Get-LocalNodeServiceSecuritySettings
Synopsis
Gets the node's communication security settings.
Syntax
Get-LocalNodeServiceSecuritySettings
Detailed Description
The Get-LocalNodeServiceSecuritySettings function returns an object that contains the security settings that the node uses to communicate with other applications.
Authentication
A node's authentication mode dictates how the node will determine the identity of users trying to communicate with it (whether on behalf of Laserfiche applications or as Workers or Schedulers). By default, nodes do not attempt to authenticate clients. Nodes can be configured to identify callers using Windows Authentication.
Setting the authentication mode to Windows Authentication is required for a node to encrypt its communication and for it to enforce authorization settings.
Encryption
Laserfiche Distributed Computing Cluster supports securing its communication with other applications using SSL over TCP. By default, a node does not encrypt its communication. Encryption can be enabled using the EncryptionMode parameter.
Inputs
None
You cannot pipe input to this function.
Outputs
Laserfiche.DistributedComputingCluster.PowerShellModules.LfDccLocalNodeAdmin.Data.LocalNodeSecuritySettings
This function returns an object that contains the authentication mode, the encryption mode, and the thumbprint of the certificate that is being used to do the encryption (if one was specified).
Note: The ServerCertificateThumbprint is only used if the EncryptionMode is set to CertificateSSL.
Examples
Example 1
This command gets the node's communication security settings. It is configured to use Windows Authentication and to encrypt communication with SSL.
PS C:\> Get-LocalNodeServiceSecuritySettings AuthenticationMode EncryptionMode ServerCertificateThumbprint ------------------ -------------- ------------------------- Windows WindowsTLS
Example 2
This command gets the node's communication security settings. It is configured to use Windows Authentication and to encrypt communication with SSL. The service uses an X.509 certificate that is installed on the machine with "f9 7f 3b ae 39 5f c9 b6 6a 08 e0 6c d3 eb 33 93 4e 61 4f 5b" as its thumbprint.
PS C:\> Get-LocalNodeServiceSecuritySettings AuthenticationMode EncryptionMode ServerCertificateThumbprint ------------------ -------------- ------------------------- Windows CertificateSSL f9 7f 3b ae 39 5f c9 b...