Skip to main content
Solved

Using API to create Distribution Points

A
Forum|alt.badge.img+2

Hi

I am successfully using the API to do various things we require. One of the items on my list is to automate the creation of Distribution Points in the Casper interface. I can do this successfully except for the fact that I am unable to set the SMB RO and RW User Passwords via the api for the distribution points (both on creation and by doing an update)?

Has anyone managed to do this successfully? (I am able to set each of the other items required okay but without being able to set the passwords as well it really loses the benefit of an api call at all)

Andrew

Best answer by BrysonTyrrell

You won't find much documentation on using the API besides various posts around the web.

These XML tags:

<read_only_password>
<read_write_password>

...were removed from the API when reading objects as they provided plain text account passwords and were a security issue.

They exist in previous versions of the JSS.

The MD5 and SHA-256 hashes are salted so you can't reverse them right out of the XML.

View original
    Did this topic help you find an answer to your question?

    5 replies

    BrysonTyrrell
    Forum|alt.badge.img+19
    • BrysonTyrrell
    • Valued Contributor
    • 85 replies
    • January 8, 2015

    I just did a quick test and was able to POST a distribution point with the credentials. What does your XML look like? See my example here:

    <distribution_point>
  <name>CasperShare</name>
  <ip_address>my.caspershare.corp</ip_address>
  <is_master>false</is_master>
  <connection_type>AFP</connection_type>
  <share_name>CasperShare</share_name>
  <share_port>548</share_port>
  <read_only_username>casperinstall</read_only_username>
  <read_only_password>pass1234</read_only_password>
  <read_write_username>casperadmin</read_write_username>
  <read_write_password>p@ss1234!</read_write_password>
</distribution_point>
    A
    Forum|alt.badge.img+2
    • andrew_hooker
    • Author
    • New Contributor
    • 1 reply
    • January 9, 2015

    Interesting.....

    The xml we get does not have the field<read_only_password>pass1234</read_only_password>. We only have the <read_only_password_md5 since="9.23"> and <read_only_password_sha256 since="9.23"> when we get the xml for an existing DP.

    Will try this extra xml node and see if it works. It is always easier when you know what is available.... How did you find this? As far as I can tell API documentation is very scarce.......

    BrysonTyrrell
    Forum|alt.badge.img+19
    • BrysonTyrrell
    • Valued Contributor
    • 85 replies
    • Answer
    • January 9, 2015

    You won't find much documentation on using the API besides various posts around the web.

    These XML tags:

    <read_only_password>
<read_write_password>

    ...were removed from the API when reading objects as they provided plain text account passwords and were a security issue.

    They exist in previous versions of the JSS.

    The MD5 and SHA-256 hashes are salted so you can't reverse them right out of the XML.

    M
    Forum|alt.badge.img+23
    • milesleacy
    • Valued Contributor
    • 512 replies
    • October 11, 2015

    @brysontyrrell

    Before I waste time on this, can I get a clarification?

    Is it just the GET that has been removed?

    Does POST work [for these attributes]?

    BrysonTyrrell
    Forum|alt.badge.img+19
    • BrysonTyrrell
    • Valued Contributor
    • 85 replies
    • October 11, 2015

    @milesleacy GETs on objects that contain passwords were updated a while back to not provide the plaintext password (more secure now).

    POSTing a new resource using those attributes should work still. I can't remember which one just now, but I was in another discussion about this and we determined that passing the <password> worked so I would expect similar behavior throughout the JSS API.

    Reply


    Most helpful members this week

    Terms & ConditionsCookie settingsAccessibility statement

    Cookie policy

    We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

     
    Cookie settings