├── .github └── workflows │ ├── pssa.yml │ └── release.yml ├── .vscode ├── PSScriptAnalyzerSettings.psd1 └── settings.json ├── LICENSE ├── Medias ├── CPPM_API_Docs.PNG ├── CPPM_API_Docs_platform.PNG ├── CPPM_Create_API_Client.PNG ├── CPPM_Generate_Access_Token.PNG ├── CPPM_Get_Token.PNG ├── CPPM_Guest_API.PNG └── PowerArubaCP.png ├── PowerArubaCP ├── PowerArubaCP.Format.ps1xml ├── PowerArubaCP.psd1 ├── PowerArubaCP.psm1 ├── Private │ ├── Confirm.ps1 │ ├── Exception.ps1 │ ├── Format.ps1 │ ├── MaskCidr.ps1 │ ├── RestMethod.ps1 │ └── SSL.ps1 ├── Public │ ├── ApiClient.ps1 │ ├── ApplicationLicense.ps1 │ ├── Attributes.ps1 │ ├── AuthMethod.ps1 │ ├── AuthSource.ps1 │ ├── CertTrustList.ps1 │ ├── Certificate.ps1 │ ├── Connection.ps1 │ ├── DeviceFingerprint.ps1 │ ├── Endpoint.ps1 │ ├── Enforcement.ps1 │ ├── LocalUser.ps1 │ ├── NetworkDevice.ps1 │ ├── NetworkDeviceGroup.ps1 │ ├── Platform.ps1 │ ├── Role.ps1 │ ├── Services.ps1 │ ├── StaticHostList.ps1 │ └── VM.ps1 └── en-US │ └── about_PowerArubaCP.help.txt ├── README.md └── Tests ├── .gitignore ├── PowerArubaCP.Tests.ps1 ├── README.md ├── common.ps1 ├── credential.example.ps1 └── integration ├── ApiClient.Tests.ps1 ├── ApplicationLicense.Tests.ps1 ├── AuthMethod.Tests.ps1 ├── AuthSource.Tests.ps1 ├── Certificates.Tests.ps1 ├── Connection.Tests.ps1 ├── DeviceFingerprint.Tests.ps1 ├── Endpoint.Tests.ps1 ├── LocalUser.Tests.ps1 ├── NetworkDevice.Tests.ps1 ├── NetworkDeviceGroup.Tests.ps1 ├── Platform.tests.ps1 ├── Role.Tests.ps1 ├── Services.Tests.ps1 └── StaticHostList.Tests.ps1 /.github/workflows/pssa.yml: -------------------------------------------------------------------------------- 1 | 2 | name: CI 3 | on: 4 | pull_request: 5 | jobs: 6 | lint: 7 | name: Run PSSA 8 | runs-on: ubuntu-latest 9 | steps: 10 | - uses: actions/checkout@master 11 | - name: lint 12 | uses: docker://devblackops/github-action-psscriptanalyzer:2.4.0 13 | with: 14 | settingsPath: .vscode/PSScriptAnalyzerSettings.psd1 15 | sendComment: false 16 | failOnInfos: true 17 | failOnErrors: true 18 | failOnWarnings: true -------------------------------------------------------------------------------- /.github/workflows/release.yml: -------------------------------------------------------------------------------- 1 | name: Release 2 | 3 | on: 4 | release: 5 | types: [published] 6 | 7 | jobs: 8 | build: 9 | 10 | runs-on: ubuntu-latest 11 | 12 | steps: 13 | - uses: actions/checkout@v1 14 | - name: Publish 15 | run: | 16 | pwsh -Command "Publish-Module -Path ./PowerArubaCP -NuGetApiKey ${{ secrets.PSGALLERY_API_KEY }}" 17 | -------------------------------------------------------------------------------- /.vscode/PSScriptAnalyzerSettings.psd1: -------------------------------------------------------------------------------- 1 | @{ 2 | ExcludeRules = @( 3 | 'PSUseToExportFieldsInManifest' 4 | ) 5 | } -------------------------------------------------------------------------------- /.vscode/settings.json: -------------------------------------------------------------------------------- 1 | // Place your settings in this file to overwrite default and user settings. 2 | { 3 | "editor.formatOnSave": true, 4 | "files.trimTrailingWhitespace": true, 5 | "powershell.scriptAnalysis.settingsPath": ".vscode/PSScriptAnalyzerSettings.psd1", 6 | "[markdown]": { 7 | "files.trimTrailingWhitespace": false, 8 | } 9 | } -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Apache License 2 | Version 2.0, January 2004 3 | http://www.apache.org/licenses/ 4 | 5 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 6 | 7 | 1. Definitions. 8 | 9 | "License" shall mean the terms and conditions for use, reproduction, 10 | and distribution as defined by Sections 1 through 9 of this document. 11 | 12 | "Licensor" shall mean the copyright owner or entity authorized by 13 | the copyright owner that is granting the License. 14 | 15 | "Legal Entity" shall mean the union of the acting entity and all 16 | other entities that control, are controlled by, or are under common 17 | control with that entity. For the purposes of this definition, 18 | "control" means (i) the power, direct or indirect, to cause the 19 | direction or management of such entity, whether by contract or 20 | otherwise, or (ii) ownership of fifty percent (50%) or more of the 21 | outstanding shares, or (iii) beneficial ownership of such entity. 22 | 23 | "You" (or "Your") shall mean an individual or Legal Entity 24 | exercising permissions granted by this License. 25 | 26 | "Source" form shall mean the preferred form for making modifications, 27 | including but not limited to software source code, documentation 28 | source, and configuration files. 29 | 30 | "Object" form shall mean any form resulting from mechanical 31 | transformation or translation of a Source form, including but 32 | not limited to compiled object code, generated documentation, 33 | and conversions to other media types. 34 | 35 | "Work" shall mean the work of authorship, whether in Source or 36 | Object form, made available under the License, as indicated by a 37 | copyright notice that is included in or attached to the work 38 | (an example is provided in the Appendix below). 39 | 40 | "Derivative Works" shall mean any work, whether in Source or Object 41 | form, that is based on (or derived from) the Work and for which the 42 | editorial revisions, annotations, elaborations, or other modifications 43 | represent, as a whole, an original work of authorship. For the purposes 44 | of this License, Derivative Works shall not include works that remain 45 | separable from, or merely link (or bind by name) to the interfaces of, 46 | the Work and Derivative Works thereof. 47 | 48 | "Contribution" shall mean any work of authorship, including 49 | the original version of the Work and any modifications or additions 50 | to that Work or Derivative Works thereof, that is intentionally 51 | submitted to Licensor for inclusion in the Work by the copyright owner 52 | or by an individual or Legal Entity authorized to submit on behalf of 53 | the copyright owner. For the purposes of this definition, "submitted" 54 | means any form of electronic, verbal, or written communication sent 55 | to the Licensor or its representatives, including but not limited to 56 | communication on electronic mailing lists, source code control systems, 57 | and issue tracking systems that are managed by, or on behalf of, the 58 | Licensor for the purpose of discussing and improving the Work, but 59 | excluding communication that is conspicuously marked or otherwise 60 | designated in writing by the copyright owner as "Not a Contribution." 61 | 62 | "Contributor" shall mean Licensor and any individual or Legal Entity 63 | on behalf of whom a Contribution has been received by Licensor and 64 | subsequently incorporated within the Work. 65 | 66 | 2. Grant of Copyright License. Subject to the terms and conditions of 67 | this License, each Contributor hereby grants to You a perpetual, 68 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 69 | copyright license to reproduce, prepare Derivative Works of, 70 | publicly display, publicly perform, sublicense, and distribute the 71 | Work and such Derivative Works in Source or Object form. 72 | 73 | 3. Grant of Patent License. Subject to the terms and conditions of 74 | this License, each Contributor hereby grants to You a perpetual, 75 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 76 | (except as stated in this section) patent license to make, have made, 77 | use, offer to sell, sell, import, and otherwise transfer the Work, 78 | where such license applies only to those patent claims licensable 79 | by such Contributor that are necessarily infringed by their 80 | Contribution(s) alone or by combination of their Contribution(s) 81 | with the Work to which such Contribution(s) was submitted. If You 82 | institute patent litigation against any entity (including a 83 | cross-claim or counterclaim in a lawsuit) alleging that the Work 84 | or a Contribution incorporated within the Work constitutes direct 85 | or contributory patent infringement, then any patent licenses 86 | granted to You under this License for that Work shall terminate 87 | as of the date such litigation is filed. 