Skip to main content
Start a Conversation

Unsolved

C

chrizzlibaer

2 Posts

48

December 21st, 2023 09:04

ME4024 API query via Powershell (followup)

@Epter asked a question for how to leverage powershell to get Status Information from ME4024.

Here is the original post: ‎ME4024 API query via Powershell | DELL Technologies

I'd like to provide my solution for this.

It's a quite rough script, but it should point into the right direction.

Also, there is no error handling since its not needed for our usecase.

You'll need to provide following information:

$servername : IP or DNS of your ME4024 appliance

$username : User, that has at least "Monitor" role and "WBI" interface rights

$password: the cleartext password for that user

Hope this helps!

$servername = "me4024.yourdomain.com"
$username = "monitor"
$password = "$up3r$ecr3tP@ssW0rd!"
# Create Hash for Login
# Put together the Clear Text to generate a SHA-256 Hash from

$ClearString = $username+"_"+$password

# Create hash
$hasher = [System.Security.Cryptography.HashAlgorithm]::Create('sha256')
$hash = $hasher.ComputeHash([System.Text.Encoding]::UTF8.GetBytes($ClearString))
$hashString = [System.BitConverter]::ToString($hash)
$hashstring = ($hashString.Replace('-', '')).ToLower()

# This is the resulting hash string:

$hashString

# If youre using self-signed certificates, you might need to add this for powershell to ignore the cert.
# Possible security risk

if (-not ([System.Management.Automation.PSTypeName]'ServerCertificateValidationCallback').Type)
{
$certCallback = @"
    using System;
    using System.Net;
    using System.Net.Security;
    using System.Security.Cryptography.X509Certificates;
    public class ServerCertificateValidationCallback
    {
        public static void Ignore()
        {
            if(ServicePointManager.ServerCertificateValidationCallback ==null)
            {
                ServicePointManager.ServerCertificateValidationCallback += 
                    delegate
                    (
                        Object obj, 
                        X509Certificate certificate, 
                        X509Chain chain, 
                        SslPolicyErrors errors
                    )
                    {
                        return true;
                    };
            }
        }
    }
"@
    Add-Type $certCallback
 }
[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.SecurityProtocolType]::Tls12;
[ServerCertificateValidationCallback]::Ignore()

# go to the ME4024 and ask for a 30-minute-token

$uri = "https://"+$servername+"/api/login/"+$hashString
$response = Invoke-RestMethod $uri

# get the token serial to use for the following calls

$token = (($response.response.object.property) | Where-Object {$_.name -eq "response"} | Select-Object "#text").'#text'

# This is the Token:

$token

# Get the Disk Status
# The different API URIs can be extracted from the ME4024 documentation

$uri = "https://"+$servername+"/api/show/disks"
$Header = @{
    "sessionKey" = $token
    "datatype" = "json"
}
$response = Invoke-RestMethod $uri -Headers $header

# This is the Disk info:

$response.drives | fl

chrizzlibaer

2 Posts

December 21st, 2023 09:06

This are the minimum rights for the user thats using the API

The_LostIT_Guy

1 Rookie

 • 

66 Posts

February 12th, 2024 15:42

Good work!

The following would be ideal to prevent people from accidentally leaving plaintext credentials in a file.

$credentials = Get-Credential 
$secureString = $credentials.Username+"_"+$credentials.GetNetworkCredential().Password

Could even take things a step further and save the credentials in PowerShell's SecretStore module to call from later.

(edited)

View More

View All

No Events found!

Top