voltron/PowerCLI-Example-Scripts
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Implement Set Default Identity Source and Get Default Identity Source (#545)

Browse Source 
Signed-off-by: Dimitar Milov <dmilov@vmware.com>
This commit is contained in:
dmilov
2022-02-25 11:26:10 +02:00
committed by GitHub
parent 9a302e0473
commit 829307318f
7 changed files with 203 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

145
Modules/VMware.vSphere.SsoAdmin/IdentitySource.ps1
View File

@@ -42,6 +42,9 @@ function Add-ExternalDomainIdentitySource {
.PARAMETER DomainServerType .PARAMETER DomainServerType
Type of the ExternalDomain, one of 'ActiveDirectory','OpenLdap','NIS' Type of the ExternalDomain, one of 'ActiveDirectory','OpenLdap','NIS'
.PARAMETER Default
Sets the Identity Source as the defualt for the SSO
.PARAMETER Server .PARAMETER Server
Specifies the vSphere Sso Admin Server on which you want to run the cmdlet. Specifies the vSphere Sso Admin Server on which you want to run the cmdlet.
If not specified the servers available in $global:DefaultSsoAdminServers variable will be used. If not specified the servers available in $global:DefaultSsoAdminServers variable will be used.
@@ -139,6 +142,14 @@ function Add-ExternalDomainIdentitySource {
[string] [string]
$DomainServerType = 'ActiveDirectory', $DomainServerType = 'ActiveDirectory',
[Parameter(
Mandatory = $false,
ValueFromPipeline = $false,
ValueFromPipelineByPropertyName = $false,
HelpMessage = 'Sets the Identity Source as default')]
[Switch]
$Default,
[Parameter( [Parameter(
Mandatory = $false, Mandatory = $false,
ValueFromPipeline = $false, ValueFromPipeline = $false,
@@ -170,6 +181,10 @@ function Add-ExternalDomainIdentitySource {
$Username, $Username,
$Password, $Password,
$DomainServerType); $DomainServerType);
if ($Default) {
$connection.Client.SetDefaultIdentitySource($Name)
}
} }
} }
catch { catch {
@@ -225,6 +240,9 @@ function Add-LDAPIdentitySource {
.PARAMETER Certificates .PARAMETER Certificates
List of X509Certicate2 LDAP certificates List of X509Certicate2 LDAP certificates
.PARAMETER Default
Sets the Identity Source as the defualt for the SSO
.PARAMETER Server .PARAMETER Server
Specifies the vSphere Sso Admin Server on which you want to run the cmdlet. Specifies the vSphere Sso Admin Server on which you want to run the cmdlet.
If not specified the servers available in $global:DefaultSsoAdminServers variable will be used. If not specified the servers available in $global:DefaultSsoAdminServers variable will be used.
@@ -349,6 +367,14 @@ function Add-LDAPIdentitySource {
[string] [string]
$ServerType = 'ActiveDirectory', $ServerType = 'ActiveDirectory',
[Parameter(
Mandatory = $false,
ValueFromPipeline = $false,
ValueFromPipelineByPropertyName = $false,
HelpMessage = 'Sets the Identity Source as default')]
[Switch]
$Default,
[Parameter( [Parameter(
Mandatory = $false, Mandatory = $false,
ValueFromPipeline = $false, ValueFromPipeline = $false,
@@ -392,6 +418,10 @@ function Add-LDAPIdentitySource {
$authenticationPassword, $authenticationPassword,
$ServerType, $ServerType,
$Certificates); $Certificates);
if ($Default) {
$connection.Client.SetDefaultIdentitySource($Name)
}
} }
} }
catch { catch {
@@ -426,6 +456,9 @@ function Set-LDAPIdentitySource {
.PARAMETER Credential .PARAMETER Credential
Domain authentication credential Domain authentication credential
.PARAMETER Default
Sets the Identity Source as the defualt for the SSO
.PARAMETER Server .PARAMETER Server
Specifies the vSphere Sso Admin Server on which you want to run the cmdlet. Specifies the vSphere Sso Admin Server on which you want to run the cmdlet.
If not specified the servers available in $global:DefaultSsoAdminServers variable will be used. If not specified the servers available in $global:DefaultSsoAdminServers variable will be used.
@@ -499,6 +532,15 @@ function Set-LDAPIdentitySource {
[PSCredential] [PSCredential]
$Credential, $Credential,
[Parameter(
Mandatory = $false,
ValueFromPipeline = $false,
ValueFromPipelineByPropertyName = $false,
ParameterSetName = 'SetAsDefault',
