Sort of carrying on
from the previous post...
If you’re an avid reader of this blog, you might remember
the following posts from December 2013:
Note: At the time of writing, the posted version is 6.0.
Unfortunately, I don’t have time to update the post every time I amend
something. Currently I’m using v6.2 which has a bug fix and an addition. If by
some miracle you’re actually interested in cot.ps1, drop me an email and I’ll
send you the latest.
r6.1: A bug fix - noticed if cot add fails, leaves
Current-NcConnections in limbo, so now we clear all connections if connect
fails!
r6.2: Added cot {IP/DNS} {USER} PROMPT or P to get
prompt for password + cot creds added (alongside cot cred since I kept typing
creds).
COT.PS1 handles the Import-Module DataONTAP as well as
lots of other stuff. To invoke the function automatically every time PowerShell
loads, read below.
When you open PowerShell, by default it puts you in:
C:\Users\USERNAME>
Place cot.ps1 in the folder C:\Users\USERNAME - this will
be our working directory.
By default there’s no PowerShell profile, its default location
is here:
C:\Users\USERNAME\Documents\WindowsPowerShell\Microsoft.PowerShell_profile.ps1
Ensure the folder in Documents (displayed as “My
Documents”) called ‘WindowsPowerShell’ exists, then run the following commands
from the PowerShell PS
C:\Users\USERNAME> prompt:
$profile
test-path
$profile
New-Item
-path $profile -itemtype file -force
notepad
$profile
In Notepad, enter the following line (there is a space in
between the two dots), then save and close it:
. .\cot.ps1
Close and reopen PowerShell, and cot.ps1 should
automatically have been loaded!
From the PS
C:\Users\USERNAME> prompt run:
cot
help
- which should display something like the below:
cot = Returns currently connected to
controllers.
cot ? = List of commands and
description.
cot help = List of commands and
description.
cot clear = Clears current connections.
cot cred(s) = List credentials - IP/DNS
and user.
Note: Current users credential file
path = C:\Users\naadmin\PS_creds_naadmin.txt
cot rcred {IP/DNS} = Removes
credentials for specified IP/DNS.
cot rcred {IP/DNS} {USER} = Removes
credentials for specified pair.
cot {IP/DNS} = Connects with specified
arg (or fails to).
cot {IP/DNS} {USER} = Connects with
specified args (or fails to).
cot {IP/DNS} {USER} {PASSWORD} =
Connects with specified args (or fails to).
cot {IP/DNS} {USER} PROMPT = As above
but prompts for password (also P works.)
cot add {IP/DNS} = Creates an
additional connection as specified.
cot add {IP/DNS} {USER} = Creates an
additional connection as specified.
cot add {IP/DNS} {USER} {PASSWORD} =
Creates an additional connection as specified.
cot add {IP/DNS} {USER} PROMPT = As
above but prompts for password (also P works.)
cot remove {IP/DNS} = Removes the
specified connection.
cot remove {IP/DNS} {USER} = Removes
the specified connection.
Creating a Read
Only Domain User Account for Use with PowerShell
Note: You can’t use AD authentication over RPC as
with 7-Mode and PowerShell, the credentials need to be specified!
To create a read-only domain login account on the cluster
- assuming that there’s either a vserver cifs or vserver active-directory setup
done to the domain containing your AD user account.
Create a domain tunnel and a login for the AD user
account as below:
NACLU1::>
domain-tunnel create -vserver NASVM1
NACLU1::>
security login create LAB\naadmin
-application ontapi -authmethod domain -role readonly
Now test connecting to a cluster in PowerShell.
PS C:\Users\naadmin> cot NACLU1 LAB\naadmin ********
Creating a Read
Only Domain User Account for Use with SSH
Ontapi is all that’s required for normal PowerShell
commands, but to use invoke-ncssh and standard clustershell commands, a login
needs to be created with ssh application access.
NACLU1::>
security login create LAB\naadmin
-application ssh -authmethod domain -role readonly
Testing
In the following example I connect to 5 clusters at once
(the credentials were previously cached using cot DNS USER PASSWORD):
PS C:\Users\naadmin> cot NACLU1
PS C:\Users\naadmin> cot add NACLU2
PS C:\Users\naadmin> cot add NACLU3
PS C:\Users\naadmin> cot add NACLU4
PS C:\Users\naadmin> cot add NACLU5
Run one simple command and it will bring back information
from every cluster. For example, try:
PS C:\Users\naadmin> get-ncvol
PS C:\Users\naadmin> invoke-ncssh vserver show -fields language
Shutting Down
Multiple Clusters with One Command
In a lab environment, you might want once command that
shuts down every cluster and every node in every cluster. If we connect using
an admin user, this one command shuts down the entire lab:
PS C:\Users\naadmin> invoke-ncssh halt -node *
Comments
Post a Comment