diff --git a/Modules/VMware.vSphere.SsoAdmin/IdentitySource.ps1 b/Modules/VMware.vSphere.SsoAdmin/IdentitySource.ps1 index 9dbad38..c0bc665 100644 --- a/Modules/VMware.vSphere.SsoAdmin/IdentitySource.ps1 +++ b/Modules/VMware.vSphere.SsoAdmin/IdentitySource.ps1 @@ -42,6 +42,9 @@ function Add-ExternalDomainIdentitySource { .PARAMETER DomainServerType Type of the ExternalDomain, one of 'ActiveDirectory','OpenLdap','NIS' + .PARAMETER Default + Sets the Identity Source as the defualt for the SSO + .PARAMETER Server Specifies the vSphere Sso Admin Server on which you want to run the cmdlet. If not specified the servers available in $global:DefaultSsoAdminServers variable will be used. @@ -139,6 +142,14 @@ function Add-ExternalDomainIdentitySource { [string] $DomainServerType = 'ActiveDirectory', + [Parameter( + Mandatory = $false, + ValueFromPipeline = $false, + ValueFromPipelineByPropertyName = $false, + HelpMessage = 'Sets the Identity Source as default')] + [Switch] + $Default, + [Parameter( Mandatory = $false, ValueFromPipeline = $false, @@ -170,6 +181,10 @@ function Add-ExternalDomainIdentitySource { $Username, $Password, $DomainServerType); + + if ($Default) { + $connection.Client.SetDefaultIdentitySource($Name) + } } } catch { @@ -225,6 +240,9 @@ function Add-LDAPIdentitySource { .PARAMETER Certificates List of X509Certicate2 LDAP certificates + .PARAMETER Default + Sets the Identity Source as the defualt for the SSO + .PARAMETER Server Specifies the vSphere Sso Admin Server on which you want to run the cmdlet. If not specified the servers available in $global:DefaultSsoAdminServers variable will be used. @@ -349,6 +367,14 @@ function Add-LDAPIdentitySource { [string] $ServerType = 'ActiveDirectory', + [Parameter( + Mandatory = $false, + ValueFromPipeline = $false, + ValueFromPipelineByPropertyName = $false, + HelpMessage = 'Sets the Identity Source as default')] + [Switch] + $Default, + [Parameter( Mandatory = $false, ValueFromPipeline = $false, @@ -392,6 +418,10 @@ function Add-LDAPIdentitySource { $authenticationPassword, $ServerType, $Certificates); + + if ($Default) { + $connection.Client.SetDefaultIdentitySource($Name) + } } } catch { @@ -426,6 +456,9 @@ function Set-LDAPIdentitySource { .PARAMETER Credential Domain authentication credential + .PARAMETER Default + Sets the Identity Source as the defualt for the SSO + .PARAMETER Server Specifies the vSphere Sso Admin Server on which you want to run the cmdlet. If not specified the servers available in $global:DefaultSsoAdminServers variable will be used. @@ -499,6 +532,15 @@ function Set-LDAPIdentitySource { [PSCredential] $Credential, + [Parameter( + Mandatory = $false, + ValueFromPipeline = $false, + ValueFromPipelineByPropertyName = $false, + ParameterSetName = 'SetAsDefault', + HelpMessage = 'Sets the Identity Source as default')] + [Switch] + $Default, + [Parameter( Mandatory = $false, ValueFromPipeline = $false, @@ -549,6 +591,92 @@ function Set-LDAPIdentitySource { $authenticationUserName, $authenticationPassword); } + + if ($Default) { + $connection.Client.SetDefaultIdentitySource($IdentitySource.Name) + } + } + } + catch { + Write-Error (FormatError $_.Exception) + } + } +} + +function Set-IdentitySource { + <# + .NOTES + =========================================================================== + Created on: 2/25/2022 + Created by: Dimitar Milov + Twitter: @dimitar_milov + Github: https://github.com/dmilov + =========================================================================== + .DESCRIPTION + Updates IDentitySource + + .PARAMETER IdentitySource + Identity Source to update + + .PARAMETER Default + Sets the Identity Source as the defualt for the SSO + + .PARAMETER Server + Specifies the vSphere Sso Admin Server on which you want to run the cmdlet. + If not specified the servers available in $global:DefaultSsoAdminServers variable will be used. + + Updates LDAP Identity Source + + .EXAMPLE + + Updates certificate of a LDAP identity source + + Get-IdentitySource -External | Set-IdentitySource -Default + #> + [CmdletBinding()] + param( + [Parameter( + Mandatory = $true, + ValueFromPipeline = $true, + ValueFromPipelineByPropertyName = $false, + HelpMessage = 'Identity source to update')] + [ValidateNotNull()] + [VMware.vSphere.SsoAdminClient.DataTypes.IdentitySource] + $IdentitySource, + + [Parameter( + Mandatory = $false, + ValueFromPipeline = $false, + ValueFromPipelineByPropertyName = $false, + HelpMessage = 'Sets the Identity Source as default')] + [Switch] + $Default, + + [Parameter( + Mandatory = $false, + ValueFromPipeline = $false, + ValueFromPipelineByPropertyName = $false, + HelpMessage = 'Connected SsoAdminServer object')] + [ValidateNotNull()] + [VMware.vSphere.SsoAdminClient.DataTypes.SsoAdminServer] + $Server) + + Process { + $serversToProcess = $global:DefaultSsoAdminServers.ToArray() + if ($null -ne $Server) { + $serversToProcess = $Server + } + + try { + foreach ($connection in $serversToProcess) { + if (-not $connection.IsConnected) { + Write-Error "Server $connection is disconnected" + continue + } + + if ($Default) { + $connection.Client.SetDefaultIdentitySource($IdentitySource.Name) + } } } catch { @@ -578,6 +706,9 @@ function Get-IdentitySource { .PARAMETER External Filter parameter to return only the external domain identity sources + .PARAMETER Default + Filter parameter to return only the default domain identity sources + .PARAMETER Server Specifies the vSphere Sso Admin Server on which you want to run the cmdlet. If not specified the servers available in $global:DefaultSsoAdminServers variable will be used. @@ -614,6 +745,14 @@ function Get-IdentitySource { [Switch] $External, + [Parameter( + Mandatory = $false, + ValueFromPipeline = $false, + ValueFromPipelineByPropertyName = $false, + HelpMessage = 'Returns only the default domain identity sources')] + [Switch] + $Default, + [Parameter( Mandatory = $false, ValueFromPipeline = $false, @@ -652,6 +791,12 @@ function Get-IdentitySource { $resultIdentitySources += $allIdentitySources | Where-Object { $_ -is [VMware.vSphere.SsoAdminClient.DataTypes.ActiveDirectoryIdentitySource] } } + if ($Default) { + $resultIdentitySources = @() + $defaultDomainName = $connection.Client.GetDefaultIdentitySourceDomainName() + $resultIdentitySources = $allIdentitySources | Where-Object { $_.Name -eq $defaultDomainName } + } + #Return result $resultIdentitySources } diff --git a/Modules/VMware.vSphere.SsoAdmin/VMware.vSphere.SsoAdmin.psd1 b/Modules/VMware.vSphere.SsoAdmin/VMware.vSphere.SsoAdmin.psd1 index f9dbd9c..0526e51 100644 --- a/Modules/VMware.vSphere.SsoAdmin/VMware.vSphere.SsoAdmin.psd1 +++ b/Modules/VMware.vSphere.SsoAdmin/VMware.vSphere.SsoAdmin.psd1 @@ -12,7 +12,7 @@ RootModule = 'VMware.vSphere.SsoAdmin.psm1' # Version number of this module. -ModuleVersion = '1.3.7' +ModuleVersion = '1.3.8' # Supported PSEditions # CompatiblePSEditions = @() @@ -77,7 +77,7 @@ FunctionsToExport = 'Connect-SsoAdminServer', 'Disconnect-SsoAdminServer', 'Add-UserToSsoGroup', 'Remove-UserFromSsoGroup', 'Get-SsoPasswordPolicy', 'Set-SsoPasswordPolicy', 'Get-SsoLockoutPolicy', 'Set-SsoLockoutPolicy', - 'Get-SsoTokenLifetime', 'Set-SsoTokenLifetime', 'Get-IdentitySource', + 'Get-SsoTokenLifetime', 'Set-SsoTokenLifetime', 