Are client credentials stored in plain text in NCache?

No. NCache uses the Add-ClientNodeSecurity cmdlet to encrypt credentials using a Credentials Encryption Key (CEK) provided by the server before storing them in the client.ncconf file.

When are AdminCredentials required for client nodes?

AdminCredentials are only required if security is enabled on the client node itself. If the client node is not secured, this parameter can be omitted.

Add-ClientNodeSecurity

Add-ClientNodeSecurity is a cmdlet used to establish Encrypted Identity Handshakes between application clients and NCache clusters. By configuring cache-level credentials within the local client.ncconf, this command enables applications to authenticate against LDAP-integrated nodes.

Warning

This cache security is replicated on every client node so any secondary users are added to the client node.

Windows PowerShell
Linux CLI

Add-ClientNodeSecurity -CacheName -AdminCredentials -NodeName -CacheUserCredentials -Server [-Port] [-NoLogo]

Examples

This command configures the security credentials for the user john_smith in client.ncconf file using the CEK specified on the cache server using security credentials.

Add-ClientNodeSecurity -CacheName demoCache -CacheUserCredentials(Get-Credential john_smith) -NodeName 20.200.20.11 -Server 20.200.20.12

This command configures the security credentials for the user john_smith in client.ncconf file using the CEK specified on the server. However, the administrative credentials are only required if the client node itself is secured.

Add-ClientNodeSecurity -CacheName demoCache -CacheUserCredentials(Get-Credential john_smith) -NodeName 20.200.20.11 -Server 20.200.20.12 -AdminCredentials(Get-Credential john_smith)

Properties

Note

The parameters with asterisk (*) on their names are the required parameters and the rest are optional.

Parameters	Data Types	Description	Default Value
`-CacheName*`	`<String>`	Specifies the name of the clustered cache to which the client node for which cache-level credentials need to be configured. Note: The cache must already exist on the source server.	-
`-AdminCredentials`	`<String>`	Specifies the credentials of a user with administrative rights on the client node. This is required only if security is enabled on the client node. If security is disabled, this parameter is ignored.	-
`-NodeName*`	`<String>`	Specifies the IP address of the client node where the credentials configuration will take place.	-
`-CacheUserCredentials*`	`<pscredential>`	Specifies the user credentials that the application should use to connect to the specified cache. These credentials should belong to a user who has access rights to the designated cache.	-
`-Server*`	`<String>`	Specifies the server name where the NCache Service is running and a cache with the specified cache-name is registered, and which also provides the credentials encryption key (CEK) for encrypting client credentials.	-
`-Port`	`<Integer>`	Specifies the port on which the NCache Service is listening.	8250
`-NoLogo`	`<SwitchParameter>`	Suppresses display of the logo banner.	False

add-clientnodesecurity -cachename -adminuserid -adminpassword -nodename -cacheuseruserid -cacheuserpassword -server [-port] [-nologo]

Examples

This command configures the security credentials for the user john_smith in client.ncconf file using the CEK specified on the cache server using security credentials.

add-clientnodesecurity -cachename demoCache -cacheuserid john_smith -cacheuserpassword pass123 -nodename 20.200.20.11 -server 20.200.20.12

This command configures the security credentials for the user john_smith in client.ncconf file using the CEK specified on the cache server. However, the administrative credentials are only required if the client node itself is secured.

add-clientnodesecurity -cachename demoCache -cacheuserid john_smith -cacheuserpassword pass123 -nodename 20.200.20.11 -adminuserid john_smith -adminpassword pass123 -server 20.200.20.12

Properties

Note

The parameters with asterisk (*) on their names are the required parameters and the rest are optional.

Parameters	Data Types	Description	Default Value
`-cachename*`	`<String>`	Specifies the name of the clustered cache to which the client node for which cache-level credentials need to be configured. Note: The cache must already exist on the source server.	-
`-cacheuseruserid*`	`<String>`	Specifies the cache user ID required to authorize access for the specified operation. These credentials should belong to a user with the appropriate permissions at the cache.	-
`-cacheuserpassword*`	`<String>`	Specifies the cache user password required to authorize access for the specified operation. These credentials should belong to a user with the appropriate permissions at the cache.	-
`-nodename*`	`<String>`	Specifies the client node where security is to be configured.	-
`-adminuserid`	`<String>`	Specifies the userid of a user with administrative rights on the client node. This is required only if security is enabled on the client node. If security is disabled, this parameter is ignored.	-
`-adminpassword`	`<String>`	Specifies the password of a user with administrative rights on the client node. This is required only if security is enabled on the client node. If security is disabled, this parameter is ignored.	-
`-server*`	`<String>`	Specifies the server name where the NCache Service is running and a cache with the specified cache-name is registered, and which also provides the credentials encryption key (CEK) for encrypting client credentials.	-
`-port`	`<Integer>`	Specifies the port on which NCache Service is listening.	8250
`-nologo`	`<SwitchParameter>`	Suppresses display of the logo banner.	False

Add-ClientNodeSecurity

Warning

Examples

Properties

Note

Contact Us