2020-11-13T08:37:45.020Z"},"resource":"cluster",
             "operation":"listBlacklist","username":"root","uid":0,
             "clientip":"10.10.50.42","status":0}

Here the old deny list time was 1605254599376 milliseconds (November 13, 2020 1:33:19 PM IST) and is now updated to 1605875766173 milliseconds (Friday, November 20, 2020 6:06:06 PM IST).

HPE Ezmeral Data Fabric – Customer-Managed 7.9.0 Documentation
Abstract	This site contains documentation for the customer-managed platform of the HPE Ezmeral Data Fabric version 7.9.0 including installation, configuration, administration, and reference content, as well as content for the associated bundled ecosystem components and drivers.
Published	November 2024
Edition	7.9.0