Microsoft Virtualization Discussions

Getting started with PSTK 9.11.1 and REST


I have been attempting to get started with teh above version of PSTK, to get away from ZAPI and onto REST.  


I have set up a clean Windows environment and installed the PSTK module.


My test cluster is running OnTAP 9.10.1p8.  I can connect just fine to it using ZAPI; but when I try to use this version of the toolkit, I get 401 authorization error.  The user I am using has an admin role, so should have access to all APIs.


I have been trying to find some specific documentation/examples, but have not found any yet.


I hve a lot of background with PSTK and ZAPI, so I just need to know what is different using REST.  Can anyone direct me to some use examples?


Is 'connect-nccontroller' still used with REST? 



I think you might need to create a "rest role" - Ensure that "rest-role" exists with appropriate privileges and is applied to specific user/group for http access via security login.

Please see this kb:
Calls to ONTAP 9.6+ REST API fail with 401 error or repeated password request


According to NetApp documentation - You should be able to connect to storage using the existing ps cmdlet "Connect-NcController" and once connected then I think it uses 'curl command' within Powershell which invokes the GET /api/* or may be.

PowerShell Toolkit:
For existing ONTAP PowerShell Toolkit customers, the transition from ONTAPI to the ONTAP REST API will be managed internally by the tool itself. By FY22 Q4 timeframe , the ONTAP PowerShell Toolkit will prompt users for ONTAPI or ONTAP REST API usage, according to the underlying ONTAP version.


Related info:


Following lab on support site will be helpful to get your started (They may be old).


How to access the ONTAP REST API



As an experiment, I created a new local user with the same role, but with 'password' authentication and application=http.  This local user can connect through PSTK just fine.

However my original user, which was a domain user, is still getting denied.


Is there some kind of limitation with PSTK that it cannot use domain logins with REST?  They work fine with ONTAPI.


The domain user had the role 'admin'.  The associated rest-role is automatically defined, so the domain user should have admin rights through REST.




I have tried a different test, to try and find out why this login does not work.


I have another Ontap cluster which is running 9.8P12.  It has a domain user with admin role and http,ontapi,and ssh applications enabled.


Using our current PSTK v9.7.1, and performing 'connect-nccontroller <clustername>', I provide the domain username and password.  It connects no problem


If I use the new PSTK 9.11.1, and perform the same exact steps as above, I get a (401) Unathorized error.  It is using REST by default.

If I use the new PSTK 9.11.1, and perform 'connect-nccontroller <clustername> -ontapi', the connection does succeed using ONTAPI.


 This seems to indicate that PSTK 9.11.1 is having issues connecting to a cluster using a domain credential and REST.


Has anyone else had any success, or can provide an example of, PSTK 9.11.1 connecting to a cluster using domain credentials and REST?