diff --git a/Modules/VMware.vSphere.SsoAdmin/VMware.vSphere.SsoAdmin.psd1 b/Modules/VMware.vSphere.SsoAdmin/VMware.vSphere.SsoAdmin.psd1 index 4f8c81c..edac581 100644 --- a/Modules/VMware.vSphere.SsoAdmin/VMware.vSphere.SsoAdmin.psd1 +++ b/Modules/VMware.vSphere.SsoAdmin/VMware.vSphere.SsoAdmin.psd1 @@ -11,7 +11,7 @@ RootModule = 'VMware.vSphere.SsoAdmin.psm1' # Version number of this module. -ModuleVersion = '1.0.0' +ModuleVersion = '1.1.0' # ID used to uniquely identify this module GUID = 'b3e25326-e809-4d68-a252-ca5fcaf1eb8b' @@ -34,7 +34,7 @@ RequiredModules = @( ) # Functions to export from this module -FunctionsToExport = @('Connect-SsoAdminServer', 'Disconnect-SsoAdminServer', 'New-SsoPersonUser', 'Get-SsoPersonUser', 'Set-SsoPersonUser', 'Remove-SsoPersonUser', 'Get-SsoGroup', 'Get-SsoPasswordPolicy', 'Set-SsoPasswordPolicy', 'Get-SsoLockoutPolicy', 'Set-SsoLockoutPolicy', 'Get-SsoTokenLifetime', 'Set-SsoTokenLifetime', 'Add-ActiveDirectoryIdentitySource', 'Get-IdentitySource') +FunctionsToExport = @('Connect-SsoAdminServer', 'Disconnect-SsoAdminServer', 'New-SsoPersonUser', 'Get-SsoPersonUser', 'Set-SsoPersonUser', 'Remove-SsoPersonUser', 'Get-SsoGroup', 'Get-SsoPasswordPolicy', 'Set-SsoPasswordPolicy', 'Get-SsoLockoutPolicy', 'Set-SsoLockoutPolicy', 'Get-SsoTokenLifetime', 'Set-SsoTokenLifetime', 'Add-ExternalDomainIdentitySource', 'Get-IdentitySource') # Cmdlets to export from this module CmdletsToExport = @() @@ -43,5 +43,5 @@ CmdletsToExport = @() VariablesToExport = '' # Aliases to export from this module -AliasesToExport = '*' +AliasesToExport = @('Add-ActiveDirectoryIdentitySource') } \ No newline at end of file diff --git a/Modules/VMware.vSphere.SsoAdmin/VMware.vSphere.SsoAdmin.psm1 b/Modules/VMware.vSphere.SsoAdmin/VMware.vSphere.SsoAdmin.psm1 index 665b4a2..67c3e46 100644 --- a/Modules/VMware.vSphere.SsoAdmin/VMware.vSphere.SsoAdmin.psm1 +++ b/Modules/VMware.vSphere.SsoAdmin/VMware.vSphere.SsoAdmin.psm1 @@ -54,6 +54,22 @@ param( } } +function FormatError { +param( + [System.Exception] + $exception +) + if ($exception -ne $null) { + if ($exception.InnerException -ne $null) { + $exception = $exception.InnerException + } + + # result + $exception.Message + } + +} + # Global variables $global:DefaultSsoAdminServers = New-Object System.Collections.Generic.List[VMware.vSphere.SsoAdminClient.DataTypes.SsoAdminServer] @@ -128,17 +144,28 @@ function Connect-SsoAdminServer { $certificateValidator = New-Object 'VMware.vSphere.SsoAdmin.Utils.AcceptAllX509CertificateValidator' } - $ssoAdminServer = New-Object ` - 'VMware.vSphere.SsoAdminClient.DataTypes.SsoAdminServer' ` - -ArgumentList @( - $Server, - $User, - $Password, - $certificateValidator) + $ssoAdminServer = $null + try { + $ssoAdminServer = New-Object ` + 'VMware.vSphere.SsoAdminClient.DataTypes.SsoAdminServer' ` + -ArgumentList @( + $Server, + $User, + $Password, + $certificateValidator) + } catch { + Write-Error (FormatError $_.Exception) + } if ($ssoAdminServer -ne $null) { - # Update $global:DefaultSsoAdminServers varaible - $global:DefaultSsoAdminServers.Add($ssoAdminServer) | Out-Null + $existingConnectionIndex = $global:DefaultSsoAdminServers.IndexOf($ssoAdminServer) + if ($existingConnectionIndex -ge 