ONTAP PowerShell Toolkit Pass-through Authentication

ScottMiller · ‎2018-11-07

Is pass-through authentication on the road map for the ONTAP PowerShell Toolkit? Is it already available and I just don't realize it? Background: I want to use a AD service account to pull quota-related data from a cluster using PowerShell. I cannot store the credentials.

GidonMarcus · ‎2018-11-08

Hi

it's not exists. it used to work on 7-mode thanks to the RPC services and computer account the filer had, in Cdot the computer account is of the SVM and RPC only availble on the SVM itself. not on the cluster/node so they cannot authenticate in the same way.

See BURT

https://mysupport.netapp.com/NOW/cgi-bin/bol?Type=Detail&Display=826138

if you store the cred using PS secure cred to a XML/json/txt. only the user who encrypted the cred can read it, so if you using the same user that you let's say run a sched task with (if you trust that it is safe), you are not really exposing "new" risk by leaving this file behind (as whoever manages to exploit it - need anyway to have access to the user)

Gidi Marcus (Linkedin) - Storage and Microsoft technologies consultant - Hydro IT LTD - UK