Forum Discussion

HPosenRU's avatar
HPosenRU
Level 4
4 years ago

NetBackup API call format works in Unix but not Windows

I am running NetBackup 8.2 on a Solaris master. I am writing a script to run on my existing Windows clients for when the server needs to be reinstalled and it needs to have a re-issue token to allow automated installation of the NetBackup software. I have a working version of the script for Linux but I am having an issue converting it to run as a PowerShell script. I have been able to convert all the other API calls but not  the POST /security/securitytokens to create the new token. If I use the autogenerate API GUI when connecting to https://MASTER/api-docs/index.html in the security section it will only produce a Unix curl version. I even created a test Windows master server and it also only generates a Unix curl formatted output. I have checked the github site but I could not find a PowerShell example of this API command 

The generated code obtained is as follows:

curl -X POST "https://MASTER/netbackup/security/securitytokens" -H "accept: application/vnd.netbackup+json;version=3.0" -H "Authorization: ABCDEFGHIJKLMNOPQRSTUVWXYZ" -H "Content-Type: application/vnd.netbackup+json;version=3.0" -d "{ \"tokenName\": \"test1\", \"hostId\": \"testid\", \"reason\": \"Re-Issue\", \"allowedCount\": 1, \"validFor\": 3600, \"type\": 1}"

I had to change curl to curl.exe to use the true curl program not the alias to Invoke-WebRequest (which format is completely different) and add the -k option. This will produce the following error:

{"errorCode":9926,"errorMessage":"Input JSON is invalid","attributeErrors":{},"fileUploadErrors":[],"errorDetails":[]}

I have tried replacing the \" with ^" and also ' instead of \" but still get the JSON invalid message. 

Is there an option or any way to generate the output for Windows PowerShell? 

Any help will be greatly appreciated.

Thank you.

  • So I was finally able to resolve this issue by using the builtin Invoke-WebRequest command. Here is the syntax that I used (Note - auth_header, tokenName and hostId were defined earlier in the script):

    $basepath="https://" + $NBU_master + "/netbackup/"

    $uri = $basepath + "security/securitytokens"

    $reason = "Re-Install"

    $allowedCount = 1

    $validFor = 3600

    $reissue_token = 1

     

    $type = @{

    tokenName=$tokenName

    hostId=$hostId

    reason=$reason

    allowedCount=$allowedCount

    validFor=$validFor

    type=$reissue_token

    }

     

    $response = Invoke-WebRequest `

    -Headers $auth_header `

    -Method POST `

    -Uri $uri `

    -Body (ConvertTo-Json -InputObject $type) `

    -ContentType $content_header_3

     

    $convert = (ConvertFrom-Json -InputObject $response)

    $tokenValue=$convert.tokenValue

     

    Thank you for your help.

  • you may want to change the "-d" to a "--data-urlencode" and then urlencode the data so that you don't have to escape the slashes...

    Try something like (I've not tested it, but it will help you look in the right direction...)

    curl -X POST "https://MASTER/netbackup/security/securitytokens" -H "accept: application/vnd.netbackup+json;version=3.0" -H "Authorization: ABCDEFGHIJKLMNOPQRSTUVWXYZ" -H "Content-Type: application/vnd.netbackup+json;version=3.0" --data-urlencode "%7B%20%22tokenName%22%3A%20%22test1%22%2C%20%22hostId%22%3A%20%22testid%22%2C%20%22reason%22%3A%20%22Re-Issue%22%2C%20%22allowedCount%22%3A%201%2C%20%22validFor%22%3A%203600%2C%20%22type%22%3A%201%7D"

    • HPosenRU's avatar
      HPosenRU
      Level 4

      Thank you for your response. I tried your suggestion but I am still getting the Input JSON is invalid. I ran the curl with the -v option to give some additional output:

      curl.exe -v -k POST "https://MASTER/netbackup/security/securitytokens" -H "accept: application/vnd.netbackup+json;version=3.0" -H "Authorization: ABCDEFGHIJKLMNOPQRSTUVWXYZ" -H "Content-Type: application/vnd.netbackup+json;version=3.0" --data-urlencode "%7B%20%22tokenName%22%3A%20%22test1%22%2C%20%22hostId%22%3A%20%22testid%22%2C%20%22reason%22%3A%20%22Re-Issue%22%2C%20%22allowedCount%22%3A%201%2C%20%22validFor%22%3A%203600%2C%20%22type%22%3A%201%7D"