0) { + $global:DefaultSsoAdminServers[$existingConnectionIndex].RefCount++ + $ssoAdminServer = $global:DefaultSsoAdminServers[$existingConnectionIndex] + } else { + # Update $global:DefaultSsoAdminServers varaible + $global:DefaultSsoAdminServers.Add($ssoAdminServer) | Out-Null + } # Function Output Write-Output $ssoAdminServer @@ -194,13 +221,13 @@ function Disconnect-SsoAdminServer { } foreach ($requestedServer in $Server) { - if ($global:DefaultSsoAdminServers.Contains($requestedServer)) { - $global:DefaultSsoAdminServers.Remove($requestedServer) | Out-Null - } - if ($requestedServer.IsConnected) { $requestedServer.Disconnect() } + + if ($global:DefaultSsoAdminServers.Contains($requestedServer) -and $requestedServer.RefCount -eq 0) { + $global:DefaultSsoAdminServers.Remove($requestedServer) | Out-Null + } } } } @@ -324,14 +351,18 @@ function New-SsoPersonUser { } # Output is the result of 'CreateLocalUser' - $connection.Client.CreateLocalUser( - $UserName, - $Password, - $Description, - $EmailAddress, - $FirstName, - $LastName - ) + try { + $connection.Client.CreateLocalUser( + $UserName, + $Password, + $Description, + $EmailAddress, + $FirstName, + $LastName + ) + } catch { + Write-Error (FormatError $_.Exception) + } } } } @@ -401,30 +432,34 @@ function Get-SsoPersonUser { $Name = [string]::Empty } - foreach ($connection in $serversToProcess) { - if (-not $connection.IsConnected) { - Write-Error "Server $connection is disconnected" - continue - } + try { + foreach ($connection in $serversToProcess) { + if (-not $connection.IsConnected) { + Write-Error "Server $connection is disconnected" + continue + } - foreach ($personUser in $connection.Client.GetLocalUsers( - (RemoveWildcardSymbols $Name), - $Domain)) { + foreach ($personUser in $connection.Client.GetLocalUsers( + (RemoveWildcardSymbols $Name), + $Domain)) { - if ([string]::IsNullOrEmpty($Name) ) { - Write-Output $personUser - } else { - # Apply Name filtering - if ((HasWildcardSymbols $Name) -and ` - $personUser.Name -like $Name) { - Write-Output $personUser - } elseif ($personUser.Name -eq $Name) { - # Exactly equal + if ([string]::IsNullOrEmpty($Name) ) { Write-Output $personUser + } else { + # Apply Name filtering + if ((HasWildcardSymbols $Name) -and ` + $personUser.Name -like $Name) { + Write-Output $personUser + } elseif ($personUser.Name -eq $Name) { + # Exactly equal + Write-Output $personUser + } } } } + } catch { + Write-Error (FormatError $_.Exception) } } } @@ -533,38 +568,42 @@ function Set-SsoPersonUser { $Unlock) Process { - foreach ($u in $User) { - $ssoAdminClient = $u.GetClient() - if ((-not $ssoAdminClient)) { - Write-Error "Object '$u' is from disconnected server" - continue - } + try { + foreach ($u in $User) { + $ssoAdminClient = $u.GetClient() + if ((-not $ssoAdminClient)) { + Write-Error "Object '$u' is from disconnected server" + continue + } - if ($Add) { - $result = $ssoAdminClient.AddPersonUserToGroup($u, $Group) - if ($result) { + if ($Add) { + $result = $ssoAdminClient.AddPersonUserToGroup($u, $Group) + if ($result) { + Write-Output $u + } + } + + if ($Remove) { + $result = $ssoAdminClient.RemovePersonUserFromGroup($u, $Group) + if ($result) { + Write-Output $u + } + } + + if ($Unlock) { + $result = $ssoAdminClient.UnlockPersonUser($u) + if ($result) { + Write-Output $u + } + } + + if ($NewPassword) { + $ssoAdminClient.ResetPersonUserPassword($u, $NewPassword) Write-Output $u } } - - if ($Remove) { - $result = $ssoAdminClient.RemovePersonUserFromGroup($u, $Group) - if ($result) { - Write-Output $u - } - } - - if ($Unlock) { - $result = $ssoAdminClient.UnlockPersonUser($u) - if ($result) { - Write-Output $u - } - } - - if ($NewPassword) { - $ssoAdminClient.ResetPersonUserPassword($u, $NewPassword) - Write-Output $u - } + } catch { + Write-Error (FormatError $_.Exception) } } } @@ -602,14 +641,18 @@ function Remove-SsoPersonUser { $User) Process { - foreach ($u in $User) { - $ssoAdminClient = $u.GetClient() - if ((-not $ssoAdminClient)) { - Write-Error "Object '$u' is from disconnected server" - continue - } + try { + foreach ($u in $User) { + $ssoAdminClient = $u.GetClient() + if ((-not $ssoAdminClient)) { + Write-Error "Object '$u' is from disconnected server" + continue + } - $ssoAdminClient.DeleteLocalUser($u) + $ssoAdminClient.DeleteLocalUser($u) + } + } catch { + Write-Error (FormatError $_.Exception) } } } @@ -681,30 +724,34 @@ function Get-SsoGroup { $Name = [string]::Empty } - foreach ($connection in $serversToProcess) { - if (-not $connection.IsConnected) { - Write-Error "Server $connection is disconnected" - continue - } + try { + foreach ($connection in $serversToProcess) { + if (-not $connection.IsConnected) { + Write-Error "Server $connection is disconnected" + continue + } - foreach ($group in $connection.Client.GetGroups( - (RemoveWildcardSymbols $Name), - $Domain)) { + foreach ($group in $connection.Client.GetGroups( + (RemoveWildcardSymbols $Name), + $Domain)) { - if ([string]::IsNullOrEmpty($Name) ) { - Write-Output $group - } else { - # Apply Name filtering - if ((HasWildcardSymbols $Name) -and ` - $group.Name -like $Name) { - Write-Output $group - } elseif ($group.Name -eq $Name) { - # Exactly equal + if ([string]::IsNullOrEmpty($Name) ) { Write-Output $group + } else { + # Apply Name filtering + if ((HasWildcardSymbols $Name) -and ` + $group.Name -like $Name) { + Write-Output $group + } elseif ($group.Name -eq $Name) { + # Exactly equal + Write-Output $group + } } } } + } catch { + Write-Error (FormatError $_.Exception) } } } @@ -748,13 +795,17 @@ function Get-SsoPasswordPolicy { if ($Server -ne $null) { $serversToProcess = $Server } - foreach ($connection in $serversToProcess) { - if (-not $connection.IsConnected) { - Write-Error "Server $connection is disconnected" - continue - } + try { + foreach ($connection in $serversToProcess) { + if (-not $connection.IsConnected) { + Write-Error "Server $connection is disconnected" + continue + } - $connection.Client.GetPasswordPolicy(); + $connection.Client.GetPasswordPolicy(); + } + } catch { + Write-Error (FormatError $_.Exception) } } } @@ -891,70 +942,74 @@ function Set-SsoPasswordPolicy { Process { - foreach ($pp in $PasswordPolicy) { + try { + foreach ($pp in $PasswordPolicy) { - $ssoAdminClient = $pp.GetClient() - if ((-not $ssoAdminClient)) { - Write-Error "Object '$pp' is from disconnected server" - continue + $ssoAdminClient = $pp.GetClient() + if ((-not $ssoAdminClient)) { + Write-Error "Object '$pp' is from disconnected server" + continue + } + + if ([string]::IsNullOrEmpty($Description)) { + $Description = $pp.Description + } + + if ($ProhibitedPreviousPasswordsCount -eq $null) { + $ProhibitedPreviousPasswordsCount = $pp.ProhibitedPreviousPasswordsCount + } + + if ($MinLength -eq $null) { + $MinLength = $pp.MinLength + } + + if ($MaxLength -eq $null) { + $MaxLength = $pp.MaxLength + } + + if ($MaxIdenticalAdjacentCharacters -eq $null) { + $MaxIdenticalAdjacentCharacters = $pp.MaxIdenticalAdjacentCharacters + } + + if ($MinNumericCount -eq $null) { + $MinNumericCount = $pp.MinNumericCount + } + + if ($MinSpecialCharCount -eq $null) { + $MinSpecialCharCount = $pp.MinSpecialCharCount + } + + if ($MinAlphabeticCount -eq $null) { + $MinAlphabeticCount = $pp.MinAlphabeticCount + } + + if ($MinUppercaseCount -eq $null) { + $MinUppercaseCount = $pp.MinUppercaseCount + } + + if ($MinLowercaseCount -eq $null) { + $MinLowercaseCount = $pp.MinLowercaseCount + } + + if ($PasswordLifetimeDays -eq $null) { + $PasswordLifetimeDays = $pp.PasswordLifetimeDays + } + + $ssoAdminClient.SetPasswordPolicy( + $Description, + $ProhibitedPreviousPasswordsCount, + $MinLength, + $MaxLength, + $MaxIdenticalAdjacentCharacters, + $MinNumericCount, + $MinSpecialCharCount, + $MinAlphabeticCount, + $MinUppercaseCount, + $MinLowercaseCount, + $PasswordLifetimeDays); } - - if ([string]::IsNullOrEmpty($Description)) { - $Description = $pp.Description - } - - if ($ProhibitedPreviousPasswordsCount -eq $null) { - $ProhibitedPreviousPasswordsCount = $pp.ProhibitedPreviousPasswordsCount - } - - if ($MinLength -eq $null) { - $MinLength = $pp.MinLength - } - - if ($MaxLength -eq $null) { - $MaxLength = $pp.MaxLength - } - - if ($MaxIdenticalAdjacentCharacters -eq $null) { - $MaxIdenticalAdjacentCharacters = $pp.MaxIdenticalAdjacentCharacters - } - - if ($MinNumericCount -eq $null) { - $MinNumericCount = $pp.MinNumericCount - } - - if ($MinSpecialCharCount -eq $null) { - $MinSpecialCharCount = $pp.MinSpecialCharCount - } - - if ($MinAlphabeticCount -eq $null) { - $MinAlphabeticCount = $pp.MinAlphabeticCount - } - - if ($MinUppercaseCount -eq $null) { - $MinUppercaseCount = $pp.MinUppercaseCount - } - - if ($MinLowercaseCount -eq $null) { - $MinLowercaseCount = $pp.MinLowercaseCount - } - - if ($PasswordLifetimeDays -eq $null) { - $PasswordLifetimeDays = $pp.PasswordLifetimeDays - } - - $ssoAdminClient.SetPasswordPolicy( - $Description, - $ProhibitedPreviousPasswordsCount, - $MinLength, - $MaxLength, - $MaxIdenticalAdjacentCharacters, - $MinNumericCount, - $MinSpecialCharCount, - $MinAlphabeticCount, - $MinUppercaseCount, - $MinLowercaseCount, - $PasswordLifetimeDays); + } catch { + Write-Error (FormatError $_.Exception) } } } @@ -998,13 +1053,18 @@ function Get-SsoLockoutPolicy { if ($Server -ne $null) { $serversToProcess = $Server } - foreach ($connection in $serversToProcess) { - if (-not $connection.IsConnected) { - Write-Error "Server $connection is disconnected" - continue - } - $connection.Client.GetLockoutPolicy(); + try { + foreach ($connection in $serversToProcess) { + if (-not $connection.IsConnected) { + Write-Error "Server $connection is disconnected" + continue + } + + $connection.Client.GetLockoutPolicy(); + } + } catch { + Write-Error (FormatError $_.Exception) } } } @@ -1077,36 +1137,39 @@ function Set-SsoLockoutPolicy { $MaxFailedAttempts) Process { + try { + foreach ($lp in $LockoutPolicy) { - foreach ($lp in $LockoutPolicy) { + $ssoAdminClient = $lp.GetClient() + if ((-not $ssoAdminClient)) { + Write-Error "Object '$lp' is from disconnected server" + continue + } - $ssoAdminClient = $lp.GetClient() - if ((-not $ssoAdminClient)) { - Write-Error "Object '$lp' is from disconnected server" - continue + if ([string]::IsNullOrEmpty($Description)) { + $Description = $lp.Description + } + + if ($AutoUnlockIntervalSec -eq $null) { + $AutoUnlockIntervalSec = $lp.AutoUnlockIntervalSec + } + + if ($FailedAttemptIntervalSec -eq $null) { + $FailedAttemptIntervalSec = $lp.FailedAttemptIntervalSec + } + + if ($MaxFailedAttempts -eq $null) { + $MaxFailedAttempts = $lp.MaxFailedAttempts + } + + $ssoAdminClient.SetLockoutPolicy( + $Description, + $AutoUnlockIntervalSec, + $FailedAttemptIntervalSec, + $MaxFailedAttempts); } - - if ([string]::IsNullOrEmpty($Description)) { - $Description = $lp.Description - } - - if ($AutoUnlockIntervalSec -eq $null) { - $AutoUnlockIntervalSec = $lp.AutoUnlockIntervalSec - } - - if ($FailedAttemptIntervalSec -eq $null) { - $FailedAttemptIntervalSec = $lp.FailedAttemptIntervalSec - } - - if ($MaxFailedAttempts -eq $null) { - $MaxFailedAttempts = $lp.MaxFailedAttempts - } - - $ssoAdminClient.SetLockoutPolicy( - $Description, - $AutoUnlockIntervalSec, - $FailedAttemptIntervalSec, - $MaxFailedAttempts); + } catch { + Write-Error (FormatError $_.Exception) } } } @@ -1150,13 +1213,18 @@ function Get-SsoTokenLifetime { if ($Server -ne $null) { $serversToProcess = $Server } - foreach ($connection in $serversToProcess) { - if (-not $connection.IsConnected) { - Write-Error "Server $connection is disconnected" - continue - } - $connection.Client.GetTokenLifetime(); + try { + foreach ($connection in $serversToProcess) { + if (-not $connection.IsConnected) { + Write-Error "Server $connection is disconnected" + continue + } + + $connection.Client.GetTokenLifetime(); + } + } catch { + Write-Error (FormatError $_.Exception) } } } @@ -1211,35 +1279,39 @@ function Set-SsoTokenLifetime { Process { - foreach ($tl in $TokenLifetime) { + try { + foreach ($tl in $TokenLifetime) { - $ssoAdminClient = $tl.GetClient() - if ((-not $ssoAdminClient)) { - Write-Error "Object '$tl' is from disconnected server" - continue + $ssoAdminClient = $tl.GetClient() + if ((-not $ssoAdminClient)) { + Write-Error "Object '$tl' is from disconnected server" + continue + } + + $ssoAdminClient.SetTokenLifetime( + $MaxHoKTokenLifetime, + $MaxBearerTokenLifetime + ); } - - $ssoAdminClient.SetTokenLifetime( - $MaxHoKTokenLifetime, - $MaxBearerTokenLifetime - ); + } catch { + Write-Error (FormatError $_.Exception) } } } #endregion #region IdentitySource -function Add-ActiveDirectoryIdentitySource { +function Add-ExternalDomainIdentitySource { <# .NOTES =========================================================================== - Created on: 9/30/2020 + Created on: 2/11/2021 Created by: Dimitar Milov Twitter: @dimitar_milov Github: https://github.com/dmilov =========================================================================== .DESCRIPTION - This function adds Identity Source of ActiveDirectory type. + This function