88 | 89 | 4. Redistribution. You may reproduce and distribute copies of the 90 | Work or Derivative Works thereof in any medium, with or without 91 | modifications, and in Source or Object form, provided that You 92 | meet the following conditions: 93 | 94 | (a) You must give any other recipients of the Work or 95 | Derivative Works a copy of this License; and 96 | 97 | (b) You must cause any modified files to carry prominent notices 98 | stating that You changed the files; and 99 | 100 | (c) You must retain, in the Source form of any Derivative Works 101 | that You distribute, all copyright, patent, trademark, and 102 | attribution notices from the Source form of the Work, 103 | excluding those notices that do not pertain to any part of 104 | the Derivative Works; and 105 | 106 | (d) If the Work includes a "NOTICE" text file as part of its 107 | distribution, then any Derivative Works that You distribute must 108 | include a readable copy of the attribution notices contained 109 | within such NOTICE file, excluding those notices that do not 110 | pertain to any part of the Derivative Works, in at least one 111 | of the following places: within a NOTICE text file distributed 112 | as part of the Derivative Works; within the Source form or 113 | documentation, if provided along with the Derivative Works; or, 114 | within a display generated by the Derivative Works, if and 115 | wherever such third-party notices normally appear. The contents 116 | of the NOTICE file are for informational purposes only and 117 | do not modify the License. You may add Your own attribution 118 | notices within Derivative Works that You distribute, alongside 119 | or as an addendum to the NOTICE text from the Work, provided 120 | that such additional attribution notices cannot be construed 121 | as modifying the License. 122 | 123 | You may add Your own copyright statement to Your modifications and 124 | may provide additional or different license terms and conditions 125 | for use, reproduction, or distribution of Your modifications, or 126 | for any such Derivative Works as a whole, provided Your use, 127 | reproduction, and distribution of the Work otherwise complies with 128 | the conditions stated in this License. 129 | 130 | 5. Submission of Contributions. Unless You explicitly state otherwise, 131 | any Contribution intentionally submitted for inclusion in the Work 132 | by You to the Licensor shall be under the terms and conditions of 133 | this License, without any additional terms or conditions. 134 | Notwithstanding the above, nothing herein shall supersede or modify 135 | the terms of any separate license agreement you may have executed 136 | with Licensor regarding such Contributions. 137 | 138 | 6. Trademarks. This License does not grant permission to use the trade 139 | names, trademarks, service marks, or product names of the Licensor, 140 | except as required for reasonable and customary use in describing the 141 | origin of the Work and reproducing the content of the NOTICE file. 142 | 143 | 7. Disclaimer of Warranty. Unless required by applicable law or 144 | agreed to in writing, Licensor provides the Work (and each 145 | Contributor provides its Contributions) on an "AS IS" BASIS, 146 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 147 | implied, including, without limitation, any warranties or conditions 148 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A 149 | PARTICULAR PURPOSE. You are solely responsible for determining the 150 | appropriateness of using or redistributing the Work and assume any 151 | risks associated with Your exercise of permissions under this License. 152 | 153 | 8. Limitation of Liability. In no event and under no legal theory, 154 | whether in tort (including negligence), contract, or otherwise, 155 | unless required by applicable law (such as deliberate and grossly 156 | negligent acts) or agreed to in writing, shall any Contributor be 157 | liable to You for damages, including any direct, indirect, special, 158 | incidental, or consequential damages of any character arising as a 159 | result of this License or out of the use or inability to use the 160 | Work (including but not limited to damages for loss of goodwill, 161 | work stoppage, computer failure or malfunction, or any and all 162 | other commercial damages or losses), even if such Contributor 163 | has been advised of the possibility of such damages. 164 | 165 | 9. Accepting Warranty or Additional Liability. While redistributing 166 | the Work or Derivative Works thereof, You may choose to offer, 167 | and charge a fee for, acceptance of support, warranty, indemnity, 168 | or other liability obligations and/or rights consistent with this 169 | License. However, in accepting such obligations, You may act only 170 | on Your own behalf and on Your sole responsibility, not on behalf 171 | of any other Contributor, and only if You agree to indemnify, 172 | defend, and hold each Contributor harmless for any liability 173 | incurred by, or claims asserted against, such Contributor by reason 174 | of your accepting any such warranty or additional liability. 175 | 176 | END OF TERMS AND CONDITIONS 177 | 178 | APPENDIX: How to apply the Apache License to your work. 179 | 180 | To apply the Apache License to your work, attach the following 181 | boilerplate notice, with the fields enclosed by brackets "[]" 182 | replaced with your own identifying information. (Don't include 183 | the brackets!) The text should be enclosed in the appropriate 184 | comment syntax for the file format. We also recommend that a 185 | file or class name and description of purpose be included on the 186 | same "printed page" as the copyright notice for easier 187 | identification within third-party archives. 188 | 189 | Copyright [yyyy] [name of copyright owner] 190 | 191 | Licensed under the Apache License, Version 2.0 (the "License"); 192 | you may not use this file except in compliance with the License. 193 | You may obtain a copy of the License at 194 | 195 | http://www.apache.org/licenses/LICENSE-2.0 196 | 197 | Unless required by applicable law or agreed to in writing, software 198 | distributed under the License is distributed on an "AS IS" BASIS, 199 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 200 | See the License for the specific language governing permissions and 201 | limitations under the License. 202 | -------------------------------------------------------------------------------- /Medias/CPPM_API_Docs.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PowerAruba/PowerArubaCP/491ec9c27a3db43d8795dd2779bda7fb09fc4d27/Medias/CPPM_API_Docs.PNG -------------------------------------------------------------------------------- /Medias/CPPM_API_Docs_platform.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PowerAruba/PowerArubaCP/491ec9c27a3db43d8795dd2779bda7fb09fc4d27/Medias/CPPM_API_Docs_platform.PNG -------------------------------------------------------------------------------- /Medias/CPPM_Create_API_Client.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PowerAruba/PowerArubaCP/491ec9c27a3db43d8795dd2779bda7fb09fc4d27/Medias/CPPM_Create_API_Client.PNG -------------------------------------------------------------------------------- /Medias/CPPM_Generate_Access_Token.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PowerAruba/PowerArubaCP/491ec9c27a3db43d8795dd2779bda7fb09fc4d27/Medias/CPPM_Generate_Access_Token.PNG -------------------------------------------------------------------------------- /Medias/CPPM_Get_Token.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PowerAruba/PowerArubaCP/491ec9c27a3db43d8795dd2779bda7fb09fc4d27/Medias/CPPM_Get_Token.PNG -------------------------------------------------------------------------------- /Medias/CPPM_Guest_API.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PowerAruba/PowerArubaCP/491ec9c27a3db43d8795dd2779bda7fb09fc4d27/Medias/CPPM_Guest_API.PNG -------------------------------------------------------------------------------- /Medias/PowerArubaCP.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PowerAruba/PowerArubaCP/491ec9c27a3db43d8795dd2779bda7fb09fc4d27/Medias/PowerArubaCP.png -------------------------------------------------------------------------------- /PowerArubaCP/PowerArubaCP.Format.ps1xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PowerAruba/PowerArubaCP/491ec9c27a3db43d8795dd2779bda7fb09fc4d27/PowerArubaCP/PowerArubaCP.Format.ps1xml -------------------------------------------------------------------------------- /PowerArubaCP/PowerArubaCP.psd1: -------------------------------------------------------------------------------- 1 | # 2 | # Module manifest for module 'PowerArubaCP' 3 | # 4 | # Generated by: Alexis La Goutte 5 | # 6 | # Generated on: 17/07/2018 7 | # 8 | 9 | @{ 10 | 11 | # Script module or binary module file associated with this manifest. 12 | RootModule = 'PowerArubaCP.psm1' 13 | 14 | # Version number of this module. 15 | ModuleVersion = '0.7.0' 16 | 17 | # ID used to uniquely identify this module 18 | GUID = '24e1a5ba-e4e3-4109-b079-04d4d657da93' 19 | 20 | # Author of this module 21 | Author = 'Alexis La Goutte' 22 | 23 | # Company or vendor of this module 24 | #CompanyName = 'Unknown' 25 | 26 | # Copyright statement for this module 27 | Copyright = '(c) 2018 - 2022 Alexis La Goutte All rights reserved.' 