diff --git a/Modules/VMware.vSphere.SsoAdmin/VMware.vSphere.SsoAdmin.psd1 b/Modules/VMware.vSphere.SsoAdmin/VMware.vSphere.SsoAdmin.psd1 index b1b800c..4f8c81c 100644 --- a/Modules/VMware.vSphere.SsoAdmin/VMware.vSphere.SsoAdmin.psd1 +++ b/Modules/VMware.vSphere.SsoAdmin/VMware.vSphere.SsoAdmin.psd1 @@ -34,7 +34,7 @@ RequiredModules = @( ) # Functions to export from this module -FunctionsToExport = @('Connect-SsoAdminServer', 'Disconnect-SsoAdminServer', 'New-SsoPersonUser', 'Get-SsoPersonUser', 'Set-SsoPersonUser', 'Remove-SsoPersonUser', 'Get-SsoGroup', 'Get-SsoPasswordPolicy', 'Set-SsoPasswordPolicy', 'Get-SsoLockoutPolicy', 'Set-SsoLockoutPolicy', 'Get-SsoTokenLifetime', 'Set-SsoTokenLifetime', 'Add-ActiveDirectoryIdentitySource') +FunctionsToExport = @('Connect-SsoAdminServer', 'Disconnect-SsoAdminServer', 'New-SsoPersonUser', 'Get-SsoPersonUser', 'Set-SsoPersonUser', 'Remove-SsoPersonUser', 'Get-SsoGroup', 'Get-SsoPasswordPolicy', 'Set-SsoPasswordPolicy', 'Get-SsoLockoutPolicy', 'Set-SsoLockoutPolicy', 'Get-SsoTokenLifetime', 'Set-SsoTokenLifetime', 'Add-ActiveDirectoryIdentitySource', 'Get-IdentitySource') # Cmdlets to export from this module CmdletsToExport = @() diff --git a/Modules/VMware.vSphere.SsoAdmin/VMware.vSphere.SsoAdmin.psm1 b/Modules/VMware.vSphere.SsoAdmin/VMware.vSphere.SsoAdmin.psm1 index a5a07f4..665b4a2 100644 --- a/Modules/VMware.vSphere.SsoAdmin/VMware.vSphere.SsoAdmin.psm1 +++ b/Modules/VMware.vSphere.SsoAdmin/VMware.vSphere.SsoAdmin.psm1 @@ -1382,4 +1382,104 @@ function Add-ActiveDirectoryIdentitySource { $Password); } } + +function Get-IdentitySource { +<# + .NOTES + =========================================================================== + Created on: 11/26/2020 + Created by: Dimitar Milov + Twitter: @dimitar_milov + Github: https://github.com/dmilov + =========================================================================== + .DESCRIPTION + This function gets Identity Source. + + .PARAMETER Localos + Filter parameter to return only the localos domain identity source + + .PARAMETER System + Filter parameter to return only the system domain identity source + + .PARAMETER External + Filter parameter to return only the external domain identity sources + + .PARAMETER Server + Specifies the vSphere Sso Admin Server on which you want to run the cmdlet. + If not specified the servers available in $global:DefaultSsoAdminServers variable will be used. + + .EXAMPLE + Get-IdentitySource -External + + Gets all external domain identity source +#> +[CmdletBinding()] + param( + + [Parameter( + Mandatory=$false, + ValueFromPipeline=$false, + ValueFromPipelineByPropertyName=$false, + HelpMessage='Returns only the localos domain identity source')] + [Switch] + $Localos, + + [Parameter( + Mandatory=$false, + ValueFromPipeline=$false, + ValueFromPipelineByPropertyName=$false, + HelpMessage='Returns only the system domain identity source')] + [Switch] + $System, + + [Parameter( + Mandatory=$false, + ValueFromPipeline=$false, + ValueFromPipelineByPropertyName=$false, + HelpMessage='Returns only the external domain identity sources')] + [Switch] + $External, + + [Parameter( + Mandatory=$false, + ValueFromPipeline=$false, + ValueFromPipelineByPropertyName=$false, + HelpMessage='Connected