adds Identity Source of ActiveDirectory, OpenLDAP or NIS type. .PARAMETER Name Name of the identity source @@ -1269,8 +1341,12 @@ function Add-ActiveDirectoryIdentitySource { Specifies the vSphere Sso Admin Server on which you want to run the cmdlet. If not specified the servers available in $global:DefaultSsoAdminServers variable will be used. + .PARAMETER Server + Specifies the vSphere Sso Admin Server on which you want to run the cmdlet. + If not specified the servers available in $global:DefaultSsoAdminServers variable will be used. + .EXAMPLE - Add-ActiveDirectoryIdentitySource ` + Add-ExternalDomainIdentitySource ` -Name 'sof-powercli' ` -DomainName 'sof-powercli.vmware.com' ` -DomainAlias 'sof-powercli' ` @@ -1280,9 +1356,22 @@ function Add-ActiveDirectoryIdentitySource { -Username 'sofPowercliAdmin' ` -Password '$up3R$Tr0Pa$$w0rD' - Adds ActiveDirectory identity source + .EXAMPLE + Add-ExternalDomainIdentitySource ` + -Name 'sof-powercli' ` + -DomainName 'sof-powercli.vmware.com' ` + -DomainAlias 'sof-powercli' ` + -PrimaryUrl 'ldap://sof-powercli.vmware.com:389' ` + -BaseDNUsers 'CN=Users,DC=sof-powercli,DC=vmware,DC=com' ` + -BaseDNGroups 'CN=Users,DC=sof-powercli,DC=vmware,DC=com' ` + -Username 'sofPowercliAdmin' ` + -Password '$up3R$Tr0Pa$$w0rD' ` + -ServerType 'OpenLDAP' + + Adds External Identity Source #> [CmdletBinding()] +[Alias("Add-ActiveDirectoryIdentitySource")] param( [Parameter( Mandatory=$true, @@ -1352,6 +1441,15 @@ function Add-ActiveDirectoryIdentitySource { [string] $Password, + [Parameter( + Mandatory=$false, + ValueFromPipeline=$false, + ValueFromPipelineByPropertyName=$false, + HelpMessage='External domain server type')] + [ValidateSet('ActiveDirectory','OpenLdap','NIS')] + [string] + $DomainServerType = 'ActiveDirectory', + [Parameter( Mandatory=$false, ValueFromPipeline=$false, @@ -1365,21 +1463,27 @@ function Add-ActiveDirectoryIdentitySource { if ($Server -ne $null) { $serversToProcess = $Server } - foreach ($connection in $serversToProcess) { - if (-not $connection.IsConnected) { - Write-Error "Server $connection is disconnected" - continue - } - $connection.Client.AddActiveDirectoryExternalDomain( - $DomainName, - $DomainAlias, - $Name, - $PrimaryUrl, - $BaseDNUsers, - $BaseDNGroups, - $Username, - $Password); + try { + foreach ($connection in $serversToProcess) { + if (-not $connection.IsConnected) { + Write-Error "Server $connection is disconnected" + continue + } + + $connection.Client.AddActiveDirectoryExternalDomain( + $DomainName, + $DomainAlias, + $Name, + $PrimaryUrl, + $BaseDNUsers, + $BaseDNGroups, + $Username, + $Password, + $DomainServerType); + } + } catch { + Write-Error (FormatError $_.Exception) } } diff --git a/Modules/VMware.vSphere.SsoAdmin/net45/VMware.vSphere.LsClient.dll b/Modules/VMware.vSphere.SsoAdmin/net45/VMware.vSphere.LsClient.dll index f0e8297..281189a 100644 Binary files a/Modules/VMware.vSphere.SsoAdmin/net45/VMware.vSphere.LsClient.dll and b/Modules/VMware.vSphere.SsoAdmin/net45/VMware.vSphere.LsClient.dll differ diff --git a/Modules/VMware.vSphere.SsoAdmin/net45/VMware.vSphere.SsoAdmin.Utils.dll b/Modules/VMware.vSphere.SsoAdmin/net45/VMware.vSphere.SsoAdmin.Utils.dll index c00cfab..f56c7d1 100644 Binary files