28 | 29 | # Description of the functionality provided by this module 30 | Description = 'PowerShell module to query the Aruba ClearPass API' 31 | 32 | # Minimum version of the Windows PowerShell engine required by this module 33 | PowerShellVersion = '3.0' 34 | 35 | # Name of the Windows PowerShell host required by this module 36 | # PowerShellHostName = '' 37 | 38 | # Minimum version of the Windows PowerShell host required by this module 39 | # PowerShellHostVersion = '' 40 | 41 | # Minimum version of Microsoft .NET Framework required by this module 42 | # DotNetFrameworkVersion = '' 43 | 44 | # Minimum version of the common language runtime (CLR) required by this module 45 | # CLRVersion = '' 46 | 47 | # Processor architecture (None, X86, Amd64) required by this module 48 | # ProcessorArchitecture = '' 49 | 50 | # Modules that must be imported into the global environment prior to importing this module 51 | # RequiredModules = @() 52 | 53 | # Assemblies that must be loaded prior to importing this module 54 | # RequiredAssemblies = @() 55 | 56 | # Script files (.ps1) that are run in the caller's environment prior to importing this module. 57 | # ScriptsToProcess = @() 58 | 59 | # Type files (.ps1xml) to be loaded when importing this module 60 | # TypesToProcess = @() 61 | 62 | # Format files (.ps1xml) to be loaded when importing this module 63 | #FormatsToProcess = 'PowerArubaCP.Format.ps1xml' 64 | 65 | # Modules to import as nested modules of the module specified in RootModule/ModuleToProcess 66 | # NestedModules = @() 67 | 68 | # Functions to export from this module 69 | FunctionsToExport = '*' 70 | 71 | # Cmdlets to export from this module 72 | CmdletsToExport = '*' 73 | 74 | # Variables to export from this module 75 | VariablesToExport = '*' 76 | 77 | # Aliases to export from this module 78 | AliasesToExport = '*' 79 | 80 | # DSC resources to export from this module 81 | # DscResourcesToExport = @() 82 | 83 | # List of all modules packaged with this module 84 | # ModuleList = @() 85 | 86 | # List of all files packaged with this module 87 | # FileList = @() 88 | 89 | # Private data to pass to the module specified in RootModule/ModuleToProcess. This may also contain a PSData hashtable with additional module metadata used by PowerShell. 90 | PrivateData = @{ 91 | 92 | PSData = @{ 93 | 94 | # Tags applied to this module. These help with module discovery in online galleries. 95 | Tags = @('Aruba', 'HPE', 'ClearPass', 'CPPM', 'PSEdition_Core', 'PSEdition_Desktop') 96 | 97 | # A URL to the license for this module. 98 | LicenseUri = 'https://github.com/PowerAruba/PowerArubaCP/blob/master/LICENSE' 99 | 100 | # A URL to the main website for this project. 101 | ProjectUri = 'https://github.com/PowerAruba/PowerArubaCP' 102 | 103 | # A URL to an icon representing this module. 104 | IconUri = 'https://raw.githubusercontent.com/PowerAruba/PowerArubaCP/master/Medias/PowerArubaCP.png' 105 | 106 | # ReleaseNotes of this module 107 | # ReleaseNotes = '' 108 | 109 | } # End of PSData hashtable 110 | 111 | } # End of PrivateData hashtable 112 | 113 | # HelpInfo URI of this module 114 | # HelpInfoURI = '' 115 | 116 | # Default prefix for commands exported from this module. Override the default prefix using Import-Module -Prefix. 117 | # DefaultCommandPrefix = '' 118 | 119 | } 120 | 121 | -------------------------------------------------------------------------------- /PowerArubaCP/PowerArubaCP.psm1: -------------------------------------------------------------------------------- 1 | #Get public and private function definition files. 2 | $Public = @( Get-ChildItem -Path $PSScriptRoot\Public\*.ps1 -ErrorAction SilentlyContinue ) 3 | $Private = @( Get-ChildItem -Path $PSScriptRoot\Private\*.ps1 -ErrorAction SilentlyContinue ) 4 | 5 | #Dot source the files 6 | Foreach ($import in @($Public + $Private)) { 7 | Try { 8 | . $import.fullname 9 | } 10 | Catch { 11 | Write-Error -Message "Failed to import function $($import.fullname): $_" 12 | } 13 | } 14 | 15 | # Here I might... 16 | # Read in or create an initial config file and variable 17 | # Export Public functions ($Public.BaseName) for WIP modules 18 | # Set variables visible to the module and its functions only 19 | 20 | #Export-ModuleMember -Function $Public.Basename -------------------------------------------------------------------------------- /PowerArubaCP/Private/Confirm.ps1: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2019, Alexis La Goutte 3 | # 4 | # SPDX-License-Identifier: Apache-2.0 5 | # 6 | 7 | Function Confirm-ArubaCPApiClient { 8 | 9 | Param ( 10 | [Parameter (Mandatory = $true)] 11 | [object]$argument 12 | ) 13 | 14 | #Check if it looks like an Api Client element 15 | 16 | if ( -not ( $argument | get-member -name client_id -Membertype Properties)) { 17 | throw "Element specified does not contain a client_id property." 18 | } 19 | if ( -not ( $argument | get-member -name client_secret -Membertype Properties)) { 20 | throw "Element specified does not contain a client_secret property." 21 | } 22 | if ( -not ( $argument | get-member -name grant_types -Membertype Properties)) { 23 | throw "Element specified does not contain a grant_types property." 24 | } 25 | if ( -not ( $argument | get-member -name profile_id -Membertype Properties)) { 26 | throw "Element specified does not contain a profile_id property." 27 | } 28 | $true 29 | 30 | } 31 | Function Confirm-ArubaCPApplicationLicense { 32 | 33 | Param ( 34 | [Parameter (Mandatory = $true)] 35 | [object]$argument 36 | ) 37 | 38 | #Check if it looks like an Application License element 39 | 40 | if ( -not ( $argument | get-member -name id -Membertype Properties)) { 41 | throw "Element specified does not contain an id property." 42 | } 43 | if ( -not ( $argument | get-member -name product_id -Membertype Properties)) { 44 | throw "Element specified does not contain a product_id property." 45 | } 46 | if ( -not ( $argument | get-member -name product_name -Membertype Properties)) { 47 | throw "Element specified does not contain a product_name property." 48 | } 49 | if ( -not ( $argument | get-member -name license_key -Membertype Properties)) { 50 | throw "Element specified does not contain a license_key property." 51 | } 52 | if ( -not ( $argument | get-member -name license_type -Membertype Properties)) { 53 | throw "Element specified does not contain a license_type property." 54 | } 55 | if ( -not ( $argument | get-member -name user_count -Membertype Properties)) { 56 | throw "Element specified does not contain an user_count property." 57 | } 58 | if ( -not ( $argument | get-member -name license_added_on -Membertype Properties)) { 59 | throw "Element specified does not contain a license_added_on property." 60 | } 61 | if ( -not ( $argument | get-member -name activation_status -Membertype Properties)) { 62 | throw "Element specified does not contain an activation_status property." 63 | } 64 | $true 65 | 66 | } 67 | 68 | Function Confirm-ArubaCPEndpoint { 69 | 70 | Param ( 71 | [Parameter (Mandatory = $true)] 72 | [object]$argument 73 | ) 74 | 75 | #Check if it looks like an EndPoint element 76 | 77 | if ( -not ( $argument | get-member -name id -Membertype Properties)) { 78 | throw "Element specified does not contain an id property." 79 | } 80 | if ( -not ( $argument | get-member -name mac_address -Membertype Properties)) { 81 | throw "Element specified does not contain a product_id property." 82 | } 83 | if ( -not ( $argument | get-member -name status -Membertype Properties)) { 84 | throw "Element specified does not contain a status property." 85 | } 86 | if ( -not ( $argument | get-member -name attributes -Membertype Properties)) { 87 | throw "Element specified does not contain an attributes property." 88 | } 89 | $true 90 | 91 | } 92 | 93 | 94 | function Confirm-ArubaCPLocalUser { 95 | 96 | Param ( 97 | [Parameter (Mandatory = $true)] 98 | [object]$argument 99 | ) 100 | 101 | #Check if it looks like a Local User (lu) element 102 | 103 | if ( -not ( $argument | get-member -name id -Membertype Properties)) { 104 | throw "Element specified does not contain an id property." 105 | } 106 | if ( -not ( $argument | get-member -name user_id -Membertype Properties)) { 107 | throw "Element specified does not contain an user_id property." 108 | } 109 | if ( -not ( $argument | get-member -name username -Membertype Properties)) { 110 | throw "Element specified does not contain an username property." 111 | } 112 | if ( -not ( $argument | get-member -name role_name -Membertype Properties)) { 113 | throw "Element specified does not contain a role_name property." 114 | } 115 | if ( -not ( $argument | get-member -name change_pwd_next_login -Membertype Properties)) { 116 | throw "Element specified does not contain a change_pwd_next_login property." 117 | } 118 | $true 119 | 120 | } 121 | 122 | Function Confirm-ArubaCPNetworkDevice { 123 | 124 | Param ( 125 | [Parameter (Mandatory = $true)] 126 | [object]$argument 127 | ) 128 | 129 | #Check if it looks like an Network Device (NAS) element 130 | 131 | if ( -not ( $argument | get-member -name id -Membertype Properties)) { 132 | throw "Element specified does not contain an id property." 133 | } 134 | if ( -not ( $argument | get-member -name name -Membertype Properties)) { 135 | throw "Element specified does not contain a name property." 136 | } 137 | if ( -not ( $argument | get-member -name ip_address -Membertype Properties)) { 138 | throw "Element specified does not contain an ip_address property." 139 | } 140 | if ( -not ( $argument | get-member -name radius_secret -Membertype Properties)) { 141 | throw "Element specified does not contain a radius_secret property." 