Implement Get-SsoPersonUser by Group

Modules/VMware.vSphere.SsoAdmin/VMware.vSphere.SsoAdmin.psm1

@@ -394,6 +394,11 @@ function Get-SsoPersonUser {
    Get-SsoPersonUser -Name admin -Domain vsphere.local
 
    Gets person user accounts which contain name 'admin' in 'vsphere.local' domain
+
+   .EXAMPLE
+   Get-SsoGroup -Name 'Administrators' -Domain 'vsphere.local' | Get-SsoPersonUser
+
+   Gets person user accounts members of 'Administrators' group
 #>
 [CmdletBinding()]
  param(
@@ -406,6 +411,7 @@ function Get-SsoPersonUser {
    $Name,
 
    [Parameter(
+      ParameterSetName = 'ByNameAndDomain',
       Mandatory=$false,
       ValueFromPipeline=$false,
       ValueFromPipelineByPropertyName=$false,
@@ -413,6 +419,15 @@ function Get-SsoPersonUser {
    [string]
    $Domain = 'localos',
 
+   [Parameter(
+      ParameterSetName = 'ByGroup',
+      Mandatory=$true,
+      ValueFromPipeline=$true,
+      ValueFromPipelineByPropertyName=$false,
+      HelpMessage='Searches members of the specified group')]
+   [VMware.vSphere.SsoAdminClient.DataTypes.Group]
+   $Group,
+
    [Parameter(
       Mandatory=$false,
       ValueFromPipeline=$false,
@@ -439,21 +454,31 @@ function Get-SsoPersonUser {
                continue
             }
 
-            foreach ($personUser in $connection.Client.GetLocalUsers(
-               (RemoveWildcardSymbols $Name),
-               $Domain)) {
+            $personUsers = $null
 
+            if ($Group -ne $null) {
+               $personUsers = $connection.Client.GetPersonUsersInGroup(
+                  (RemoveWildcardSymbols $Name),
+                  $Group)
+            } else {
+               $personUsers = $connection.Client.GetLocalUsers(
+                  (RemoveWildcardSymbols $Name),
+                  $Domain)
+            }
 
-               if ([string]::IsNullOrEmpty($Name) ) {
-                  Write-Output $personUser
-               } else {
-                  # Apply Name filtering
-                  if ((HasWildcardSymbols $Name) -and `
-                      $personUser.Name -like $Name) {
-                      Write-Output $personUser
-                  } elseif ($personUser.Name -eq $Name) {
-                     # Exactly equal
+            if ($personUsers -ne $null) {
+               foreach ($personUser in $personUsers) {
+                  if ([string]::IsNullOrEmpty($Name) ) {
                      Write-Output $personUser
+                  } else {
+                     # Apply Name filtering
+                     if ((HasWildcardSymbols $Name) -and `
+                         $personUser.Name -like $Name) {
+                         Write-Output $personUser
+                     } elseif ($personUser.Name -eq $Name) {
+                        # Exactly equal
+                        Write-Output $personUser
+                     }
                   }
                }
             }

Modules/VMware.vSphere.SsoAdmin/src/test/PersonUser.Tests.ps1

@@ -260,6 +260,24 @@ Describe "PersonUser Tests" {
          # Assert
          $actual | Should -Be $null
       }
+
+      It 'Gets person users members of Administrators group' {
+         # Arrange
+         $connection = Connect-SsoAdminServer `
+            -Server $VcAddress `
+            -User $User `
+            -Password $Password `
+            -SkipCertificateCheck
+
+         # Act
+         $actual = Get-SsoGroup -Name 'Administrators' -Domain 'vsphere.local' | Get-SsoPersonUser
+
+         # Assert
+         $actual | Should -Not -Be $null
+         $actual.Count | Should -BeGreaterThan 0
+         $actual[0].Name | Should -Not -Be $null
+         $actual[0].Domain | Should -Be 'vsphere.local'
+      }
    }
 
    Context "Set-SsoPersonUser" {