a/Modules/VMware.vSphere.SsoAdmin/net45/VMware.vSphere.SsoAdmin.Utils.dll and b/Modules/VMware.vSphere.SsoAdmin/net45/VMware.vSphere.SsoAdmin.Utils.dll differ diff --git a/Modules/VMware.vSphere.SsoAdmin/net45/VMware.vSphere.SsoAdminClient.dll b/Modules/VMware.vSphere.SsoAdmin/net45/VMware.vSphere.SsoAdminClient.dll index 27e5b60..b651654 100644 Binary files a/Modules/VMware.vSphere.SsoAdmin/net45/VMware.vSphere.SsoAdminClient.dll and b/Modules/VMware.vSphere.SsoAdmin/net45/VMware.vSphere.SsoAdminClient.dll differ diff --git a/Modules/VMware.vSphere.SsoAdmin/netcoreapp2.0/VMware.vSphere.LsClient.dll b/Modules/VMware.vSphere.SsoAdmin/netcoreapp2.0/VMware.vSphere.LsClient.dll index 8030432..8351622 100644 Binary files a/Modules/VMware.vSphere.SsoAdmin/netcoreapp2.0/VMware.vSphere.LsClient.dll and b/Modules/VMware.vSphere.SsoAdmin/netcoreapp2.0/VMware.vSphere.LsClient.dll differ diff --git a/Modules/VMware.vSphere.SsoAdmin/netcoreapp2.0/VMware.vSphere.SsoAdmin.Utils.dll b/Modules/VMware.vSphere.SsoAdmin/netcoreapp2.0/VMware.vSphere.SsoAdmin.Utils.dll index 9753f23..60aacd2 100644 Binary files a/Modules/VMware.vSphere.SsoAdmin/netcoreapp2.0/VMware.vSphere.SsoAdmin.Utils.dll and b/Modules/VMware.vSphere.SsoAdmin/netcoreapp2.0/VMware.vSphere.SsoAdmin.Utils.dll differ diff --git a/Modules/VMware.vSphere.SsoAdmin/netcoreapp2.0/VMware.vSphere.SsoAdminClient.dll b/Modules/VMware.vSphere.SsoAdmin/netcoreapp2.0/VMware.vSphere.SsoAdminClient.dll index 5f62632..dcdf4ee 100644 Binary files a/Modules/VMware.vSphere.SsoAdmin/netcoreapp2.0/VMware.vSphere.SsoAdminClient.dll and b/Modules/VMware.vSphere.SsoAdmin/netcoreapp2.0/VMware.vSphere.SsoAdminClient.dll differ diff --git a/Modules/VMware.vSphere.SsoAdmin/src/VMware.vSphere.SsoAdmin.Client/VMware.vSphere.SsoAdminClient/DataTypes/SsoAdminServer.cs b/Modules/VMware.vSphere.SsoAdmin/src/VMware.vSphere.SsoAdmin.Client/VMware.vSphere.SsoAdminClient/DataTypes/SsoAdminServer.cs index 086dd4f..02bd4ca 100644 --- a/Modules/VMware.vSphere.SsoAdmin/src/VMware.vSphere.SsoAdmin.Client/VMware.vSphere.SsoAdminClient/DataTypes/SsoAdminServer.cs +++ b/Modules/VMware.vSphere.SsoAdmin/src/VMware.vSphere.SsoAdmin.Client/VMware.vSphere.SsoAdminClient/DataTypes/SsoAdminServer.cs @@ -30,6 +30,7 @@ namespace VMware.vSphere.SsoAdminClient.DataTypes password, serverCertificateValidator); + RefCount = 1; Id = $"/SsoAdminServer={NormalizeUserName()}@{Name}"; } @@ -50,9 +51,12 @@ namespace VMware.vSphere.SsoAdminClient.DataTypes public string Id { get; set; } public bool IsConnected => _client != null; public SsoAdminClient Client => _client; + public int RefCount { get; set; } public void Disconnect() { - _client = null; + if (--RefCount == 0) { + _client = null; + } } public override string ToString() { diff --git a/Modules/VMware.vSphere.SsoAdmin/src/VMware.vSphere.SsoAdmin.Client/VMware.vSphere.SsoAdminClient/SsoAdminClient.cs b/Modules/VMware.vSphere.SsoAdmin/src/VMware.vSphere.SsoAdmin.Client/VMware.vSphere.SsoAdminClient/SsoAdminClient.cs index 14ad138..780abcc 100644 --- a/Modules/VMware.vSphere.SsoAdmin/src/VMware.vSphere.SsoAdmin.Client/VMware.vSphere.SsoAdminClient/SsoAdminClient.cs +++ b/Modules/VMware.vSphere.SsoAdmin/src/VMware.vSphere.SsoAdmin.Client/VMware.vSphere.SsoAdminClient/SsoAdminClient.cs @@ -627,9 +627,9 @@ namespace VMware.vSphere.SsoAdminClient string baseDNUsers, string baseDNGroups, string authenticationUserName, - string authenticationPassword) { - - string serverType = "ActiveDirectory"; + string authenticationPassword, + string serverType) { + string authenticationType = "password"; var authorizedInvocationContext = CreateAuthorizedInvocationContext(); diff --git a/Modules/VMware.vSphere.SsoAdmin/src/test/ConnectDisconnect.Tests.ps1 b/Modules/VMware.vSphere.SsoAdmin/src/test/ConnectDisconnect.Tests.ps1 index e7ee61c..fd1fcfe 100644 --- a/Modules/VMware.vSphere.SsoAdmin/src/test/ConnectDisconnect.Tests.ps1 +++ b/Modules/VMware.vSphere.SsoAdmin/src/test/ConnectDisconnect.Tests.ps1 @@ -52,7 +52,8 @@ Describe "Connect-SsoAdminServer and Disconnect-SsoAdminServer Tests" { -Server $VcAddress ` -User $User ` -Password ($Password + "invalid") ` - -SkipCertificateCheck } | ` + -SkipCertificateCheck ` + -ErrorAction Stop } | ` Should Throw "Invalid credentials" } @@ -62,7 +63,8 @@ Describe "Connect-SsoAdminServer and Disconnect-SsoAdminServer Tests" { { Connect-SsoAdminServer ` -Server $VcAddress ` -User $User ` - -Password $Password} | ` + -Password $Password ` + -ErrorAction Stop } | ` Should Throw "The SSL connection could not be established, see inner exception." } } @@ -102,43 +104,48 @@ Describe "Connect-SsoAdminServer and Disconnect-SsoAdminServer Tests" { It 'Diconnect-SsoAdminServer does not disconnect if connected to more than 1 SSO server' { # Arrange - $expected += @(Connect-SsoAdminServer ` + $connection1 = Connect-SsoAdminServer ` -Server $VcAddress ` -User $User ` -Password $Password ` - -SkipCertificateCheck) - $expected += @(Connect-SsoAdminServer ` + -SkipCertificateCheck + $connection2 = Connect-SsoAdminServer ` -Server $VcAddress ` -User $User ` -Password $Password ` - -SkipCertificateCheck) + -SkipCertificateCheck # Act # Assert - {Disconnect-SsoAdminServer} | should -Throw 'Connected to more than 1 SSO server, please specify a SSO server via -Server parameter' - (Compare-Object $global:DefaultSsoAdminServers $expected -IncludeEqual).Count | Should Be 2 - $expected.IsConnected | Should -Contain $true + $connection2 | Should Be $connection1 + $connection2.RefCount | Should Be 2 + + Disconnect-SsoAdminServer + + $connection2.IsConnected | Should -Contain $true + $connection2.RefCount | Should Be 1 } It 'Diconnect-SsoAdminServer does disconnect via pipeline if connected to more than 1 SSO server' { # Arrange - $expected += @(Connect-SsoAdminServer ` + $connection1 = Connect-SsoAdminServer ` -Server $VcAddress ` -User $User ` -Password $Password ` - -SkipCertificateCheck) - $expected += @(Connect-SsoAdminServer ` + -SkipCertificateCheck + $connection2 = Connect-SsoAdminServer ` -Server $VcAddress ` -User $User ` -Password $Password ` - -SkipCertificateCheck) + -SkipCertificateCheck # Act - $expected | Disconnect-SsoAdminServer + $connection1, $connection2 | Disconnect-SsoAdminServer # Assert - $global:DefaultSsoAdminServers.count | Should Be 0 - $expected.IsConnected | Should -not -Contain $true + $global:DefaultSsoAdminServers.Count | Should Be 0 + $connection1.IsConnected | Should Be $false + $connection2.IsConnected | Should Be $false } It 'Disconnects disconnected object' {