142 | } 143 | if ( -not ( $argument | get-member -name tacacs_secret -Membertype Properties)) { 144 | throw "Element specified does not contain a tacacs_secret property." 145 | } 146 | if ( -not ( $argument | get-member -name vendor_name -Membertype Properties)) { 147 | throw "Element specified does not contain a vendor_name property." 148 | } 149 | if ( -not ( $argument | get-member -name coa_capable -Membertype Properties)) { 150 | throw "Element specified does not contain a coa_capable property." 151 | } 152 | if ( -not ( $argument | get-member -name coa_port -Membertype Properties)) { 153 | throw "Element specified does not contain a coa_port property." 154 | } 155 | $true 156 | 157 | } 158 | 159 | function Confirm-ArubaCPNetworkDeviceGroup { 160 | 161 | Param ( 162 | [Parameter (Mandatory = $true)] 163 | [object]$argument 164 | ) 165 | 166 | #Check if it looks like an Network Device Group (NDG) element 167 | 168 | if ( -not ( $argument | get-member -name id -Membertype Properties)) { 169 | throw "Element specified does not contain an id property." 170 | } 171 | if ( -not ( $argument | get-member -name name -Membertype Properties)) { 172 | throw "Element specified does not contain a name property." 173 | } 174 | if ( -not ( $argument | get-member -name group_format -Membertype Properties)) { 175 | throw "Element specified does not contain a group_format property." 176 | } 177 | if ( -not ( $argument | get-member -name value -Membertype Properties)) { 178 | throw "Element specified does not contain a value property." 179 | } 180 | $true 181 | 182 | } 183 | 184 | Function Confirm-ArubaCPServerCertificate { 185 | 186 | Param ( 187 | [Parameter (Mandatory = $true)] 188 | [object]$argument 189 | ) 190 | 191 | #Check if it looks like an Server Certificate element 192 | 193 | if ( -not ( $argument | get-member -name service_id -Membertype Properties)) { 194 | throw "Element specified does not contain a service_id property." 195 | } 196 | if ( -not ( $argument | get-member -name service_name -Membertype Properties)) { 197 | throw "Element specified does not contain a service_name property." 198 | } 199 | if ( -not ( $argument | get-member -name certificate_type -Membertype Properties)) { 200 | throw "Element specified does not contain a certificate_type property." 201 | } 202 | if ( -not ( $argument | get-member -name subject -Membertype Properties)) { 203 | throw "Element specified does not contain a subject property." 204 | } 205 | if ( -not ( $argument | get-member -name expiry_date -Membertype Properties)) { 206 | throw "Element specified does not contain an expiry_date property." 207 | } 208 | if ( -not ( $argument | get-member -name issue_date -Membertype Properties)) { 209 | throw "Element specified does not contain an issue_date property." 210 | } 211 | if ( -not ( $argument | get-member -name issued_by -Membertype Properties)) { 212 | throw "Element specified does not contain an issued_by property." 213 | } 214 | if ( -not ( $argument | get-member -name validity -Membertype Properties)) { 215 | throw "Element specified does not contain a validity property." 216 | } 217 | if ( -not ( $argument | get-member -name root_ca_cert -Membertype Properties)) { 218 | throw "Element specified does not contain a root_ca_cert property." 219 | } 220 | if ( -not ( $argument | get-member -name intermediate_ca_cert -Membertype Properties)) { 221 | throw "Element specified does not contain an intermediate_ca_cert property." 222 | } 223 | if ( -not ( $argument | get-member -name cert_file -Membertype Properties)) { 224 | throw "Element specified does not contain a cert_file property." 225 | } 226 | if ( -not ( $argument | get-member -name enabled -Membertype Properties)) { 227 | throw "Element specified does not contain a enabled property." 228 | } 229 | $true 230 | 231 | } 232 | Function Confirm-ArubaCPRole { 233 | 234 | Param ( 235 | [Parameter (Mandatory = $true)] 236 | [object]$argument 237 | ) 238 | 239 | #Check if it looks like a Role element 240 | 241 | if ( -not ( $argument | get-member -name id -Membertype Properties)) { 242 | throw "Element specified does not contain an id property." 243 | } 244 | if ( -not ( $argument | get-member -name name -Membertype Properties)) { 245 | throw "Element specified does not contain a name property." 246 | } 247 | #if ( -not ( $argument | get-member -name description -Membertype Properties)) { 248 | # throw "Element specified does not contain a description property." 249 | #} 250 | $true 251 | 252 | } 253 | 254 | Function Confirm-ArubaCPService { 255 | 256 | Param ( 257 | [Parameter (Mandatory = $true)] 258 | [object]$argument 259 | ) 260 | 261 | #Check if it looks like an Service element 262 | 263 | if ( -not ( $argument | get-member -name id -Membertype Properties)) { 264 | throw "Element specified does not contain an id property." 265 | } 266 | if ( -not ( $argument | get-member -name name -Membertype Properties)) { 267 | throw "Element specified does not contain a name property." 268 | } 269 | if ( -not ( $argument | get-member -name type -Membertype Properties)) { 270 | throw "Element specified does not contain a type property." 271 | } 272 | if ( -not ( $argument | get-member -name template -Membertype Properties)) { 273 | throw "Element specified does not contain a template property." 274 | } 275 | if ( -not ( $argument | get-member -name enabled -Membertype Properties)) { 276 | throw "Element specified does not contain an enabled property." 277 | } 278 | # orderNo is now order_no with CPPM 6.10.x 279 | #if ( -not ( $argument | get-member -name orderNo -Membertype Properties)) { 280 | # throw "Element specified does not contain an orderNo property." 281 | #} 282 | $true 283 | 284 | } 285 | 286 | Function Confirm-ArubaCPStaticHostList { 287 | 288 | Param ( 289 | [Parameter (Mandatory = $true)] 290 | [object]$argument 291 | ) 292 | 293 | #Check if it looks like an Static Host List element 294 | 295 | if ( -not ( $argument | get-member -name id -Membertype Properties)) { 296 | throw "Element specified does not contain an id property." 297 | } 298 | if ( -not ( $argument | get-member -name name -Membertype Properties)) { 299 | throw "Element specified does not contain a name property." 300 | } 301 | if ( -not ( $argument | get-member -name host_format -Membertype Properties)) { 302 | throw "Element specified does not contain a host_format property." 303 | } 304 | if ( -not ( $argument | get-member -name host_type -Membertype Properties)) { 305 | throw "Element specified does not contain a host_type property." 306 | } 307 | $true 308 | 309 | } -------------------------------------------------------------------------------- /PowerArubaCP/Private/Exception.ps1: -------------------------------------------------------------------------------- 1 | 2 | # 3 | # Copyright 2018, Alexis La Goutte 4 | # 5 | # SPDX-License-Identifier: Apache-2.0 6 | # 7 | function Show-ArubaCPException() { 8 | Param( 9 | [parameter(Mandatory = $true)] 10 | $Exception 11 | ) 12 | 13 | #Check if certificate is valid 14 | if ($Exception.Exception.InnerException) { 15 | $exceptiontype = $Exception.Exception.InnerException.GetType() 16 | if ("AuthenticationException" -eq $exceptiontype.name) { 17 | Write-Warning "Invalid certificat (Untrusted, wrong date, invalid name...)" 18 | Write-Warning "Try to use Connect-ArubaCP -SkipCertificateCheck for connection" 19 | throw "Unable to connect (certificate)" 20 | } 21 | } 22 | 23 | If ($Exception.Exception.Response) { 24 | if ("Desktop" -eq $PSVersionTable.PSEdition) { 25 | $result = $Exception.Exception.Response.GetResponseStream() 26 | $reader = New-Object System.IO.StreamReader($result) 27 | $responseBody = $reader.ReadToEnd() 28 | $responseJson = $responseBody | ConvertFrom-Json 29 | $code = $Exception.Exception.Response.StatusDescription 30 | } 31 | else { 32 | $code = $Exception.Exception.Response.ReasonPhrase 33 | } 34 | 35 | Write-Warning "The ClearPass API sends an error message:" 36 | Write-Warning "Error description (code): $($code) ($($Exception.Exception.Response.StatusCode.Value__))" 37 | if ($responseBody) { 38 | if ($responseJson.message) { 39 | Write-Warning "Error details: $($responseJson.message)" 40 | } 41 | else { 42 | Write-Warning "Error details: $($responseBody)" 43 | } 44 | } 45 | elseif ($Exception.ErrorDetails.Message) { 46 | $ErrorDetails = $Exception.ErrorDetails.Message | ConvertFrom-Json 47 | if ($ErrorDetails.detail) { 48 | Write-Warning "Error details: $($ErrorDetails.detail)" 49 | } 50 | else { 51 | Write-Warning "Error details: $($Exception.ErrorDetails.Message)" 52 | } 53 | 54 | } 55 | } 56 | } -------------------------------------------------------------------------------- /PowerArubaCP/Private/Format.ps1: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2018-2020, Alexis La Goutte 3 | # 4 | # SPDX-License-Identifier: Apache-2.0 5 | # 6 | 7 | function Format-ArubaCPMacAddress { 8 | 9 | <# 10 | .SYNOPSIS 11 | Format Mac Address 12 | 13 | .DESCRIPTION 14 | Format Mac Address 15 | 16 | .EXAMPLE 17 | Format-ArubaCPMacAddress 00:01:02:03:04:05 18 | 19 | Format Mac Address (Remove Dash, Colon, dots Whitespace....) 