HelpMessage = 'Sets the Identity Source as default')]
[Switch]
$Default,
[Parameter( [Parameter(
Mandatory = $false, Mandatory = $false,
ValueFromPipeline = $false, ValueFromPipeline = $false,
@@ -549,6 +591,92 @@ function Set-LDAPIdentitySource {
$authenticationUserName, $authenticationUserName,
$authenticationPassword); $authenticationPassword);
} }
if ($Default) {
$connection.Client.SetDefaultIdentitySource($IdentitySource.Name)
}
}
}
catch {
Write-Error (FormatError $_.Exception)
}
}
}
function Set-IdentitySource {
<#
.NOTES
===========================================================================
Created on: 2/25/2022
Created by: Dimitar Milov
Twitter: @dimitar_milov
Github: https://github.com/dmilov
===========================================================================
.DESCRIPTION
Updates IDentitySource
.PARAMETER IdentitySource
Identity Source to update
.PARAMETER Default
Sets the Identity Source as the defualt for the SSO
.PARAMETER Server
Specifies the vSphere Sso Admin Server on which you want to run the cmdlet.
If not specified the servers available in $global:DefaultSsoAdminServers variable will be used.
Updates LDAP Identity Source
.EXAMPLE
Updates certificate of a LDAP identity source
Get-IdentitySource -External | Set-IdentitySource -Default
#>
[CmdletBinding()]
param(
[Parameter(
Mandatory = $true,
ValueFromPipeline = $true,
ValueFromPipelineByPropertyName = $false,
HelpMessage = 'Identity source to update')]
[ValidateNotNull()]
[VMware.vSphere.SsoAdminClient.DataTypes.IdentitySource]
$IdentitySource,
[Parameter(
Mandatory = $false,
ValueFromPipeline = $false,
ValueFromPipelineByPropertyName = $false,
HelpMessage = 'Sets the Identity Source as default')]
[Switch]
$Default,
[Parameter(
Mandatory = $false,
ValueFromPipeline = $false,
ValueFromPipelineByPropertyName = $false,
HelpMessage = 'Connected SsoAdminServer object')]
[ValidateNotNull()]
[VMware.vSphere.SsoAdminClient.DataTypes.SsoAdminServer]
$Server)
Process {
$serversToProcess = $global:DefaultSsoAdminServers.ToArray()
if ($null -ne $Server) {
$serversToProcess = $Server
}
try {
foreach ($connection in $serversToProcess) {
if (-not $connection.IsConnected) {
Write-Error "Server $connection is disconnected"
continue
}
if ($Default) {
$connection.Client.SetDefaultIdentitySource($IdentitySource.Name)
}
} }
} }
catch { catch {
@@ -578,6 +706,9 @@ function Get-IdentitySource {
.PARAMETER External .PARAMETER External
Filter parameter to return only the external domain identity sources Filter parameter to return only the external domain identity sources
.PARAMETER Default
Filter parameter to return only the default domain identity sources
.PARAMETER Server .PARAMETER Server
Specifies the vSphere Sso Admin Server on which you want to run the cmdlet. Specifies the vSphere Sso Admin Server on which you want to run the cmdlet.
If not specified the servers available in $global:DefaultSsoAdminServers variable will be used. If not specified the servers available in $global:DefaultSsoAdminServers variable will be used.
@@ -614,6 +745,14 @@ function Get-IdentitySource {
[Switch] [Switch]
$External, $External,
[Parameter(
Mandatory = $false,
ValueFromPipeline = $false,
ValueFromPipelineByPropertyName = $false,
HelpMessage = 'Returns only the default domain identity sources')]
[Switch]
$Default,
[Parameter( [Parameter(
Mandatory = $false, Mandatory = $false,
ValueFromPipeline = $false, ValueFromPipeline = $false,
@@ -652,6 +791,12 @@ function Get-IdentitySource {
$resultIdentitySources += $allIdentitySources | Where-Object { $_ -is [VMware.vSphere.SsoAdminClient.DataTypes.ActiveDirectoryIdentitySource] } $resultIdentitySources += $allIdentitySources | Where-Object { $_ -is [VMware.vSphere.SsoAdminClient.DataTypes.ActiveDirectoryIdentitySource] }
} }
if ($Default) {
$resultIdentitySources = @()
$defaultDomainName = $connection.Client.GetDefaultIdentitySourceDomainName()
$resultIdentitySources = $allIdentitySources | Where-Object { $_.Name -eq $defaultDomainName }
}
#Return result #Return result
$resultIdentitySources $resultIdentitySources
} }

