Unsolved
2 Posts
1
48
ME4024 API query via Powershell (followup)
@Epter asked a question for how to leverage powershell to get Status Information from ME4024.
Here is the original post: ME4024 API query via Powershell | DELL Technologies
I'd like to provide my solution for this.
It's a quite rough script, but it should point into the right direction.
Also, there is no error handling since its not needed for our usecase.
You'll need to provide following information:
$servername : IP or DNS of your ME4024 appliance
$username : User, that has at least "Monitor" role and "WBI" interface rights
$password: the cleartext password for that user
Hope this helps!
$servername = "me4024.yourdomain.com"
$username = "monitor"
$password = "$up3r$ecr3tP@ssW0rd!"
# Create Hash for Login
# Put together the Clear Text to generate a SHA-256 Hash from
$ClearString = $username+"_"+$password
# Create hash
$hasher = [System.Security.Cryptography.HashAlgorithm]::Create('sha256')
$hash = $hasher.ComputeHash([System.Text.Encoding]::UTF8.GetBytes($ClearString))
$hashString = [System.BitConverter]::ToString($hash)
$hashstring = ($hashString.Replace('-', '')).ToLower()
# This is the resulting hash string:
$hashString
# If youre using self-signed certificates, you might need to add this for powershell to ignore the cert.
# Possible security risk
if (-not ([System.Management.Automation.PSTypeName]'ServerCertificateValidationCallback').Type)
{
$certCallback = @"
using System;
using System.Net;
using System.Net.Security;
using System.Security.Cryptography.X509Certificates;
public class ServerCertificateValidationCallback
{
public static void Ignore()
{
if(ServicePointManager.ServerCertificateValidationCallback ==null)
{
ServicePointManager.ServerCertificateValidationCallback +=
delegate
(
Object obj,
X509Certificate certificate,
X509Chain chain,
SslPolicyErrors errors
)
{
return true;
};
}
}
}
"@
Add-Type $certCallback
}
[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.SecurityProtocolType]::Tls12;
[ServerCertificateValidationCallback]::Ignore()
# go to the ME4024 and ask for a 30-minute-token
$uri = "https://"+$servername+"/api/login/"+$hashString
$response = Invoke-RestMethod $uri
# get the token serial to use for the following calls
$token = (($response.response.object.property) | Where-Object {$_.name -eq "response"} | Select-Object "#text").'#text'
# This is the Token:
$token
# Get the Disk Status
# The different API URIs can be extracted from the ME4024 documentation
$uri = "https://"+$servername+"/api/show/disks"
$Header = @{
"sessionKey" = $token
"datatype" = "json"
}
$response = Invoke-RestMethod $uri -Headers $header
# This is the Disk info:
$response.drives | fl
chrizzlibaer
2 Posts
0
December 21st, 2023 09:06
This are the minimum rights for the user thats using the API
The_LostIT_Guy
1 Rookie
1 Rookie
•
66 Posts
0
February 12th, 2024 15:42
Good work!
The following would be ideal to prevent people from accidentally leaving plaintext credentials in a file.
Could even take things a step further and save the credentials in PowerShell's SecretStore module to call from later.
(edited)