20 | 21 | #> 22 | Param( 23 | [Parameter (Mandatory = $true)] 24 | [string]$mac 25 | ) 26 | 27 | #From https://github.com/lazywinadmin/PowerShell/blob/master/TOOL-Clean-MacAddress/Clean-MacAddress.ps1 28 | $mac_clean = $mac 29 | $mac_clean = $mac_clean -replace "-", "" #Replace Dash 30 | $mac_clean = $mac_clean -replace ":", "" #Replace Colon 31 | $mac_clean = $mac_clean -replace "/s", "" #Remove whitespace 32 | $mac_clean = $mac_clean -replace " ", "" #Remove whitespace 33 | $mac_clean = $mac_clean -replace "\.", "" #Remove dots 34 | $mac_clean = $mac_clean.trim() #Remove space at the beginning 35 | $mac_clean = $mac_clean.trimend() #Remove space at the end 36 | 37 | $mac_clean 38 | } -------------------------------------------------------------------------------- /PowerArubaCP/Private/MaskCidr.ps1: -------------------------------------------------------------------------------- 1 | 2 | # 3 | # Copyright 2018-2021, Alexis La Goutte 4 | # 5 | # SPDX-License-Identifier: Apache-2.0 6 | # 7 | 8 | function Convert-ArubaCPCIDR2Mask { 9 | 10 | <# 11 | .SYNOPSIS 12 | Convert a CIDR to Mask 13 | 14 | .DESCRIPTION 15 | Convert a CIDR to Mask 16 | 17 | .EXAMPLE 18 | Convert-ArubaCPCIDR2Mask 24 19 | 20 | Convert a CIDR (24) to Mask (255.255.255.0) 21 | 22 | #> 23 | Param( 24 | [Parameter (Mandatory = $true, ValueFromPipeline)] 25 | [int]$cidr 26 | ) 27 | 28 | Process { 29 | switch ($cidr) { 30 | "0" { 31 | $subnet = '0.0.0.0' 32 | } 33 | "1" { 34 | $subnet = '128.0.0.0' 35 | } 36 | "2" { 37 | $subnet = '192.0.0.0' 38 | } 39 | "3" { 40 | $subnet = '224.0.0.0' 41 | } 42 | "4" { 43 | $subnet = '240.0.0.0' 44 | } 45 | "5" { 46 | $subnet = '248.0.0.0' 47 | } 48 | "6" { 49 | $subnet = '252.0.0.0' 50 | } 51 | "7" { 52 | $subnet = '254.0.0.0' 53 | } 54 | "8" { 55 | $subnet = '255.0.0.0' 56 | } 57 | "9" { 58 | $subnet = '255.128.0.0' 59 | } 60 | "10" { 61 | $subnet = '255.192.0.0' 62 | } 63 | "11" { 64 | $subnet = '255.224.0.0' 65 | } 66 | "12" { 67 | $subnet = '255.240.0.0' 68 | } 69 | "13" { 70 | $subnet = '255.248.0.0' 71 | } 72 | "14" { 73 | $subnet = '255.252.0.0' 74 | } 75 | "15" { 76 | $subnet = '255.254.0.0' 77 | } 78 | "16" { 79 | $subnet = '255.255.0.0' 80 | } 81 | "17" { 82 | $subnet = '255.255.128.0' 83 | } 84 | "18" { 85 | $subnet = '255.255.192.0' 86 | } 87 | "19" { 88 | $subnet = '255.255.224.0' 89 | } 90 | "20" { 91 | $subnet = '255.255.240.0' 92 | } 93 | "21" { 94 | $subnet = '255.255.248.0' 95 | } 96 | "22" { 97 | $subnet = '255.255.252.0' 98 | } 99 | "23" { 100 | $subnet = '255.255.254.0' 101 | } 102 | "24" { 103 | $subnet = '255.255.255.0' 104 | } 105 | "25" { 106 | $subnet = '255.255.255.128' 107 | } 108 | "26" { 109 | $subnet = '255.255.255.192' 110 | } 111 | "27" { 112 | $subnet = '255.255.255.224' 113 | } 114 | "28" { 115 | $subnet = '255.255.255.240' 116 | } 117 | "29" { 118 | $subnet = '255.255.255.248' 119 | } 120 | "30" { 121 | $subnet = '255.255.255.252' 122 | } 123 | "31" { 124 | $subnet = '255.255.255.254' 125 | } 126 | "32" { 127 | $subnet = '255.255.255.255' 128 | } 129 | } 130 | 131 | $subnet 132 | } 133 | } 134 | -------------------------------------------------------------------------------- /PowerArubaCP/Private/RestMethod.ps1: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2018, Alexis La Goutte 3 | # 4 | # SPDX-License-Identifier: Apache-2.0 5 | # 6 | 7 | function Invoke-ArubaCPRestMethod { 8 | 9 | <# 10 | .SYNOPSIS 11 | Invoke RestMethod with ArubaCP connection (internal) variable 12 | 13 | .DESCRIPTION 14 | Invoke RestMethod with ArubaCP connection variable (token, csrf..) 15 | 16 | .EXAMPLE 17 | Invoke-ArubaCPRestMethod -method "get" -uri "api/cppm-version" 18 | 19 | Invoke-RestMethod with ArubaCP connection for get api/cppm-version 20 | 21 | .EXAMPLE 22 | Invoke-ArubaCPRestMethod "api/cppm-version" 23 | 24 | Invoke-RestMethod with ArubaCP connection for get api/cppm-version uri with default GET method parameter 25 | 26 | .EXAMPLE 27 | Invoke-ArubaCPRestMethod -method "post" -uri "api/cppm-version" -body $body 28 | 29 | Invoke-RestMethod with ArubaCP connection for post api/cppm-version uri with $body payload 30 | 31 | .EXAMPLE 32 | Invoke-ArubaCPRestMethod -method "post" -uri "api/cppm-version" -body $body 33 | 34 | Invoke-RestMethod with ArubaCP connection for post api/cppm-version uri with $body payload 35 | 36 | .EXAMPLE 37 | Invoke-ArubaCPRestMethod -method "get" -uri "api/network-device" -limit 1000 38 | 39 | Invoke-RestMethod with ArubaCP connection for get api/network-device uri with limit to 1000 40 | 41 | .EXAMPLE 42 | Invoke-ArubaCPRestMethod -method "get" -uri "api/network-device" -filter @{ "name" = "PowerArubaCP" } 43 | 44 | Invoke-RestMethod with ArubaCP connection for get api/network-device uri with filter name equal PowerArubaCP 45 | 46 | .EXAMPLE 47 | Invoke-ArubaCPRestMethod -method "get" -uri "api/network-device" -filter @{ "name" = @{ "`$contains" = "PowerArubaCP" } } 48 | 49 | Invoke-RestMethod with ArubaCP connection for get api/network-device uri with filter name contains PowerArubaCP 50 | #> 51 | 52 | Param( 53 | [Parameter(Mandatory = $true, position = 1)] 54 | [String]$uri, 55 | [Parameter(Mandatory = $false)] 56 | [ValidateSet("GET", "PUT", "POST", "DELETE", "PATCH")] 57 | [String]$method = "GET", 58 | [Parameter(Mandatory = $false)] 59 | [psobject]$body, 60 | [Parameter(Mandatory = $false)] 61 | [ValidateRange(1, 1000)] 62 | [int]$limit, 63 | [Parameter(Mandatory = $false)] 64 | [array]$filter, 65 | [Parameter(Mandatory = $false)] 66 | [psobject]$connection = $DefaultArubaCPConnection 67 | ) 68 | 69 | Begin { 70 | } 71 | 72 | Process { 73 | 74 | if ($null -eq $connection) { 75 | Throw "Not Connected. Connect to the ClearPass with Connect-ArubaCP" 76 | } 77 | 78 | $port = $connection.port 79 | $Server = $connection.Server 80 | $invokeParams = $connection.invokeParams 81 | $fullurl = "https://${Server}:${port}/${uri}" 82 | 83 | if ($fullurl -NotMatch "\?") { 84 | $fullurl += "?" 85 | } 86 | 87 | #Add calculate_count to each get command to get the number of 88 | if ($method -eq "GET") { 89 | $fullurl += "&calculate_count=true" 90 | } 91 | if ($limit) { 92 | $fullurl += "&limit=$limit" 93 | } 94 | if ($filter) { 95 | $fullurl += "&filter=$($filter | ConvertTo-Json -Compress)" 96 | } 97 | 98 | #Display (Full)url when verbose (not longer available with PS 7.2.x...) 99 | Write-Verbose $fullurl 100 | 101 | #When headers, We need to have Accept set to application/json... 102 | $headers = @{ Authorization = "Bearer " + $connection.token; Accept = "application/json" } 103 | 104 | try { 105 | if ($body) { 106 | 107 | #Add Content-Type to application/json only when there is a body 108 | 109 | $headers.add("Content-type", "application/json") 110 | 111 | Write-Verbose ($body | ConvertTo-Json -depth 10) 112 | 113 | $response = Invoke-RestMethod $fullurl -Method $method -body ($body | ConvertTo-Json -depth 10 -Compress) -Headers $headers @invokeParams 114 | } 115 | else { 116 | $response = Invoke-RestMethod $fullurl -Method $method -Headers $headers @invokeParams 117 | } 118 | } 119 | 120 | catch { 121 | Show-ArubaCPException $_ 122 | throw "Unable to use ClearPass API" 123 | } 124 | #Only if limit is no set and $response._embedded.items(.count) is not empty 125 | if (-Not $limit -and $response._embedded.items.count) { 126 | #Check if number a item calculate by CPPM (calculate_count) is superior to return item (and generate a warning about use -limit) 127 | if ($response.count -gt $response._embedded.items.count) { 128 | Write-Warning "There is extra items use -limit parameter to display" 129 | } 130 | } 131 | $response 132 | 133 | } 134 | 135 | } 136 | -------------------------------------------------------------------------------- /PowerArubaCP/Private/SSL.ps1: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2018, Alexis La Goutte 3 | # 4 | # SPDX-License-Identifier: Apache-2.0 5 | # 6 | Function Set-ArubaCPuntrustedSSL { 7 | 8 | [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSUseShouldProcessforStateChangingFunctions", "")] 9 | Param( ) 10 | # Hack for allowing untrusted SSL certs with https connexions 11 | Add-Type -TypeDefinition @" 12 | using System.Net; 13 | using System.Security.Cryptography.X509Certificates; 14 | public class TrustAllCertsPolicy : ICertificatePolicy { 15 | public bool CheckValidationResult( 16 | ServicePoint srvPoint, X509Certificate certificate, 17 | WebRequest request, int certificateProblem) { 18 | return true; 19 | } 20 | } 21 | "@ 22 | 23 | [System.Net.ServicePointManager]::CertificatePolicy = New-Object -TypeName TrustAllCertsPolicy 24 | 25 | } 26 | 27 | Function Set-ArubaCPCipherSSL { 28 | 29 | [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSUseShouldProcessforStateChangingFunctions", "")] 30 | Param( ) 31 | # Hack for allowing TLS 1.1 and TLS 1.2 (by default it is only SSL3 and TLS (1.0)) 32 | $AllProtocols = [System.Net.SecurityProtocolType]'Ssl3,Tls,Tls11,Tls12' 33 | [System.Net.ServicePointManager]::SecurityProtocol = $AllProtocols 34 | 35 | } -------------------------------------------------------------------------------- /PowerArubaCP/Public/ApiClient.ps1: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2018-2020, Alexis La Goutte 3 | # 4 | # SPDX-License-Identifier: Apache-2.0 5 | # 6 | 7 | function Add-ArubaCPApiClient { 8 | 9 | <# 10 | .SYNOPSIS 11 | Add an API Client on ClearPass 12 | 13 | .DESCRIPTION 14 | Add an API Client with client id, client secret, grand_types... 