4
Modules/VMware.vSphere.SsoAdmin/VMware.vSphere.SsoAdmin.psd1
View File

@@ -12,7 +12,7 @@
RootModule = 'VMware.vSphere.SsoAdmin.psm1' RootModule = 'VMware.vSphere.SsoAdmin.psm1'
# Version number of this module. # Version number of this module.
ModuleVersion = '1.3.7' ModuleVersion = '1.3.8'
# Supported PSEditions # Supported PSEditions
# CompatiblePSEditions = @() # CompatiblePSEditions = @()
@@ -77,7 +77,7 @@ FunctionsToExport = 'Connect-SsoAdminServer', 'Disconnect-SsoAdminServer',
'Add-UserToSsoGroup', 'Remove-UserFromSsoGroup', 'Add-UserToSsoGroup', 'Remove-UserFromSsoGroup',
'Get-SsoPasswordPolicy', 'Set-SsoPasswordPolicy', 'Get-SsoPasswordPolicy', 'Set-SsoPasswordPolicy',
'Get-SsoLockoutPolicy', 'Set-SsoLockoutPolicy', 'Get-SsoLockoutPolicy', 'Set-SsoLockoutPolicy',
'Get-SsoTokenLifetime', 'Set-SsoTokenLifetime', 'Get-IdentitySource', 'Get-SsoTokenLifetime', 'Set-SsoTokenLifetime', 'Get-IdentitySource', 'Set-IdentitySource',
'Remove-IdentitySource', 'Add-ActiveDirectoryIdentitySource', 'Remove-IdentitySource', 'Add-ActiveDirectoryIdentitySource',
'Add-LDAPIdentitySource', 'Set-LDAPIdentitySource', 'Add-LDAPIdentitySource', 'Set-LDAPIdentitySource',
'Get-SsoAuthenticationPolicy', 'Set-SsoAuthenticationPolicy' 'Get-SsoAuthenticationPolicy', 'Set-SsoAuthenticationPolicy'

BIN
Modules/VMware.vSphere.SsoAdmin/net45/VMware.vSphere.SsoAdmin.Utils.dll
View File

Binary file not shown.

BIN
Modules/VMware.vSphere.SsoAdmin/net45/VMware.vSphere.SsoAdminClient.dll
View File

Binary file not shown.

BIN
Modules/VMware.vSphere.SsoAdmin/netcoreapp3.1/VMware.vSphere.SsoAdmin.Utils.dll
View File

Binary file not shown.

BIN
Modules/VMware.vSphere.SsoAdmin/netcoreapp3.1/VMware.vSphere.SsoAdminClient.dll
View File

Binary file not shown.

56
Modules/VMware.vSphere.SsoAdmin/src/VMware.vSphere.SsoAdmin.Client/VMware.vSphere.SsoAdminClient/SsoAdminClient.cs
View File

@@ -1316,6 +1316,62 @@ namespace VMware.vSphere.SsoAdminClient
} }
} }
public void SetDefaultIdentitySource(string domainName)
{
var authorizedInvocationContext =
CreateAuthorizedInvocationContext();
var setDefaultDomainRequest = new IdS_setDefaultDomainsRequest
{
domainNames = new string[]{domainName}
};
try
{
authorizedInvocationContext.
InvokeOperation(() =>
_ssoAdminBindingClient.IdS_setDefaultDomainsAsync(
new ManagedObjectReference
{
type = "SsoAdminIdentitySourceManagementService",
Value = "identitySourceManagementService"
},
new string[]{domainName})).Wait();
}
catch (AggregateException e)
{
throw e.InnerException;
}
}
public string GetDefaultIdentitySourceDomainName()
{
string result = null;
var authorizedInvocationContext =
CreateAuthorizedInvocationContext();
try
{
var response = authorizedInvocationContext.
InvokeOperation(() =>
_ssoAdminBindingClient.IdS_getDefaultDomainsAsync(
new ManagedObjectReference
{
type = "SsoAdminIdentitySourceManagementService",
Value = "identitySourceManagementService"
})).Result;
if (response != null && response.returnval != null && response.returnval.Length > 0) {
result = response.returnval[0];
}
}
catch (AggregateException e)
{
throw e.InnerException;
}
return result;
}
public void DeleteDomain(string name) public void DeleteDomain(string name)
{ {