SsoAdminServer object')] + [ValidateNotNull()] + [VMware.vSphere.SsoAdminClient.DataTypes.SsoAdminServer] + $Server) + + $serversToProcess = $global:DefaultSsoAdminServers.ToArray() + if ($Server -ne $null) { + $serversToProcess = $Server + } + foreach ($connection in $serversToProcess) { + if (-not $connection.IsConnected) { + Write-Error "Server $connection is disconnected" + continue + } + + $resultIdentitySources = @() + $allIdentitySources = $connection.Client.GetDomains() + + if (-not $Localos -and -not $System -and -not $External) { + $resultIdentitySources = $allIdentitySources + } + + if ($Localos) { + $resultIdentitySources += $allIdentitySources | Where-Object { $_ -is [VMware.vSphere.SsoAdminClient.DataTypes.LocalOSIdentitySource] } + } + + if ($System) { + $resultIdentitySources += $allIdentitySources | Where-Object { $_ -is [VMware.vSphere.SsoAdminClient.DataTypes.SystemIdentitySource] } + } + + if ($External) { + $resultIdentitySources += $allIdentitySources | Where-Object { $_ -is [VMware.vSphere.SsoAdminClient.DataTypes.ActiveDirectoryIdentitySource] } + } + + #Return result + $resultIdentitySources + } +} #endregion \ No newline at end of file diff --git a/Modules/VMware.vSphere.SsoAdmin/net45/VMware.vSphere.SsoAdmin.Utils.dll b/Modules/VMware.vSphere.SsoAdmin/net45/VMware.vSphere.SsoAdmin.Utils.dll index d9bed30..380357f 100644 Binary files a/Modules/VMware.vSphere.SsoAdmin/net45/VMware.vSphere.SsoAdmin.Utils.dll and b/Modules/VMware.vSphere.SsoAdmin/net45/VMware.vSphere.SsoAdmin.Utils.dll differ diff --git a/Modules/VMware.vSphere.SsoAdmin/net45/VMware.vSphere.SsoAdminClient.dll b/Modules/VMware.vSphere.SsoAdmin/net45/VMware.vSphere.SsoAdminClient.dll index 2c5844d..d854702 100644 Binary files a/Modules/VMware.vSphere.SsoAdmin/net45/VMware.vSphere.SsoAdminClient.dll and b/Modules/VMware.vSphere.SsoAdmin/net45/VMware.vSphere.SsoAdminClient.dll differ diff --git a/Modules/VMware.vSphere.SsoAdmin/netcoreapp2.0/VMware.vSphere.SsoAdmin.Utils.dll b/Modules/VMware.vSphere.SsoAdmin/netcoreapp2.0/VMware.vSphere.SsoAdmin.Utils.dll index bcda106..ec58f24 100644 Binary files a/Modules/VMware.vSphere.SsoAdmin/netcoreapp2.0/VMware.vSphere.SsoAdmin.Utils.dll and b/Modules/VMware.vSphere.SsoAdmin/netcoreapp2.0/VMware.vSphere.SsoAdmin.Utils.dll differ diff --git a/Modules/VMware.vSphere.SsoAdmin/netcoreapp2.0/VMware.vSphere.SsoAdminClient.dll b/Modules/VMware.vSphere.SsoAdmin/netcoreapp2.0/VMware.vSphere.SsoAdminClient.dll index c91a1b2..92a6934 100644 Binary files a/Modules/VMware.vSphere.SsoAdmin/netcoreapp2.0/VMware.vSphere.SsoAdminClient.dll and b/Modules/VMware.vSphere.SsoAdmin/netcoreapp2.0/VMware.vSphere.SsoAdminClient.dll differ diff --git a/Modules/VMware.vSphere.SsoAdmin/src/VMware.vSphere.SsoAdmin.Client/VMware.vSphere.SsoAdminClient.Tests/IntegrationTests.cs b/Modules/VMware.vSphere.SsoAdmin/src/VMware.vSphere.SsoAdmin.Client/VMware.vSphere.SsoAdminClient.Tests/IntegrationTests.cs index d51de00..b769e4c 100644 --- a/Modules/VMware.vSphere.SsoAdmin/src/VMware.vSphere.SsoAdmin.Client/VMware.vSphere.SsoAdminClient.Tests/IntegrationTests.cs +++ b/Modules/VMware.vSphere.SsoAdmin/src/VMware.vSphere.SsoAdmin.Client/VMware.vSphere.SsoAdminClient.Tests/IntegrationTests.cs @@ -101,9 +101,9 @@ namespace VMware.vSphere.SsoAdminClient.Tests public void AddRemoveUserFromGroup() { // Arrange var ssoAdminClient = new SsoAdminClient(_vc, _user, _password, new AcceptAllX509CertificateValidator()); - + var expectedUserName = "test-user5"; - var expectedPassword = "te$tPa$sW0rd"; + var expectedPassword = "te$tPa$sW0rd"; var newUser = ssoAdminClient.CreateLocalUser( expectedUserName, expectedPassword); @@ -137,9 +137,9 @@ namespace VMware.vSphere.SsoAdminClient.Tests // Act // Assert - Assert.DoesNotThrow(() => { - ssoAdminClient.ResetPersonUserPassword(newUser, updatePassword); - }); + Assert.DoesNotThrow(() => { + ssoAdminClient.ResetPersonUserPassword(newUser, updatePassword); + }); // Cleanup @@ -261,8 +261,21 @@ namespace VMware.vSphere.SsoAdminClient.Tests originalLockoutPolicy.Description, originalLockoutPolicy.AutoUnlockIntervalSec, originalLockoutPolicy.FailedAttemptIntervalSec, - originalLockoutPolicy.MaxFailedAttempts + originalLockoutPolicy.MaxFailedAttempts ); } + + [Test] + public void GetDomains() { + // Arrange + var ssoAdminClient = new SsoAdminClient(_vc, _user, _password, new AcceptAllX509CertificateValidator()); + + // Act + var actual = ssoAdminClient.GetDomains().ToArray(); + + // Assert + Assert.NotNull(actual); + Assert.IsTrue(actual.Length >= 2); + } } } \ No newline at end of file diff --git a/Modules/VMware.vSphere.SsoAdmin/src/VMware.vSphere.SsoAdmin.Client/VMware.vSphere.SsoAdminClient/DataTypes/ActiveDirectoryIdentitySource.cs b/Modules/VMware.vSphere.SsoAdmin/src/VMware.vSphere.SsoAdmin.Client/VMware.vSphere.SsoAdminClient/DataTypes/ActiveDirectoryIdentitySource.cs new file mode 100644 index 0000000..6aa2b7c --- /dev/null +++ b/Modules/VMware.vSphere.SsoAdmin/src/VMware.vSphere.SsoAdmin.Client/VMware.vSphere.SsoAdminClient/DataTypes/ActiveDirectoryIdentitySource.cs @@ -0,0 +1,26 @@ +// ************************************************************************** +// Copyright 2020 VMware, Inc. +// ************************************************************************** + +using System; +using System.Collections.Generic; +using System.Linq; +using System.Text; +using System.Threading.Tasks; + +namespace VMware.vSphere.SsoAdminClient.DataTypes +{ + public class ActiveDirectoryIdentitySource : IdentitySource + { + public string Type { get; set; } + public string Alias { get; set; } + + public string AuthenticationType { get; set; } + public string AuthenticationUsername { get; set; } + + public string FriendlyName { get; set; } + public string PrimaryUrl { get; set; } + public string UserBaseDN { get; set; } + public string GroupBaseDN { get; set; } + } +} diff --git a/Modules/VMware.vSphere.SsoAdmin/src/VMware.vSphere.SsoAdmin.Client/VMware.vSphere.SsoAdminClient/DataTypes/IdentitySource.cs b/Modules/VMware.vSphere.SsoAdmin/src/VMware.vSphere.SsoAdmin.Client/VMware.vSphere.SsoAdminClient/DataTypes/IdentitySource.cs new file mode 100644 index 0000000..745590a --- /dev/null +++ b/Modules/VMware.vSphere.SsoAdmin/src/VMware.vSphere.SsoAdmin.Client/VMware.vSphere.SsoAdminClient/DataTypes/IdentitySource.cs @@ -0,0 +1,17 @@ +// ************************************************************************** +// Copyright 2020 VMware, Inc. +// ************************************************************************** + +using System; +using System.Collections.Generic; +using System.Linq; +using System.Text; +using System.Threading.Tasks; + +namespace VMware.vSphere.SsoAdminClient.DataTypes +{ + public class IdentitySource + { + public string Name { get; set; } + } +} diff --git a/Modules/VMware.vSphere.SsoAdmin/src/VMware.vSphere.SsoAdmin.Client/VMware.vSphere.SsoAdminClient/DataTypes/LocalOSIdentitySource.cs b/Modules/VMware.vSphere.SsoAdmin/src/VMware.vSphere.SsoAdmin.Client/VMware.vSphere.SsoAdminClient/DataTypes/LocalOSIdentitySource.cs new file mode 100644 index 0000000..f595392 --- /dev/null +++ b/Modules/VMware.vSphere.SsoAdmin/src/VMware.vSphere.SsoAdmin.Client/VMware.vSphere.SsoAdminClient/DataTypes/LocalOSIdentitySource.cs @@ -0,0 +1,15 @@ +// ************************************************************************** +// Copyright 2020 VMware, Inc. +// ************************************************************************** +using System; +using System.Collections.Generic; +using System.Linq; +using System.Text; +using System.Threading.Tasks; + +namespace VMware.vSphere.SsoAdminClient.DataTypes +{ + public class LocalOSIdentitySource : IdentitySource + { + } +} diff --git a/Modules/VMware.vSphere.SsoAdmin/src/VMware.vSphere.SsoAdmin.Client/VMware.vSphere.SsoAdminClient/DataTypes/SystemIdentitySource.cs b/Modules/VMware.vSphere.SsoAdmin/src/VMware.vSphere.SsoAdmin.Client/VMware.vSphere.SsoAdminClient/DataTypes/SystemIdentitySource.cs new file mode 100644 index 0000000..01ee93c --- /dev/null +++ b/Modules/VMware.vSphere.SsoAdmin/src/VMware.vSphere.SsoAdmin.Client/VMware.vSphere.SsoAdminClient/DataTypes/SystemIdentitySource.cs @@ -0,0 +1,16 @@ +// ************************************************************************** +// Copyright 2020 VMware, Inc. +// ************************************************************************** + +using System; +using System.Collections.Generic; +using System.Linq; +using System.Text; +using System.Threading.Tasks; + +namespace VMware.vSphere.SsoAdminClient.DataTypes +{ + public class SystemIdentitySource : IdentitySource + { + } +} diff --git a/Modules/VMware.vSphere.SsoAdmin/src/VMware.vSphere.SsoAdmin.Client/VMware.vSphere.SsoAdminClient/SsoAdminClient.cs b/Modules/VMware.vSphere.SsoAdmin/src/VMware.vSphere.SsoAdmin.Client/VMware.vSphere.SsoAdminClient/SsoAdminClient.cs index dc82105..00dc093 100644 --- a/Modules/VMware.vSphere.SsoAdmin/src/VMware.vSphere.SsoAdmin.Client/VMware.vSphere.SsoAdminClient/SsoAdminClient.cs +++ b/Modules/VMware.vSphere.SsoAdmin/src/VMware.vSphere.SsoAdmin.Client/VMware.vSphere.SsoAdminClient/SsoAdminClient.cs @@ -656,6 +656,45 @@ namespace VMware.vSphere.SsoAdminClient password = authenticationPassword })).Wait(); } + + public IEnumerable GetDomains() { + var authorizedInvocationContext = + CreateAuthorizedInvocationContext(); + + var domains = authorizedInvocationContext. + InvokeOperation(() => + _ssoAdminBindingClient.GetDomainsAsync( + new ManagedObjectReference { + type = "SsoAdminDomainManagementService", + Value = "domainManagementService" + })).Result; + + if (domains != null) { + var localos = new LocalOSIdentitySource(); + localos.Name = domains.localOSDomainName; + yield return localos; + + var system = new SystemIdentitySource(); + system.Name = domains.systemDomainName; + yield return system; + + if (domains.externalDomains != null && domains.externalDomains.Length > 0) { + foreach (var externalDomain in domains.externalDomains) { + var extIdentitySource = new ActiveDirectoryIdentitySource(); + extIdentitySource.Name = externalDomain.name; + extIdentitySource.Alias = externalDomain.alias; + extIdentitySource.Type = externalDomain.type; + extIdentitySource.AuthenticationType = externalDomain.authenticationDetails?.authenticationType; + extIdentitySource.AuthenticationUsername = externalDomain.authenticationDetails?.username; + extIdentitySource.FriendlyName = externalDomain.details?.friendlyName; + extIdentitySource.PrimaryUrl = externalDomain.details?.primaryUrl; + extIdentitySource.GroupBaseDN = externalDomain.details?.groupBaseDn; + extIdentitySource.UserBaseDN = externalDomain.details?.userBaseDn; + yield return extIdentitySource; + } + } + } + } #endregion } } diff --git a/Modules/VMware.vSphere.SsoAdmin/src/test/IdentitySource.Tests.ps1 b/Modules/VMware.vSphere.SsoAdmin/src/test/IdentitySource.Tests.ps1 new file mode 100644 index 0000000..f0c1814 --- /dev/null +++ b/Modules/VMware.vSphere.SsoAdmin/src/test/IdentitySource.Tests.ps1 @@ -0,0 +1,71 @@ +# ************************************************************************** +# Copyright 2020 VMware, Inc. +# ************************************************************************** + +param( + [Parameter(Mandatory = $true)] + [string] + $VcAddress, + + [Parameter(Mandatory = $true)] + [string] + $User, + + [Parameter(Mandatory = $true)] + [string] + $Password +) + +# Import Vmware.vSphere.SsoAdmin Module +$modulePath = Join-Path (Split-Path $PSScriptRoot | Split-Path) "VMware.vSphere.SsoAdmin.psd1" +Import-Module $modulePath + +Describe "Get-IdentitySource Tests" { + BeforeEach { + Connect-SsoAdminServer ` + -Server $VcAddress ` + -User $User ` + -Password $Password ` + -SkipCertificateCheck + } + + AfterEach { + $connectionsToCleanup = $global:DefaultSsoAdminServers.ToArray() + foreach ($connection in $connectionsToCleanup) { + Disconnect-SsoAdminServer -Server $connection + } + } + + Context "Get-IdentitySource" { + It 'Gets all available identity sources' { + # Act + $actual = Get-IdentitySource + + # Assert + $actual | Should Not Be $null + $actual.Count | Should BeGreaterThan 1 + $actual[0].NAme | Should Be 'localos' + } + + It 'Gets localos only identity source' { + # Act + $actual = Get-IdentitySource -Localos + + # Assert + $actual | Should Not Be $null + $actual.Count | Should Be 1 + $actual[0].NAme | Should Be 'localos' + } + + It 'Gets all available identity sources' { + # Act + $actual = Get-IdentitySource -Localos -System + + # Assert + $actual | Should Not Be $null + $actual.Count | Should Be 2 + $actual[0].Name | Should Be 'localos' + $actual[0].Name | Should Not Be $null + } + } +} \ No newline at end of file