15 | 16 | .EXAMPLE 17 | Add-ArubaCPApiClient -client_id Client1 -grant_types client_credentials -profile_id 1 18 | 19 | Add API Client Client1 type client_credentials with profile id 1 (Super Administrator) 20 | 21 | .EXAMPLE 22 | Add-ArubaCPApiClient -client_id Client2 -client_secret mySecret -client_description "Add via PowerArubaCP" -grant_types client_credentials -profile_id 1 23 | 24 | Add API Client Client2 with Client Secret mySecret and client description "Add Via PowerArubaCP" 25 | 26 | .EXAMPLE 27 | Add-ArubaCPApiClient -client_id Client3 -grant_types client_credentials -profile_id 1 -enabled:$false 28 | 29 | Add API Client Client3 with enabled status to disabled 30 | #> 31 | 32 | Param( 33 | [Parameter (Mandatory = $false)] 34 | [int]$id, 35 | [Parameter (Mandatory = $true)] 36 | [string]$client_id, 37 | [Parameter (Mandatory = $false)] 38 | [string]$client_secret, 39 | [Parameter (Mandatory = $false)] 40 | [string]$client_description, 41 | [Parameter (Mandatory = $true)] 42 | [ValidateSet('client_credentials', 'password')] 43 | [string]$grant_types, 44 | [Parameter (Mandatory = $true)] 45 | [string]$profile_id, 46 | [Parameter (Mandatory = $false)] 47 | [switch]$enabled, 48 | [Parameter (Mandatory = $False)] 49 | [ValidateNotNullOrEmpty()] 50 | [PSObject]$connection = $DefaultArubaCPConnection 51 | ) 52 | 53 | Begin { 54 | } 55 | 56 | Process { 57 | 58 | $uri = "api/api-client" 59 | 60 | $_ac = new-Object -TypeName PSObject 61 | 62 | if ( $PsBoundParameters.ContainsKey('id') ) { 63 | $_ac | add-member -name "id" -membertype NoteProperty -Value $id 64 | } 65 | 66 | $_ac | add-member -name "client_id" -membertype NoteProperty -Value $client_id 67 | 68 | if ( $PsBoundParameters.ContainsKey('client_description') ) { 69 | $_ac | add-member -name "client_description" -membertype NoteProperty -Value $client_description 70 | } 71 | 72 | if ( $PsBoundParameters.ContainsKey('client_secret') ) { 73 | $_ac | add-member -name "client_secret" -membertype NoteProperty -Value $client_secret 74 | } 75 | 76 | $_ac | add-member -name "grant_types" -membertype NoteProperty -Value $grant_types 77 | 78 | $_ac | add-member -name "profile_id" -membertype NoteProperty -Value $profile_id 79 | 80 | if ( $PsBoundParameters.ContainsKey('enabled') ) { 81 | if ( $enabled ) { 82 | $_ac | add-member -name "enabled" -membertype NoteProperty -Value $True 83 | } 84 | else { 85 | $_ac | add-member -name "enabled" -membertype NoteProperty -Value $false 86 | } 87 | } 88 | 89 | $ac = invoke-ArubaCPRestMethod -method "POST" -body $_ac -uri $uri -connection $connection 90 | $ac 91 | } 92 | 93 | End { 94 | } 95 | } 96 | function Get-ArubaCPApiClient { 97 | 98 | <# 99 | .SYNOPSIS 100 | Get API Client info on CPPM 101 | 102 | .DESCRIPTION 103 | Get API Client (Client Id, Client Secret, Grand Types...) 104 | 105 | .EXAMPLE 106 | Get-ArubaCPApiClient 107 | 108 | Get ALL API Client on the Clearpass 109 | 110 | .EXAMPLE 111 | Get-ArubaCPApiClient -client_id PowerArubaCP 112 | 113 | Get info about API Client ID PowerArubaCP Aruba on the ClearPass 114 | 115 | .EXAMPLE 116 | Get-ArubaCPApiClient -grant_types client_cretendials 117 | 118 | Get info about API Client Grant Types equal client_credentials on the ClearPass 119 | 120 | .EXAMPLE 121 | Get-ArubaCApiClient -id 23 122 | 123 | Get info about API id 23 on the ClearPass 124 | 125 | .EXAMPLE 126 | Get-ArubaCPApiClient -client_id PowerArubaCP -filter_type contains 127 | 128 | Get info about API Client where client_id contains PowerArubaCP 129 | 130 | #> 131 | 132 | [CmdLetBinding(DefaultParameterSetName = "Default")] 133 | 134 | Param( 135 | [Parameter (Mandatory = $false)] 136 | [Parameter (ParameterSetName = "id")] 137 | [int]$id, 138 | [Parameter (Mandatory = $false, Position = 1)] 139 | [Parameter (ParameterSetName = "client_id")] 140 | [string]$client_id, 141 | [Parameter (Mandatory = $false)] 142 | [Parameter (ParameterSetName = "grant_types")] 143 | [ValidateSet('client_credentials', 'password')] 144 | [string]$grant_types, 145 | [Parameter (Mandatory = $false)] 146 | [Parameter (ParameterSetName = "filter")] 147 | [string]$filter_attribute, 148 | [Parameter (Mandatory = $false)] 149 | [Parameter (ParameterSetName = "id")] 150 | [Parameter (ParameterSetName = "client_id")] 151 | [Parameter (ParameterSetName = "grant_types")] 152 | [Parameter (ParameterSetName = "filter")] 153 | [ValidateSet('equal', 'contains')] 154 | [string]$filter_type, 155 | [Parameter (Mandatory = $false)] 156 | [Parameter (ParameterSetName = "filter")] 157 | [psobject]$filter_value, 158 | [Parameter (Mandatory = $false)] 159 | [int]$limit, 160 | [Parameter (Mandatory = $False)] 161 | [ValidateNotNullOrEmpty()] 162 | [PSObject]$connection = $DefaultArubaCPConnection 163 | ) 164 | 165 | Begin { 166 | } 167 | 168 | Process { 169 | 170 | $invokeParams = @{ } 171 | if ( $PsBoundParameters.ContainsKey('limit') ) { 172 | $invokeParams.add( 'limit', $limit ) 173 | } 174 | 175 | switch ( $PSCmdlet.ParameterSetName ) { 176 | "id" { 177 | $filter_value = $id 178 | $filter_attribute = "id" 179 | } 180 | "client_id" { 181 | $filter_value = $client_id 182 | $filter_attribute = "client_id" 183 | } 184 | "grant_types" { 185 | $filter_value = $grant_types 186 | $filter_attribute = "grant_types" 187 | } 188 | default { } 189 | } 190 | 191 | if ( $PsBoundParameters.ContainsKey('filter_type') ) { 192 | switch ( $filter_type ) { 193 | "equal" { 194 | $filter_value = @{ "`$eq" = $filter_value } 195 | } 196 | "contains" { 197 | $filter_value = @{ "`$contains" = $filter_value } 198 | } 199 | default { } 200 | } 201 | } 202 | 203 | if ($filter_value -and $filter_attribute) { 204 | $filter = @{ $filter_attribute = $filter_value } 205 | $invokeParams.add( 'filter', $filter ) 206 | } 207 | 208 | $uri = "api/api-client" 209 | 210 | $ac = Invoke-ArubaCPRestMethod -method "GET" -uri $uri @invokeParams -connection $connection 211 | 212 | $ac._embedded.items 213 | } 214 | 215 | End { 216 | } 217 | } 218 | 219 | function Remove-ArubaCPApiClient { 220 | 221 | <# 222 | .SYNOPSIS 223 | Remove an ApiClient on ClearPass 224 | 225 | .DESCRIPTION 226 | Remove an ApiClient on ClearPass 227 | 228 | .EXAMPLE 229 | $ac = Get-ArubaCPApiClient -client_id PowerArubaCP 230 | PS C:\>$ac | Remove-ArubaCPApiClient 231 | 232 | Remove API Client with client id PowerArubaCP 233 | 234 | .EXAMPLE 235 | Remove-ArubaCPEndpoint -id 3001 -confirm:$false 236 | 237 | Remove API Client with id 3001 and no confirmation 238 | #> 239 | 240 | [CmdletBinding(SupportsShouldProcess, ConfirmImpact = 'high')] 241 | Param( 242 | [Parameter (Mandatory = $true, ParameterSetName = "id")] 243 | [string]$id, 244 | [Parameter (Mandatory = $true, ValueFromPipeline = $true, Position = 1, ParameterSetName = "ac")] 245 | [ValidateScript( { Confirm-ArubaCPApiClient $_ })] 246 | [psobject]$ac, 247 | [Parameter (Mandatory = $False)] 248 | [ValidateNotNullOrEmpty()] 249 | [PSObject]$connection = $DefaultArubaCPConnection 250 | ) 251 | 252 | Begin { 253 | } 254 | 255 | Process { 256 | 257 | #get ApiClient id from nad ps object 258 | if ($ac) { 259 | $id = $ac.client_id 260 | } 261 | 262 | $uri = "api/api-client/${id}" 263 | 264 | if ($PSCmdlet.ShouldProcess("$id", 'Remove API Client')) { 265 | Invoke-ArubaCPRestMethod -method "DELETE" -uri $uri -connection $connection 266 | } 267 | } 268 | 269 | End { 270 | } 271 | } -------------------------------------------------------------------------------- /PowerArubaCP/Public/ApplicationLicense.ps1: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2018-2020, Alexis La Goutte 3 | # 4 | # SPDX-License-Identifier: Apache-2.0 5 | # 6 | 7 | function Add-ArubaCPApplicationLicense { 8 | 9 | <# 10 | .SYNOPSIS 11 | Add Application License info on CPPM 12 | 13 | .DESCRIPTION 14 | Add Application License (Name/Type and Key) 15 | 16 | .EXAMPLE 17 | Add-ArubaCPApplicationLicense -product_name Access -license_key XXXXXXX 18 | 19 | Add an Application license type Access with license key XXXXXXX 20 | 21 | #> 22 | 23 | Param( 24 | [Parameter (Mandatory = $true)] 25 | [ValidateSet('Access', 'Access Upgrade', 'Entry', 'Onboard', 'OnGuard', IgnoreCase = $false)] 26 | [string]$product_name, 27 | [Parameter (Mandatory = $true)] 28 | [string]$license_key, 29 | [Parameter (Mandatory = $False)] 30 | [ValidateNotNullOrEmpty()] 31 | [PSObject]$connection = $DefaultArubaCPConnection 32 | ) 33 | 34 | Begin { 35 | } 36 | 37 | Process { 38 | 39 | $uri = "api/application-license" 40 | 41 | $_al = New-Object psobject 42 | 43 | $_al | Add-Member -name "product_name" -MemberType NoteProperty -Value $product_name 44 | 45 | $_al | Add-Member -name "license_key" -MemberType NoteProperty -Value $license_key 46 | 47 | $al = Invoke-ArubaCPRestMethod -method "POST" -body $_al -uri $uri -connection $connection 48 | $al 49 | } 50 | 51 | End { 52 | } 53 | } 54 | 55 | function Get-ArubaCPApplicationLicense { 56 | 57 | <# 58 | .SYNOPSIS 59 | Get Application License info on CPPM 60 | 61 | .DESCRIPTION 62 | Get Application License (Id, Name, Type, User Count...) 