diff --git a/Modules/VMware.vSphere.SsoAdmin/Connect.ps1 b/Modules/VMware.vSphere.SsoAdmin/Connect.ps1 index bfd6fa4..37038fc 100644 --- a/Modules/VMware.vSphere.SsoAdmin/Connect.ps1 +++ b/Modules/VMware.vSphere.SsoAdmin/Connect.ps1 @@ -24,6 +24,9 @@ function Connect-SsoAdminServer { .PARAMETER Password Specifies the password you want to use for authenticating with the server. + .PARAMETER Credential + Specifies a PSCredential object to for authenticating with the server. + .PARAMETER SkipCertificateCheck Specifies whether server Tls certificate validation will be skipped @@ -46,7 +49,8 @@ function Connect-SsoAdminServer { Mandatory = $true, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $false, - HelpMessage = 'User name you want to use for authenticating with the server')] + HelpMessage = 'User name you want to use for authenticating with the server', + ParameterSetName = 'UserPass')] [string] $User, @@ -54,11 +58,21 @@ function Connect-SsoAdminServer { Mandatory = $true, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $false, - HelpMessage = 'Password you want to use for authenticating with the server')] + HelpMessage = 'Password you want to use for authenticating with the server', + ParameterSetName = 'UserPass')] [VMware.vSphere.SsoAdmin.Utils.StringToSecureStringArgumentTransformationAttribute()] [SecureString] $Password, + [Parameter( + Mandatory = $true, + ValueFromPipeline = $false, + ValueFromPipelineByPropertyName = $false, + HelpMessage = 'PSCredential object to use for authenticating with the server', + ParameterSetName = 'Credential')] + [PSCredential] + $Credential, + [Parameter( Mandatory = $false, HelpMessage = 'Skips server Tls certificate validation')] @@ -73,13 +87,24 @@ function Connect-SsoAdminServer { $ssoAdminServer = $null try { - $ssoAdminServer = New-Object ` - 'VMware.vSphere.SsoAdminClient.DataTypes.SsoAdminServer' ` - -ArgumentList @( - $Server, - $User, - $Password, - $certificateValidator) + if ($PSBoundParameters.ContainsKey('Credential')) { + $ssoAdminServer = New-Object ` + 'VMware.vSphere.SsoAdminClient.DataTypes.SsoAdminServer' ` + -ArgumentList @( + $Server, + $Credential.UserName, + $Credential.Password, + $certificateValidator) + } else { + $ssoAdminServer = New-Object ` + 'VMware.vSphere.SsoAdminClient.DataTypes.SsoAdminServer' ` + -ArgumentList @( + $Server, + $User, + $Password, + $certificateValidator) + } + } catch { Write-Error (FormatError $_.Exception) diff --git a/Modules/VMware.vSphere.SsoAdmin/VMware.vSphere.SsoAdmin.psd1 b/Modules/VMware.vSphere.SsoAdmin/VMware.vSphere.SsoAdmin.psd1 index 51df509..17eccd5 100644 --- a/Modules/VMware.vSphere.SsoAdmin/VMware.vSphere.SsoAdmin.psd1 +++ b/Modules/VMware.vSphere.SsoAdmin/VMware.vSphere.SsoAdmin.psd1 @@ -12,7 +12,7 @@ RootModule = 'VMware.vSphere.SsoAdmin.psm1' # Version number of this module. -ModuleVersion = '1.3.5' +ModuleVersion = '1.3.6' # Supported PSEditions # CompatiblePSEditions = @() diff --git a/Modules/VMware.vSphere.SsoAdmin/net45/VMware.vSphere.LsClient.dll b/Modules/VMware.vSphere.SsoAdmin/net45/VMware.vSphere.LsClient.dll index aba1c6a..65d1bad 100644 Binary files a/Modules/VMware.vSphere.SsoAdmin/net45/VMware.vSphere.LsClient.dll and b/Modules/VMware.vSphere.SsoAdmin/net45/VMware.vSphere.LsClient.dll differ diff --git a/Modules/VMware.vSphere.SsoAdmin/net45/VMware.vSphere.SsoAdmin.Utils.dll b/Modules/VMware.vSphere.SsoAdmin/net45/VMware.vSphere.SsoAdmin.Utils.dll index a3abee9..db5e649 100644 Binary files