      * Rebuilt URL to: POST/
      * Could not resolve host: POST
      * Closing connection 0
      curl: (6) Could not resolve host: POST
      * Trying 192.168.1.1...
      * TCP_NODELAY set
      * Connected to MASTER (192.168.1.1) port 443 (#1)
      * schannel: SSL/TLS connection with MASTER port 443 (step 1/3)
      * schannel: disabled server certificate revocation checks
      * schannel: verifyhost setting prevents Schannel from comparing the supplied target name with the subject names in server certificates.
      * schannel: sending initial handshake data: sending 185 bytes...
      * schannel: sent initial handshake data: sent 185 bytes
      * schannel: SSL/TLS connection with MASTER port 443 (step 2/3)
      * schannel: failed to receive handshake, need more data
      * schannel: SSL/TLS connection with MASTER port 443 (step 2/3)
      * schannel: encrypted data got 2017
      * schannel: encrypted data buffer: offset 2017 length 4096
      * schannel: sending next handshake data: sending 126 bytes...
      * schannel: SSL/TLS connection with MASTER port 443 (step 2/3)
      * schannel: encrypted data got 51
      * schannel: encrypted data buffer: offset 51 length 4096
      * schannel: SSL/TLS handshake complete
      * schannel: SSL/TLS connection with MASTER port 443 (step 3/3)
      * schannel: stored credential handle in session cache
      > POST /netbackup/security/securitytokens HTTP/1.1
      > Host: MASTER
      > User-Agent: curl/7.55.1
      > accept: application/vnd.netbackup+json;version=3.0
      > Authorization: ABCDEFGHIJKLMNOPQRSTUVWXYZ
      > Content-Type: application/vnd.netbackup+json;version=3.0
      > Content-Length: 285
      >
      * upload completely sent off: 285 out of 285 bytes
      * schannel: client wants to read 102400 bytes
      * schannel: encdata_buffer resized 103424
      * schannel: encrypted data buffer: offset 0 length 103424
      * schannel: encrypted data got 351
      * schannel: encrypted data buffer: offset 351 length 103424
      * schannel: decrypted data length: 291
      * schannel: decrypted data added: 291
      * schannel: decrypted data cached: offset 291 length 102400
      * schannel: encrypted data length: 31
      * schannel: encrypted data cached: offset 31 length 103424
      * schannel: server closed the connection
      * schannel: schannel_recv cleanup
      * schannel: decrypted data returned 291
      * schannel: decrypted data buffer: offset 0 length 102400
      < HTTP/1.1 400
      < X-Request-ID: 8FB23690459180BA
      < Content-Type: application/json;charset=UTF-8
      < Content-Length: 119
      < Date: Mon, 01 Mar 2021 12:50:39 GMT
      < Connection: close
      <
      {"errorCode":9926,"errorMessage":"Input JSON is invalid","attributeErrors":{},"fileUploadErrors":[],"errorDetails":[]}
      * Closing connection 1
      * schannel: shutting down SSL/TLS connection with MASTER port 443
      * Send failure: Connection was aborted
      * schannel: failed to send close msg: Failed sending data to the peer (bytes written: -1)
      * schannel: clear security context handle

      • StoneRam-Simon's avatar
        StoneRam-Simon
        Level 6

        I did say that I hadn't tested it...

        The key thing is that by using the "--data-urlencode" option you can focus on getting the json right and not worry about escaping "quotes" etc....

        I encoded it using this site https://www.urlencoder.org/

        I would start by going back to the curl command that you could run on linux, and check that the json string is the same.  

        Did it use single quotes???


        Share the command that works for unix, we can try and verify what string you need to pass...