63 | 64 | .EXAMPLE 65 | Get-ArubaCPApplicationLicense 66 | 67 | Get ALL Application License on the Clearpass 68 | 69 | .EXAMPLE 70 | Get-ArubaCPApplicationLicense -id 3001 71 | 72 | Get info about Application License where id equal 3001 73 | 74 | .EXAMPLE 75 | Get-ArubaCPApplicationLicense -product_name Access 76 | 77 | Get info about Application License where product_name is Access 78 | 79 | .EXAMPLE 80 | Get-ArubaCPApplicationLicense -license_type Evaluation 81 | 82 | Get info about Application License where license type is Evaluation 83 | 84 | #> 85 | 86 | [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSReviewUnusedParameter", '')] #False positive see https://github.com/PowerShell/PSScriptAnalyzer/issues/1472 87 | [CmdLetBinding(DefaultParameterSetName = "Default")] 88 | 89 | Param( 90 | [Parameter (Mandatory = $false, ParameterSetName = "id")] 91 | [int]$id, 92 | [Parameter (Mandatory = $false, ParameterSetName = "product_name")] 93 | [ValidateSet('Access', 'Access Upgrade', 'Entry', 'Onboard', 'OnGuard', IgnoreCase = $false)] 94 | [string]$product_name, 95 | [Parameter (Mandatory = $false, ParameterSetName = "license_type")] 96 | [ValidateSet('Evaluation', 'Permanent', IgnoreCase = $false)] 97 | [string]$license_type, 98 | [Parameter (Mandatory = $False)] 99 | [ValidateNotNullOrEmpty()] 100 | [PSObject]$connection = $DefaultArubaCPConnection 101 | ) 102 | 103 | Begin { 104 | } 105 | 106 | Process { 107 | 108 | if ($connection.version -lt [version]"6.8.0") { 109 | throw "Need ClearPass >= 6.8.0 for use this cmdlet" 110 | } 111 | 112 | $uri = "api/application-license" 113 | 114 | $al = Invoke-ArubaCPRestMethod -method "GET" -uri $uri -connection $connection 115 | 116 | switch ( $PSCmdlet.ParameterSetName ) { 117 | "id" { $al._embedded.items | Where-Object { $_.id -eq $id } } 118 | "product_name" { $al._embedded.items | Where-Object { $_.product_name -eq $product_name } } 119 | "license_type" { $al._embedded.items | Where-Object { $_.license_type -eq $license_type } } 120 | default { $al._embedded.items } 121 | } 122 | } 123 | 124 | End { 125 | } 126 | } 127 | 128 | function Remove-ArubaCPApplicationLicense { 129 | 130 | <# 131 | .SYNOPSIS 132 | Remove an Application License on ClearPass 133 | 134 | .DESCRIPTION 135 | Remove an Application License) on ClearPass 136 | 137 | .EXAMPLE 138 | $al = Get-ArubaCPApplicationLicense -product_name Access 139 | PS C:\>$al | Remove-ArubaCPApplicationLicense 140 | 141 | Remove Application License type Access 142 | 143 | .EXAMPLE 144 | Remove-ArubaCPApplicationLicense -id 3001 -confirm:$false 145 | 146 | Remove Application License id 3001 with no confirmation 147 | #> 148 | 149 | [CmdletBinding(SupportsShouldProcess, ConfirmImpact = 'high')] 150 | Param( 151 | [Parameter (Mandatory = $true, ParameterSetName = "id")] 152 | [int]$id, 153 | [Parameter (Mandatory = $true, ValueFromPipeline = $true, Position = 1, ParameterSetName = "al")] 154 | [ValidateScript( { Confirm-ArubaCPApplicationLicense $_ })] 155 | [psobject]$al, 156 | [Parameter (Mandatory = $False)] 157 | [ValidateNotNullOrEmpty()] 158 | [PSObject]$connection = $DefaultArubaCPConnection 159 | ) 160 | 161 | Begin { 162 | } 163 | 164 | Process { 165 | 166 | #get Application License id from al ps object 167 | if ($al) { 168 | $id = $al.id 169 | $name = "(" + $al.product_name + ")" 170 | } 171 | 172 | $uri = "api/application-license/${id}" 173 | 174 | if ($PSCmdlet.ShouldProcess("$id $name", 'Remove Application License')) { 175 | Invoke-ArubaCPRestMethod -method "DELETE" -uri $uri -connection $connection 176 | } 177 | } 178 | 179 | End { 180 | } 181 | } -------------------------------------------------------------------------------- /PowerArubaCP/Public/Attributes.ps1: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2022, Alexis La Goutte 3 | # 4 | # SPDX-License-Identifier: Apache-2.0 5 | # 6 | 7 | function Add-ArubaCPAttributesMember { 8 | 9 | <# 10 | .SYNOPSIS 11 | Add an Attribute Member 12 | 13 | .DESCRIPTION 14 | Add an Attribute Member on Endpoint / Local User / Network Device 15 | 16 | .EXAMPLE 17 | Get-ArubaCPEndpoint -mac_address 00:01:02:03:04:05 | Add-ArubaCPAttributesMember -name "Disabled by" -value PowerArubaCP 18 | 19 | Add Attribute name "Disabled By" with value PowerArubaCP to Endpoint 00:01:02:03:04:05 20 | 21 | .EXAMPLE 22 | Get-ArubaCPNetworkDevice -name NAD-PowerArubaCP | Add-ArubaCPAttributesMember -name "Location", "syslocation" -value "PowerArubaCP", "PowerArubaCP" 23 | 24 | Add Attribute name "Location and Syslocation" with value PowerArubaCP to network Device NAD-PowerArubaCP 25 | 26 | .EXAMPLE 27 | Get-ArubaCPLocalUser -user_id MyPowerArubaCP_userid | Add-ArubaCPAttributesMember -attributes @{"Disabled by"="PowerArubaCP"} 28 | 29 | Add Attribute name "Disabled By" with value PowerArubaCP to Local User MyPowerArubaCP_userid 30 | 31 | #> 32 | 33 | Param( 34 | [Parameter (Mandatory = $true, ValueFromPipeline = $true)] 35 | #[ValidateScript( { (Confirm-ArubaCPEndpoint $_) -or (Confirm-ArubaCPNetworkDevice $_) })] 36 | [psobject]$atts, 37 | [Parameter (Mandatory = $true, ParameterSetName = "nv")] 38 | [string[]]$name, 39 | [Parameter (Mandatory = $true, ParameterSetName = "nv")] 40 | [string[]]$value, 41 | [Parameter (Mandatory = $true, ParameterSetName = "att")] 42 | [psobject]$attributes, 43 | [Parameter (Mandatory = $False)] 44 | [ValidateNotNullOrEmpty()] 45 | [PSObject]$connection = $DefaultArubaCPConnection 46 | ) 47 | 48 | Begin { 49 | } 50 | 51 | Process { 52 | 53 | $id = $atts.id 54 | if ($atts.mac_address -and $atts.status) { 55 | $uri = "api/endpoint/${id}" 56 | } 57 | elseif ($atts.user_id -and $atts.role_name) { 58 | $uri = "api/local-user/${id}" 59 | } 60 | elseif ($atts.ip_address -and $atts.vendor_name) { 61 | $uri = "api/network-device/${id}" 62 | } 63 | else { 64 | Throw "Not an Endpoint, a Local User or a Network Device" 65 | } 66 | 67 | if ($PSCmdlet.ParameterSetName -eq "nv") { 68 | if (@($name).count -ne @($value).count) { 69 | Throw "You need to have the same number of name and value parameters" 70 | } 71 | 72 | $attributes = New-Object -TypeName PSObject 73 | $i = 0 74 | foreach ($n in $name) { 75 | $attributes | Add-Member -name $n -MemberType NoteProperty -Value $value[$i] 76 | $i++ 77 | } 78 | 79 | } 80 | 81 | $_att = New-Object -TypeName PSObject 82 | 83 | $_att | Add-Member -name "attributes" -MemberType NoteProperty -Value $attributes 84 | 85 | $att = Invoke-ArubaCPRestMethod -method "PATCH" -body $_att -uri $uri -connection $connection 86 | $att 87 | } 88 | 89 | End { 90 | } 91 | 92 | } 93 | 94 | function Set-ArubaCPAttributesMember { 95 | 96 | <# 97 | .SYNOPSIS 98 | Set an Attribute Member 99 | 100 | .DESCRIPTION 101 | Configure an Attribute Member on Endpoint / Local User / Network Device 102 | Remove existing attributes 103 | 104 | .EXAMPLE 105 | Get-ArubaCPEndpoint -mac_address 00:01:02:03:04:05 | Set-ArubaCPAttributesMember -name "Disabled by" -value PowerArubaCP 106 | 107 | Set Attribute name "Disabled By" with value PowerArubaCP to Endpoint 00:01:02:03:04:05 108 | 109 | .EXAMPLE 110 | Get-ArubaCPNetworkDevice -name NAD-PowerArubaCP | Set-ArubaCPAttributesMember -name "Location", "syslocation" -value "PowerArubaCP", "PowerArubaCP" 111 | 112 | Set Attribute name "Location and Syslocation" with value PowerArubaCP to network Device NAD-PowerArubaCP 113 | 114 | .EXAMPLE 115 | Get-ArubaCPLocalUser -user_id MyPowerArubaCP_userid | Set-ArubaCPAttributesMember -attributes @{"Disabled by"="PowerArubaCP"} 116 | 117 | Set Attribute name "Disabled By" with value PowerArubaCP to Local User MyPowerArubaCP_userid 118 | #> 119 | 120 | [CmdletBinding(SupportsShouldProcess, ConfirmImpact = 'medium')] 121 | Param( 122 | [Parameter (Mandatory = $true, ValueFromPipeline = $true)] 123 | #[ValidateScript( { ( Confirm-ArubaCPEndpoint $_ -or Confirm-ArubaCPNetworkDevice $_) })] 124 | [psobject]$atts, 125 | [Parameter (Mandatory = $true, ParameterSetName = "nv")] 126 | [string[]]$name, 127 | [Parameter (Mandatory = $true, ParameterSetName = "nv")] 128 | [string[]]$value, 129 | [Parameter (Mandatory = $true, ParameterSetName = "att")] 130 | [psobject]$attributes, 131 | [Parameter (Mandatory = $False)] 132 | [ValidateNotNullOrEmpty()] 133 | [PSObject]$connection = $DefaultArubaCPConnection 134 | ) 135 | 136 | Begin { 137 | } 138 | 139 | Process { 140 | 141 | #get atts id from Endpoint/Local User/Network Device PS object 142 | if ($atts) { 143 | $id = $atts.id 144 | $old_name = "(" + $atts.name + ")" 145 | } 146 | 147 | if ($atts.mac_address -and $atts.status) { 148 | $uri = "api/endpoint/${id}" 149 | $delete_value = "--For-Delete--" 150 | } 151 | elseif ($atts.user_id -and $atts.role_name) { 152 | $uri = "api/local-user/${id}" 153 | $delete_value = "" 154 | } 155 | elseif ($atts.ip_address -and $atts.vendor_name) { 156 | $uri = "api/network-device/${id}" 157 | $delete_value = "" 158 | } 159 | else { 160 | Throw "Not an Endpoint, a Local User or a Network Device" 161 | } 162 | 163 | $_att = New-Object -TypeName PSObject 164 | 165 | #Add new name/value (or attributes) 166 | if ($PSCmdlet.ParameterSetName -eq "nv") { 167 | if (@($name).count -ne @($value).count) { 168 | Throw "You need to have the same number of name and value parameters" 169 | } 170 | 171 | $attributes = New-Object -TypeName PSObject 172 | $i = 0 173 | foreach ($n in $name) { 174 | $attributes | Add-Member -name $n -MemberType NoteProperty -Value $value[$i] 175 | $i++ 176 | } 177 | } 178 | 179 | #Remove existing attributes (set value to null) 180 | foreach ($n in ($atts.attributes | Get-Member -MemberType NoteProperty).name ) { 181 | if ($attributes.