a/Modules/VMware.vSphere.SsoAdmin/net45/VMware.vSphere.SsoAdmin.Utils.dll and b/Modules/VMware.vSphere.SsoAdmin/net45/VMware.vSphere.SsoAdmin.Utils.dll differ diff --git a/Modules/VMware.vSphere.SsoAdmin/net45/VMware.vSphere.SsoAdminClient.dll b/Modules/VMware.vSphere.SsoAdmin/net45/VMware.vSphere.SsoAdminClient.dll index f86fc7c..3ba81f1 100644 Binary files a/Modules/VMware.vSphere.SsoAdmin/net45/VMware.vSphere.SsoAdminClient.dll and b/Modules/VMware.vSphere.SsoAdmin/net45/VMware.vSphere.SsoAdminClient.dll differ diff --git a/Modules/VMware.vSphere.SsoAdmin/netcoreapp3.1/VMware.vSphere.LsClient.dll b/Modules/VMware.vSphere.SsoAdmin/netcoreapp3.1/VMware.vSphere.LsClient.dll index 0c75cfb..783c77f 100644 Binary files a/Modules/VMware.vSphere.SsoAdmin/netcoreapp3.1/VMware.vSphere.LsClient.dll and b/Modules/VMware.vSphere.SsoAdmin/netcoreapp3.1/VMware.vSphere.LsClient.dll differ diff --git a/Modules/VMware.vSphere.SsoAdmin/netcoreapp3.1/VMware.vSphere.SsoAdmin.Utils.dll b/Modules/VMware.vSphere.SsoAdmin/netcoreapp3.1/VMware.vSphere.SsoAdmin.Utils.dll index d7a7590..69ff0cd 100644 Binary files a/Modules/VMware.vSphere.SsoAdmin/netcoreapp3.1/VMware.vSphere.SsoAdmin.Utils.dll and b/Modules/VMware.vSphere.SsoAdmin/netcoreapp3.1/VMware.vSphere.SsoAdmin.Utils.dll differ diff --git a/Modules/VMware.vSphere.SsoAdmin/netcoreapp3.1/VMware.vSphere.SsoAdminClient.dll b/Modules/VMware.vSphere.SsoAdmin/netcoreapp3.1/VMware.vSphere.SsoAdminClient.dll index 9e6956c..89f310d 100644 Binary files a/Modules/VMware.vSphere.SsoAdmin/netcoreapp3.1/VMware.vSphere.SsoAdminClient.dll and b/Modules/VMware.vSphere.SsoAdmin/netcoreapp3.1/VMware.vSphere.SsoAdminClient.dll differ diff --git a/Modules/VMware.vSphere.SsoAdmin/netcoreapp3.1/VMware.vSphere.SsoAdminClient.pdb b/Modules/VMware.vSphere.SsoAdmin/netcoreapp3.1/VMware.vSphere.SsoAdminClient.pdb deleted file mode 100644 index d8ffd83..0000000 Binary files a/Modules/VMware.vSphere.SsoAdmin/netcoreapp3.1/VMware.vSphere.SsoAdminClient.pdb and /dev/null differ diff --git a/Modules/VMware.vSphere.SsoAdmin/src/VMware.vSphere.SsoAdmin.Client/VMware.vSphere.SsoAdminClient/DataTypes/ActiveDirectoryIdentitySource.cs b/Modules/VMware.vSphere.SsoAdmin/src/VMware.vSphere.SsoAdmin.Client/VMware.vSphere.SsoAdminClient/DataTypes/ActiveDirectoryIdentitySource.cs index c700f17..b39c38b 100644 --- a/Modules/VMware.vSphere.SsoAdmin/src/VMware.vSphere.SsoAdmin.Client/VMware.vSphere.SsoAdminClient/DataTypes/ActiveDirectoryIdentitySource.cs +++ b/Modules/VMware.vSphere.SsoAdmin/src/VMware.vSphere.SsoAdmin.Client/VMware.vSphere.SsoAdminClient/DataTypes/ActiveDirectoryIdentitySource.cs @@ -24,5 +24,7 @@ namespace VMware.vSphere.SsoAdminClient.DataTypes public string FailoverUrl { get; set; } public string UserBaseDN { get; set; } public string GroupBaseDN { get; set; } + + public System.Security.Cryptography.X509Certificates.X509Certificate2[] Certificates {get ;set;} } } diff --git a/Modules/VMware.vSphere.SsoAdmin/src/VMware.vSphere.SsoAdmin.Client/VMware.vSphere.SsoAdminClient/SsoAdminClient.cs b/Modules/VMware.vSphere.SsoAdmin/src/VMware.vSphere.SsoAdmin.Client/VMware.vSphere.SsoAdminClient/SsoAdminClient.cs index 21939eb..c625155 100644 --- a/Modules/VMware.vSphere.SsoAdmin/src/VMware.vSphere.SsoAdmin.Client/VMware.vSphere.SsoAdminClient/SsoAdminClient.cs +++ b/Modules/VMware.vSphere.SsoAdmin/src/VMware.vSphere.SsoAdmin.Client/VMware.vSphere.SsoAdminClient/SsoAdminClient.cs @@ -1232,32 +1232,34 @@ namespace VMware.vSphere.SsoAdminClient var authorizedInvocationContext = CreateAuthorizedInvocationContext(); - var domains = authorizedInvocationContext. + var identitySources = authorizedInvocationContext. InvokeOperation(() => - _ssoAdminBindingClient.GetDomainsAsync( + _ssoAdminBindingClient.GetAsync( new ManagedObjectReference { - type = "SsoAdminDomainManagementService", - Value = "domainManagementService" + type = "SsoAdminIdentitySourceManagementService", + Value = "identitySourceManagementService" })).Result; - if (domains != null) + if (identitySources != null) { var localos = new LocalOSIdentitySource(); - localos.Name = domains.localOSDomainName; + localos.Name = identitySources.localOS.name; yield return localos; - var system = new SystemIdentitySource(); - system.Name = domains.systemDomainName; - yield return system; + foreach (var systemDomain in identitySources.system.domains) { + var system = new SystemIdentitySource(); + system.Name = systemDomain.name; + yield return system; + } - if (domains.externalDomains != null && domains.externalDomains.Length > 0) + + if (identitySources.ldaps != null && identitySources.ldaps.Length > 0) { - foreach (var externalDomain in domains.externalDomains) + foreach (var externalDomain in identitySources.ldaps) { var extIdentitySource = new ActiveDirectoryIdentitySource(); extIdentitySource.Name = externalDomain.name; - extIdentitySource.Alias = externalDomain.alias; extIdentitySource.Type = externalDomain.type; extIdentitySource.AuthenticationType = externalDomain.authenticationDetails?.authenticationType; extIdentitySource.AuthenticationUsername = externalDomain.authenticationDetails?.username; @@ -1266,6 +1268,14 @@ namespace VMware.vSphere.SsoAdminClient extIdentitySource.FailoverUrl = externalDomain.details?.failoverUrl; extIdentitySource.GroupBaseDN = externalDomain.details?.groupBaseDn; extIdentitySource.UserBaseDN = externalDomain.details?.userBaseDn; + if (externalDomain.details?.certificates != null && externalDomain.details?.certificates.Length > 0) { + var certificatesList = new List(); + foreach (var cert in externalDomain.details?.certificates) { + certificatesList.Add(new X509Certificate2(Encoding.ASCII.GetBytes(cert))); + } + extIdentitySource.Certificates = certificatesList.ToArray(); + } + yield return extIdentitySource; } } diff --git a/Modules/VMware.vSphere.SsoAdmin/src/test/ConnectDisconnect.Tests.ps1 b/Modules/VMware.vSphere.SsoAdmin/src/test/ConnectDisconnect.Tests.ps1 index 39b41a7..fa9759a 100644 --- a/Modules/VMware.vSphere.SsoAdmin/src/test/ConnectDisconnect.Tests.ps1 +++ b/Modules/VMware.vSphere.SsoAdmin/src/test/ConnectDisconnect.Tests.ps1 @@ -45,6 +45,26 @@ Describe "Connect-SsoAdminServer and Disconnect-SsoAdminServer Tests" { $global:DefaultSsoAdminServers | Should -Contain $actual } + It 'Connect-SsoAdminServer connects the server with PSCredential object' { + # Act + $securePassword = ConvertTo-SecureString -AsPlainText -Force -String $Password + $credential = New-Object ` + -TypeName System.Management.Automation.PSCredential ` + -ArgumentList $User, $securePassword + $actual = Connect-SsoAdminServer ` + -Server $VcAddress ` + -Credential $credential ` + -SkipCertificateCheck + + # Assert + $actual | Should -Not -Be $null + $actual.GetType().FullName | Should -Be 'VMware.vSphere.SsoAdminClient.DataTypes.SsoAdminServer' + $actual.IsConnected | Should -Be $true + $actual.Name | Should -Be $VcAddress + $global:DefaultSsoAdminServers | Should -Contain $actual + } + + It 'Connect-SsoAdminServer throws error on invalid password' { # Act # Assert