voltron/PowerCLI-Example-Scripts
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Implement Add-LDAPIdentitySource

Browse Source
This commit is contained in:
Dimitar Milov
2021-02-11 16:26:04 +02:00
parent f5a4dbf4cd
commit ac6c923e90
8 changed files with 10181 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
Modules/VMware.vSphere.SsoAdmin/VMware.vSphere.SsoAdmin.psd1
View File

@@ -11,7 +11,7 @@
RootModule = 'VMware.vSphere.SsoAdmin.psm1' RootModule = 'VMware.vSphere.SsoAdmin.psm1'
# Version number of this module. # Version number of this module.
ModuleVersion = '1.1.0' ModuleVersion = '1.2.0'
# ID used to uniquely identify this module # ID used to uniquely identify this module
GUID = 'b3e25326-e809-4d68-a252-ca5fcaf1eb8b' GUID = 'b3e25326-e809-4d68-a252-ca5fcaf1eb8b'
@@ -34,7 +34,7 @@ RequiredModules = @(
) )
# Functions to export from this module # Functions to export from this module
FunctionsToExport = @('Connect-SsoAdminServer', 'Disconnect-SsoAdminServer', 'New-SsoPersonUser', 'Get-SsoPersonUser', 'Set-SsoPersonUser', 'Remove-SsoPersonUser', 'Get-SsoGroup', 'Get-SsoPasswordPolicy', 'Set-SsoPasswordPolicy', 'Get-SsoLockoutPolicy', 'Set-SsoLockoutPolicy', 'Get-SsoTokenLifetime', 'Set-SsoTokenLifetime', 'Add-ExternalDomainIdentitySource', 'Get-IdentitySource') FunctionsToExport = @('Connect-SsoAdminServer', 'Disconnect-SsoAdminServer', 'New-SsoPersonUser', 'Get-SsoPersonUser', 'Set-SsoPersonUser', 'Remove-SsoPersonUser', 'Get-SsoGroup', 'Get-SsoPasswordPolicy', 'Set-SsoPasswordPolicy', 'Get-SsoLockoutPolicy', 'Set-SsoLockoutPolicy', 'Get-SsoTokenLifetime', 'Set-SsoTokenLifetime', 'Get-IdentitySource', 'Add-ActiveDirectoryIdentitySource', 'Add-LDAPIdentitySource')
# Cmdlets to export from this module # Cmdlets to export from this module
CmdletsToExport = @() CmdletsToExport = @()

