For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Zdenda's avatar
Zdenda
Icon for Cirrus rankCirrus
Nov 04, 2013

publishing powershell scripts to customer

Hello, what tricks you usually do to publish your scripts for customer use. Customer has access to server hosting PS scritpts and is supposed to run some commands by himself. Problem is that script contains username and password and I am thinking how to make this solution as secure as possible. Is creating of some another PS script calling my script the right way? But if customer browse to script I gave him, he can find the path to my scripts with credentials..

 

Let me please know if somebody of you solved similar case. Thanks, Zdenek

 

devops
iControl

3 Replies

  • Zdenda's avatar
    Zdenda
    Icon for Cirrus rankCirrus
    Nov 05, 2013

    Hello, nobody had a similar case and didn't want to expose his credentials to powershell users?

     

  • mhite_60883's avatar
    mhite_60883
    Icon for Cirrocumulus rankCirrocumulus
    Nov 05, 2013

    It's a common problem and I don't think there is a straight forward answer.

     

    What we do is create partitions for 'customers' and create credentials which allow administration of only their partition. This at least isolates the customer to some degree and limits the damage they could potentially do.

     

    My 'wish' would be for F5 to allow us to create users that had API only access. Extra credit for allowing us to define what API calls are permitted for said user. Today this does not exist.

     

  • Zdenda's avatar
    Zdenda
    Icon for Cirrus rankCirrus
    Nov 06, 2013

    Thank you, I will discuss this with some of our powershell guys, maybe there is some trick. I supposed there will be more LB guys trying to solve this, but seems nobody needed it really..