'Get-IdentitySource', 'Set-IdentitySource', 'Remove-IdentitySource', 'Add-ActiveDirectoryIdentitySource', 'Add-LDAPIdentitySource', 'Set-LDAPIdentitySource', 'Get-SsoAuthenticationPolicy', 'Set-SsoAuthenticationPolicy' diff --git a/Modules/VMware.vSphere.SsoAdmin/net45/VMware.vSphere.SsoAdmin.Utils.dll b/Modules/VMware.vSphere.SsoAdmin/net45/VMware.vSphere.SsoAdmin.Utils.dll index 3f0ed2e..af3eaef 100644 Binary files a/Modules/VMware.vSphere.SsoAdmin/net45/VMware.vSphere.SsoAdmin.Utils.dll and b/Modules/VMware.vSphere.SsoAdmin/net45/VMware.vSphere.SsoAdmin.Utils.dll differ diff --git a/Modules/VMware.vSphere.SsoAdmin/net45/VMware.vSphere.SsoAdminClient.dll b/Modules/VMware.vSphere.SsoAdmin/net45/VMware.vSphere.SsoAdminClient.dll index 96edd72..c55f118 100644 Binary files a/Modules/VMware.vSphere.SsoAdmin/net45/VMware.vSphere.SsoAdminClient.dll and b/Modules/VMware.vSphere.SsoAdmin/net45/VMware.vSphere.SsoAdminClient.dll differ diff --git a/Modules/VMware.vSphere.SsoAdmin/netcoreapp3.1/VMware.vSphere.SsoAdmin.Utils.dll b/Modules/VMware.vSphere.SsoAdmin/netcoreapp3.1/VMware.vSphere.SsoAdmin.Utils.dll index 5c7af12..0beb38b 100644 Binary files a/Modules/VMware.vSphere.SsoAdmin/netcoreapp3.1/VMware.vSphere.SsoAdmin.Utils.dll and b/Modules/VMware.vSphere.SsoAdmin/netcoreapp3.1/VMware.vSphere.SsoAdmin.Utils.dll differ diff --git a/Modules/VMware.vSphere.SsoAdmin/netcoreapp3.1/VMware.vSphere.SsoAdminClient.dll b/Modules/VMware.vSphere.SsoAdmin/netcoreapp3.1/VMware.vSphere.SsoAdminClient.dll index c42029d..0b09044 100644 Binary files a/Modules/VMware.vSphere.SsoAdmin/netcoreapp3.1/VMware.vSphere.SsoAdminClient.dll and b/Modules/VMware.vSphere.SsoAdmin/netcoreapp3.1/VMware.vSphere.SsoAdminClient.dll differ diff --git a/Modules/VMware.vSphere.SsoAdmin/src/VMware.vSphere.SsoAdmin.Client/VMware.vSphere.SsoAdminClient/SsoAdminClient.cs b/Modules/VMware.vSphere.SsoAdmin/src/VMware.vSphere.SsoAdmin.Client/VMware.vSphere.SsoAdminClient/SsoAdminClient.cs index 288acc3..0ac10a0 100644 --- a/Modules/VMware.vSphere.SsoAdmin/src/VMware.vSphere.SsoAdmin.Client/VMware.vSphere.SsoAdminClient/SsoAdminClient.cs +++ b/Modules/VMware.vSphere.SsoAdmin/src/VMware.vSphere.SsoAdmin.Client/VMware.vSphere.SsoAdminClient/SsoAdminClient.cs @@ -1316,6 +1316,62 @@ namespace VMware.vSphere.SsoAdminClient } } + public void SetDefaultIdentitySource(string domainName) + { + var authorizedInvocationContext = + CreateAuthorizedInvocationContext(); + + var setDefaultDomainRequest = new IdS_setDefaultDomainsRequest + { + domainNames = new string[]{domainName} + }; + + try + { + authorizedInvocationContext. + InvokeOperation(() => + _ssoAdminBindingClient.IdS_setDefaultDomainsAsync( + new ManagedObjectReference + { + type = "SsoAdminIdentitySourceManagementService", + Value = "identitySourceManagementService" + }, + new string[]{domainName})).Wait(); + } + catch (AggregateException e) + { + throw e.InnerException; + } + } + + public string GetDefaultIdentitySourceDomainName() + { + string result = null; + var authorizedInvocationContext = + CreateAuthorizedInvocationContext(); + + try + { + var response = authorizedInvocationContext. + InvokeOperation(() => + _ssoAdminBindingClient.IdS_getDefaultDomainsAsync( + new ManagedObjectReference + { + type = "SsoAdminIdentitySourceManagementService", + Value = "identitySourceManagementService" + })).Result; + if (response != null && response.returnval != null && response.returnval.Length > 0) { + result = response.returnval[0]; + } + } + catch (AggregateException e) + { + throw e.InnerException; + } + + return result; + } + public void DeleteDomain(string name) {