178
Modules/VMware.vSphere.SsoAdmin/VMware.vSphere.SsoAdmin.psm1
View File

@@ -1337,9 +1337,8 @@ function Add-ExternalDomainIdentitySource {
.PARAMETER Passowrd .PARAMETER Passowrd
Domain authentication password Domain authentication password
.PARAMETER Server .PARAMETER DomainServerType
Specifies the vSphere Sso Admin Server on which you want to run the cmdlet. Type of the ExternalDomain, one of 'ActiveDirectory','OpenLdap','NIS'
If not specified the servers available in $global:DefaultSsoAdminServers variable will be used.
.PARAMETER Server .PARAMETER Server
Specifies the vSphere Sso Admin Server on which you want to run the cmdlet. Specifies the vSphere Sso Admin Server on which you want to run the cmdlet.
@@ -1487,6 +1486,179 @@ function Add-ExternalDomainIdentitySource {
} }
} }
function Add-LDAPIdentitySource {
<#
.NOTES
===========================================================================
Created on: 2/11/2021
Created by: Dimitar Milov
Twitter: @dimitar_milov
Github: https://github.com/dmilov
===========================================================================
.DESCRIPTION
This function adds LDAP Identity Source of ActiveDirectory, OpenLDAP or NIS type.
.PARAMETER Name
Name of the identity source
.PARAMETER DomainName
Domain name
.PARAMETER DomainAlias
Domain alias
.PARAMETER PrimaryUrl
Primary Server URL
.PARAMETER BaseDNUsers
Base distinguished name for users
.PARAMETER BaseDNGroups
Base distinguished name for groups
.PARAMETER Username
Domain authentication user name
.PARAMETER Passowrd
Domain authentication password
.PARAMETER ServerType
Type of the ExternalDomain, one of 'ActiveDirectory','OpenLdap','NIS'
.PARAMETER Certificates
List of X509Certicate2 LDAP certificates
.PARAMETER Server
Specifies the vSphere Sso Admin Server on which you want to run the cmdlet.
If not specified the servers available in $global:DefaultSsoAdminServers variable will be used.
Adds LDAP Identity Source
#>
[CmdletBinding()]
param(
[Parameter(
Mandatory=$true,
ValueFromPipeline=$false,
ValueFromPipelineByPropertyName=$false,
HelpMessage='Friendly name of the identity source')]
[ValidateNotNull()]
[string]
$Name,
[Parameter(
Mandatory=$true,
ValueFromPipeline=$false,
ValueFromPipelineByPropertyName=$false)]
[ValidateNotNull()]
[string]
$DomainName,
[Parameter(
Mandatory=$false,
ValueFromPipeline=$false,
ValueFromPipelineByPropertyName=$false)]
[string]
$DomainAlias,
[Parameter(
Mandatory=$true,
ValueFromPipeline=$false,
ValueFromPipelineByPropertyName=$false)]
[ValidateNotNull()]
[string]
$PrimaryUrl,
[Parameter(
Mandatory=$true,
ValueFromPipeline=$false,
ValueFromPipelineByPropertyName=$false,
HelpMessage='Base distinguished name for users')]
[ValidateNotNull()]
[string]
$BaseDNUsers,
[Parameter(
Mandatory=$true,
ValueFromPipeline=$false,
ValueFromPipelineByPropertyName=$false,
HelpMessage='Base distinguished name for groups')]
[ValidateNotNull()]
[string]
$BaseDNGroups,
[Parameter(
Mandatory=$true,
ValueFromPipeline=$false,
ValueFromPipelineByPropertyName=$false,
HelpMessage='Domain authentication user name')]
[ValidateNotNull()]
[string]
$Username,
[Parameter(
Mandatory=$true,
ValueFromPipeline=$false,
ValueFromPipelineByPropertyName=$false,
HelpMessage='Domain authentication password')]
[ValidateNotNull()]
[string]
$Password,
[Parameter(
Mandatory=$true,
ValueFromPipeline=$false,
ValueFromPipelineByPropertyName=$false,
HelpMessage='Ldap Server type')]
[ValidateSet('ActiveDirectory','OpenLdap','NIS')]
[string]
$ServerType,
[Parameter(
Mandatory=$false,
ValueFromPipeline=$false,
ValueFromPipelineByPropertyName=$false,
HelpMessage='Ldap Certificates')]
[System.Security.Cryptography.X509Certificates.X509Certificate2[]]
$Certificates,
[Parameter(
Mandatory=$false,
ValueFromPipeline=$false,
ValueFromPipelineByPropertyName=$false,
HelpMessage='Connected SsoAdminServer object')]
[ValidateNotNull()]
[VMware.vSphere.SsoAdminClient.DataTypes.SsoAdminServer]
$Server)
$serversToProcess = $global:DefaultSsoAdminServers.ToArray()
if ($Server -ne $null) {
$serversToProcess = $Server
}
try {
foreach ($connection in $serversToProcess) {
if (-not $connection.IsConnected) {
Write-Error "Server $connection is disconnected"
continue
}
$connection.Client.AddLdapIdentitySource(
$DomainName,
$DomainAlias,
$Name,
$PrimaryUrl,
$BaseDNUsers,
$BaseDNGroups,
$Username,
$Password,
$ServerType,
$Certificates);
}
} catch {
Write-Error (FormatError $_.Exception)
}
}
function Get-IdentitySource { function Get-IdentitySource {
<# <#
.NOTES .NOTES

BIN
Modules/VMware.vSphere.SsoAdmin/net45/VMware.vSphere.SsoAdmin.Utils.dll
View File

Binary file not shown.

