VMware PowerCLI

The Best User Interface for your VMware Datacenter!

PowerCLI remote authentication

NSX-T admins would like to leverage the vIDM based login credentials instead of NSX-T local admin user. The NSX-T API allows this by submitting remote authorization headers in the login. As a reference, the go library supports this already (https://github.com/vmware/go-vmware-nsxt/blob/master/api_client.go): 

 

// For remote Auth (vIDM use case), construct the REMOTE auth header

   remoteAuthHeader := ""
   if client.cfg.RemoteAuth {
      auth := client.cfg.UserName + ":" + client.cfg.Password
      encoded := base64.StdEncoding.EncodeToString([]byte(auth))
      remoteAuthHeader = "Remote " + encoded
      requestHeaders["Authorization"] = remoteAuthHeader
   }

 

The idea is if the connect-nsxtserver cmdlet would either automatically try both local and remote to login, or that a parameter could be set, to instruct the cmdlet to use the remote or local login. 

  • Jakub Bartisek
  • Jun 27 2019
  • Attach files