Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Nice to meet you. When I am connected to the NETAPP apparatus using the -Credential option of the Connect-NcController command of NetApp_PowerShell_Toolkit,
I think that I perform SSL certification coding in https protocol as security measures, but,
Setting / making such as a certification method between server side (NETAPP) and client-side (Toolkit) and the procedure and the file,
Would you tell me that confirmation methods such as the certification are detailed?
8 REPLIES 8
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello @orozou,
The Connect-NcController cmdlet will use HTTPS by default with automatic fallback to HTTP. If you want to force "HTTPS or fail" behavior, specify the "-HTTPS" option..conversely, if you want to use HTTP, specify the "-HTTP" option.
# connect using HTTPS or fail Connect-NcController -HTTPS -Credential (Get-Credential)
Hope that helps.
Andrew
If this post resolved your issue, please help others by selecting ACCEPT AS SOLUTION or adding a KUDO.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thank you for asulliva, an answer.
I was a Japanese, but was anxious very much because I made an inquiry using an English sentence for the first time.
In conclusion, better to set the "-HTTPS" option from the beginning was to understand the fact that safety.
By the way, in the sentence "Connect-NcController -HTTPS -Credential (Get-Credential)" and excluding the Get-Credential "Connect-NcController -HTTPS -Credential" and What are the differences in the execution result is?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
If you provide the "-Credential" parameter then it will expect a credential object to be provided...
# # inline credential gathering # Connect-NcController $controller -Credential (Get-Credential) # # store the credential in a variable # $credential = Get-Credential Connect-NcController $controller -Credential $credential # # store the creds in a secure manner, then retrieve them. note that only the user # who created the credential object will be able to read it # $credential | Export-Clixml ./credential.xml # retrieve them for use Connect-NcController $controller -Credential (Import-Clixml ./credential.xml) # # the least secure manner, storing the username and password in plain text, # then creating a credential object # $username = 'admin' $password = ConvertTo-SecureString -String 'P@s$w0rd' -AsPlainText -Force $credential = New-Object System.Management.Automation.PSCredential $username,$password Connect-NcController $controller -Credential $credential
If you leave the "-Credential" parameter off all together it will check to see if the credentials have been cached (using the Add-NcCredential cmdlet), and if none are found it will prompt.
Hope that helps.
Andrew
If this post resolved your issue, please help others by selecting ACCEPT AS SOLUTION or adding a KUDO.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Orozou,
To connect to a cluster-mode filer you can use 2 protocols HTTP or HTTPS while using 7-mode you can connect using RPC too.
Connect-NcController <Controller name> -HTTPS -Credential (Get-Credential)
Means connect to a cluster-mode filer using HTTPS as protocol and the credential that will be passed from Get-Credential cmdlet.
Connect-NcController <Controller name> -HTTPS -Credential
This will probably give you an error, but you can try only Connect-NcController <Controller name> -HTTPS since it will ask for your credential.
If you are going to connect to many filers or don't want to write your credentials every time you connect to another filer make use of -Credential parameter.
Try this:
#This will store your user credential in a variable, so you don't have to enter every new connection. $Credential = Get-Credential #This will connect to controller without credential prompt. Connect-NcController -Name <Controller name> -HTTPS -Credential $Credential
In a script you can do this:
Param( [Parameter(Mandatory = $true)] [string]$Filer ) if(-not $Credential){ $Credential = Get-Credential } Connect-NcController -Name $Filer -HTTPS -Credential $Credential
I hope I could help you.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Mr. asulliva, Mr. FelipeMafra.
Thank you tell me a lot.
It has helped us very much. But my question method was incorrect.
# (1) if it was the following way, it was confirmed to become certain in an error.
Connect-NcController -Name <Controller name> -HTTPS -Credential
# (2) You could access NETAPP equipment certainly by the following way.However・・・
Connect-NcController -Name <Controller name> -HTTPS -Credential (Get-Credential)
# (3) Even the following methods were able to access NETAPP apparatus.
Connect-NcController -Name <Controller name> -HTTPS -Credential admin
Isn't there also a problem like security by a way of the above (3)?
Or is a way of (2) best?
Multiply sorry to trouble you, but please.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello,
Have you tried the 3rd method? I think it won't work. PowerShell is an object oriented script language. So -Credential expects an Credential object to be passed. You can get it by calling Get-Credential.
You have only to options, to use Credential parameter or leave it out. In the former you'll have to pass a Credential object. In the later you'll be prompted for user credentials. Ether way there is no security issue.
You'll only have a security issue depending on the protocol you choose. So please make use of HTTPS parameter. If you leave it out PowerShell will try HTTPS first with fallback to HTTP if former doesn't work. And as we all know HTTP packets can be captured and password is as plain text.
I hope I could clarify your doubts.
Sorry for any typos but I am using my mobile.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello,
Thank you for early answers.
I am sorry in poor English.
Is a third way, but I try and successful access to NETAPP devices.
By the way, when you run the "get-help Connect-NcController -full" in PowerShell,
Because there was a sentence like the following in Example 2, I thought that if there is no problem.
C:\PS>Connect-NcController 10.61.172.155 -Credential admin -Vserver vserver1
For now just in case, we would like to proceed in the following way.
Connect-NcController -Name <Controller name> -HTTPS -Credential (Get-Credential)
Then thank you.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
In that example I think admin is the user credential but I might be wrong too. So try it. Don't simple accept any answer.
Most of the time I try things before posting but I am out of office and I can't do it now.
Most of the time I try things before posting but I am out of office and I can't do it now.