BIN
Modules/VMware.vSphere.SsoAdmin/net45/VMware.vSphere.SsoAdminClient.dll
View File

Binary file not shown.

BIN
Modules/VMware.vSphere.SsoAdmin/netcoreapp2.0/VMware.vSphere.SsoAdmin.Utils.dll
View File

Binary file not shown.

BIN
Modules/VMware.vSphere.SsoAdmin/netcoreapp2.0/VMware.vSphere.SsoAdminClient.dll
View File

Binary file not shown.

56
Modules/VMware.vSphere.SsoAdmin/src/VMware.vSphere.SsoAdmin.Client/VMware.vSphere.SsoAdminClient/SsoAdminClient.cs
View File

@@ -7,6 +7,7 @@ using System.Collections.Generic;
using System.IdentityModel.Selectors; using System.IdentityModel.Selectors;
using System.Runtime.InteropServices.WindowsRuntime; using System.Runtime.InteropServices.WindowsRuntime;
using System.Security; using System.Security;
using System.Security.Cryptography.X509Certificates;
using System.ServiceModel; using System.ServiceModel;
using System.ServiceModel.Channels; using System.ServiceModel.Channels;
using System.ServiceModel.Security; using System.ServiceModel.Security;
@@ -16,7 +17,7 @@ using VMware.Binding.WsTrust;
using VMware.Binding.WsTrust.SecurityContext; using VMware.Binding.WsTrust.SecurityContext;
using VMware.vSphere.LsClient; using VMware.vSphere.LsClient;
using VMware.vSphere.SsoAdminClient.DataTypes; using VMware.vSphere.SsoAdminClient.DataTypes;
using VMware.vSphere.SsoAdminClient.SsoAdminServiceReferencer; using VMware.vSphere.SsoAdminClient.SsoAdminServiceReference2;
namespace VMware.vSphere.SsoAdminClient namespace VMware.vSphere.SsoAdminClient
{ {
@@ -657,6 +658,59 @@ namespace VMware.vSphere.SsoAdminClient
})).Wait(); })).Wait();
} }
public void AddLdapIdentitySource(
string domainName,
string domainAlias,
string friendlyName,
string primaryUrl,
string baseDNUsers,
string baseDNGroups,
string authenticationUserName,
string authenticationPassword,
string serverType,
X509Certificate2[] ldapCertificates) {
string authenticationType = "password";
var authorizedInvocationContext =
CreateAuthorizedInvocationContext();
var adminLdapIdentitySourceDetails = new SsoAdminLdapIdentitySourceDetails {
friendlyName = friendlyName,
primaryUrl = primaryUrl,
userBaseDn = baseDNUsers,
groupBaseDn = baseDNGroups
};
if (ldapCertificates != null && ldapCertificates.Length > 0) {
var certificates = new List<string>();
foreach (var ldapCert in ldapCertificates) {
if (ldapCert != null) {
certificates.Add(ldapCert.ToString());
}
}
if (certificates.Count > 0) {
adminLdapIdentitySourceDetails.certificates = certificates.ToArray();
}
}
authorizedInvocationContext.
InvokeOperation(() =>
_ssoAdminBindingClient.RegisterLdapAsync(
new ManagedObjectReference {
type = "SsoAdminDomainManagementService",
Value = "domainManagementService"
},
serverType,
domainName,
domainAlias,
adminLdapIdentitySourceDetails,
authenticationType,
new SsoAdminIdentitySourceManagementServiceAuthenticationCredentials {
username = authenticationUserName,
password = authenticationPassword
})).Wait();
}
public IEnumerable<IdentitySource> GetDomains() { public IEnumerable<IdentitySource> GetDomains() {
var authorizedInvocationContext = var authorizedInvocationContext =
CreateAuthorizedInvocationContext(); CreateAuthorizedInvocationContext();

9949
Modules/VMware.vSphere.SsoAdmin/src/VMware.vSphere.SsoAdmin.Client/VMware.vSphere.SsoAdminClient/SsoAdminServiceReference/Reference.cs Normal file
View File

File diff suppressed because it is too large Load Diff