Learn how to authenticate to HPE OneView appliances using credentials, PSCredential objects, certificates, and how to manage multiple simultaneous connections.
Use this file to discover all available pages before exploring further.
Before running any cmdlet, you must establish an authenticated session with Connect-OVMgmt. Sessions are stored in the $Global:ConnectedSessions variable and are used automatically by all subsequent cmdlets.
The preferred approach is to pass a PSCredential object. This keeps credentials out of scripts and works naturally with PowerShell’s credential management.
# Prompts for username and password in a secure dialog$Credential = Get-Credential -Username Administrator -Message "HPE OneView password"$ApplianceConnection = Connect-OVMgmt -Hostname "hpov.example.com" -Credential $Credential
Store credentials with Export-Clixml / Import-Clixml so scripts can run non-interactively without embedding plain-text passwords.
Certificate-based authentication requires the appliance to be configured for two-factor authentication and the user account to have a certificate mapped. See your appliance security settings for details.
When multiple sessions exist, cmdlets that accept -ApplianceConnection use the default connection unless you specify otherwise.
# Target a specific appliance by passing the connection objectGet-OVServer -ApplianceConnection $Conn2# Or iterate over all appliancesForEach ($Session in $Global:ConnectedSessions) { Get-OVServer -ApplianceConnection $Session}
The first connection established becomes the default. When you add more connections you can change which one is default with Set-OVApplianceDefaultConnection.
# Promote hpov2 to the default connection$Global:ConnectedSessions | Where-Object Name -EQ "hpov2.example.com" | Set-OVApplianceDefaultConnection# Confirm the change$Global:ConnectedSessions | Select-Object Name, Default
After this, cmdlets without an explicit -ApplianceConnection parameter will target hpov2.example.com.
On Linux and macOS, the library validates the appliance TLS certificate against the system trust store. If your appliance uses a private CA, import the CA certificate before connecting.
# Add the CA cert to the system trust store (Debian/Ubuntu)# sudo cp MyCA.crt /usr/local/share/ca-certificates/# sudo update-ca-certificates# Or add directly to the PowerShell session trust storeAdd-OVApplianceTrustedCertificate -Path "/tmp/MyCA.crt"
Only use IgnoreCertErrors in isolated lab environments. Bypassing certificate validation exposes your session to man-in-the-middle attacks. Never use this in production.
Some older cmdlet invocations in the library accept -IgnoreCertErrors for connectivity testing:
# Lab/test use ONLY$ApplianceConnection = Connect-OVMgmt -Hostname "192.168.1.10" -Credential $Credential
For self-signed certificates in a lab, import the appliance certificate into the trust store rather than disabling validation entirely.
A freshly deployed appliance forces an Administrator password change on first login. The library raises a HPEOneView.Appliance.PasswordChangeRequired exception that you can catch and handle:
Always disconnect at the end of a script to release the session token on the appliance.
# Disconnect the default (or only) sessionDisconnect-OVMgmt# Disconnect a specific session by nameDisconnect-OVMgmt -ApplianceConnection "hpov2.example.com"# Disconnect all sessions$Global:ConnectedSessions | Disconnect-OVMgmt
Wrap your entire script in a try / finally block and call Disconnect-OVMgmt in the finally block so sessions are always cleaned up, even when the script exits with an error.