$n) { 182 | #Skip if there is already an attribute with this name... 183 | continue 184 | } 185 | $attributes | Add-Member -name $n -MemberType NoteProperty -Value $delete_value 186 | } 187 | 188 | $_att | Add-Member -name "attributes" -MemberType NoteProperty -Value $attributes 189 | 190 | if ($PSCmdlet.ShouldProcess("$id $old_name", 'Configure Attribute Member')) { 191 | $att = Invoke-ArubaCPRestMethod -method "PATCH" -body $_att -uri $uri -connection $connection 192 | $att 193 | } 194 | 195 | } 196 | 197 | End { 198 | } 199 | 200 | } 201 | 202 | function Remove-ArubaCPAttributesMember { 203 | 204 | <# 205 | .SYNOPSIS 206 | Remove an Attribute member 207 | 208 | .DESCRIPTION 209 | Remove an Attribute Member on Endpoint / Local User / Network Device 210 | 211 | .EXAMPLE 212 | Get-ArubaCPEndpoint -mac_address 00:01:02:03:04:05 | Remove-ArubaCPAttributesMember -name "Disabled by" 213 | 214 | Remove Attribute name "Disabled By" with value PowerArubaCP to Endpoint 00:01:02:03:04:05 215 | 216 | .EXAMPLE 217 | Get-ArubaCPNetworkDevice -name NAD-PowerArubaCP | Remove-ArubaCPAttributesMember -name "Location", "syslocation" 218 | 219 | Remove Attribute name "Location and Syslocation" to network Device NAD-PowerArubaCP 220 | 221 | #> 222 | 223 | [CmdletBinding(SupportsShouldProcess, ConfirmImpact = 'medium')] 224 | Param( 225 | [Parameter (Mandatory = $true, ValueFromPipeline = $true)] 226 | #[ValidateScript( { ( Confirm-ArubaCPEndpoint $_ -or Confirm-ArubaCPNetworkDevice $_) })] 227 | [psobject]$atts, 228 | [Parameter (Mandatory = $true)] 229 | [string[]]$name, 230 | [Parameter (Mandatory = $False)] 231 | [ValidateNotNullOrEmpty()] 232 | [PSObject]$connection = $DefaultArubaCPConnection 233 | ) 234 | 235 | Begin { 236 | } 237 | 238 | Process { 239 | 240 | $id = $atts.id 241 | $rname = "(" + $atts.name + ")" 242 | if ($atts.mac_address -and $atts.status) { 243 | $uri = "api/endpoint/${id}" 244 | $delete_value = "--For-Delete--" 245 | } 246 | elseif ($atts.user_id -and $atts.role_name) { 247 | $uri = "api/local-user/${id}" 248 | $delete_value = "" 249 | } 250 | elseif ($atts.ip_address -and $atts.vendor_name) { 251 | $uri = "api/network-device/${id}" 252 | $delete_value = "" 253 | } 254 | else { 255 | Throw "Not an Endpoint, a Local User or a Network Device" 256 | } 257 | 258 | $_att = New-Object -TypeName PSObject 259 | 260 | $attributes = New-Object -TypeName PSObject 261 | 262 | foreach ($n in $name) { 263 | $attributes | Add-Member -name $n -MemberType NoteProperty -Value $delete_value 264 | } 265 | 266 | $_att | Add-Member -name "attributes" -MemberType NoteProperty -Value $attributes 267 | 268 | if ($PSCmdlet.ShouldProcess("$id $rname", 'Remove Attribute Member')) { 269 | $att = Invoke-ArubaCPRestMethod -method "PATCH" -body $_att -uri $uri -connection $connection 270 | $att 271 | } 272 | 273 | } 274 | 275 | End { 276 | } 277 | 278 | } 279 | -------------------------------------------------------------------------------- /PowerArubaCP/Public/AuthMethod.ps1: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2021, Alexis La Goutte 3 | # 4 | # SPDX-License-Identifier: Apache-2.0 5 | # 6 | 7 | function Get-ArubaCPAuthMethod { 8 | 9 | <# 10 | .SYNOPSIS 11 | Get Authentication Method on CPPM 12 | 13 | .DESCRIPTION 14 | Get Authentication Method (Id, Name, Description, Method, Details ...) 15 | 16 | .EXAMPLE 17 | Get-ArubaCPAuthMethod 18 | 19 | Get ALL Authentication Methods on the Clearpass 20 | 21 | .EXAMPLE 22 | Get-ArubaCPAuthMethod [PAP] 23 | 24 | Get info about Auth Method [PAP] on the ClearPass 25 | 26 | .EXAMPLE 27 | Get-ArubaCPAuthMethod -id 23 28 | 29 | Get info about Auth Method id 23 on the ClearPass 30 | 31 | .EXAMPLE 32 | Get-ArubaCPAuthMethod PAP -filter_type contains 33 | 34 | Get info about Auth Method where name contains PAP 35 | 36 | .EXAMPLE 37 | Get-ArubaCPAuthMethod -filter_attribute method_type -filter_type equal -filter_value PAP 38 | 39 | Get info about Auth Method where method_type equal pap 40 | 41 | #> 42 | 43 | [CmdLetBinding(DefaultParameterSetName = "Default")] 44 | 45 | Param( 46 | [Parameter (Mandatory = $false)] 47 | [Parameter (ParameterSetName = "id")] 48 | [int]$id, 49 | [Parameter (Mandatory = $false, Position = 1)] 50 | [Parameter (ParameterSetName = "name")] 51 | [string]$Name, 52 | [Parameter (Mandatory = $false)] 53 | [Parameter (ParameterSetName = "filter")] 54 | [string]$filter_attribute, 55 | [Parameter (Mandatory = $false)] 56 | [Parameter (ParameterSetName = "id")] 57 | [Parameter (ParameterSetName = "name")] 58 | [Parameter (ParameterSetName = "filter")] 59 | [ValidateSet('equal', 'contains')] 60 | [string]$filter_type, 61 | [Parameter (Mandatory = $false)] 62 | [Parameter (ParameterSetName = "filter")] 63 | [psobject]$filter_value, 64 | [Parameter (Mandatory = $false)] 65 | [int]$limit, 66 | [Parameter (Mandatory = $False)] 67 | [ValidateNotNullOrEmpty()] 68 | [PSObject]$connection = $DefaultArubaCPConnection 69 | ) 70 | 71 | Begin { 72 | } 73 | 74 | Process { 75 | 76 | $invokeParams = @{ } 77 | if ( $PsBoundParameters.ContainsKey('limit') ) { 78 | $invokeParams.add( 'limit', $limit ) 79 | } 80 | 81 | switch ( $PSCmdlet.ParameterSetName ) { 82 | "id" { 83 | $filter_value = $id 84 | $filter_attribute = "id" 85 | } 86 | "name" { 87 | $filter_value = $name 88 | $filter_attribute = "name" 89 | } 90 | default { } 91 | } 92 | 93 | if ( $PsBoundParameters.ContainsKey('filter_type') ) { 94 | switch ( $filter_type ) { 95 | "equal" { 96 | $filter_value = @{ "`$eq" = $filter_value } 97 | } 98 | "contains" { 99 | $filter_value = @{ "`$contains" = $filter_value } 100 | } 101 | default { } 102 | } 103 | } 104 | 105 | if ($filter_value -and $filter_attribute) { 106 | $filter = @{ $filter_attribute = $filter_value } 107 | $invokeParams.add( 'filter', $filter ) 108 | } 109 | 110 | $uri = "api/auth-method" 111 | 112 | $am = Invoke-ArubaCPRestMethod -method "GET" -uri $uri @invokeParams -connection $connection 113 | $am._embedded.items 114 | } 115 | 116 | End { 117 | } 118 | } -------------------------------------------------------------------------------- /PowerArubaCP/Public/AuthSource.ps1: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2021, Alexis La Goutte 3 | # 4 | # SPDX-License-Identifier: Apache-2.0 5 | # 6 | 7 | function Get-ArubaCPAuthSource { 8 | 9 | <# 10 | .SYNOPSIS 11 | Get Authentication Source on CPPM 12 | 13 | .DESCRIPTION 14 | Get Auth Source (Id, Name, Type, Host Name, ....) 15 | 16 | .EXAMPLE 17 | Get-ArubaCPAuthSource 18 | 19 | Get ALL Auth Sources on the Clearpass 20 | 21 | .EXAMPLE 22 | Get-ArubaCPAuthSource PowerArubaCP 23 | 24 | Get info about Auth Source PowerArubaCP on the ClearPass 25 | 26 | .EXAMPLE 27 | Get-ArubaCPAuthSource -id 23 28 | 29 | Get info about Auth Source id 23 on the ClearPass 30 | 31 | .EXAMPLE 32 | Get-ArubaCPAuthSource PowerArubaCP -filter_type contains 33 | 34 | Get info about Auth Source where name contains PowerArubaCP 35 | 36 | .EXAMPLE 37 | Get-ArubaCPAuthSource -filter_attribute type -filter_type equal -filter_value ldap 38 | 39 | Get info about Auth Source where type equal ldap 40 | 41 | #> 42 | 43 | [CmdLetBinding(DefaultParameterSetName = "Default")] 44 | 45 | Param( 46 | [Parameter (Mandatory = $false)] 47 | [Parameter (ParameterSetName = "id")] 48 | [int]$id, 49 | [Parameter (Mandatory = $false, Position = 1)] 50 | [Parameter (ParameterSetName = "name")] 51 | [string]$Name, 52 | [Parameter (Mandatory = $false)] 53 | [Parameter (ParameterSetName = "filter")] 54 | [string]$filter_attribute, 55 | [Parameter (Mandatory = $false)] 56 | [Parameter (ParameterSetName = "id")] 57 | [Parameter (ParameterSetName = "name")] 58 | [Parameter (ParameterSetName = "filter")] 59 | [ValidateSet('equal', 'contains')] 60 | [string]$filter_type, 61 | [Parameter (Mandatory = $false)] 62 | [Parameter (ParameterSetName = "filter")] 63 | [psobject]$filter_value, 64 | [Parameter (Mandatory = $false)] 65 | [int]$limit, 66 | [Parameter (Mandatory = $False)] 67 | [ValidateNotNullOrEmpty()] 68 | [PSObject]$connection = $DefaultArubaCPConnection 69 | ) 70 | 71 | Begin { 72 | } 73 | 74 | Process { 75 | 76 | $invokeParams = @{ } 77 | if ( $PsBoundParameters.ContainsKey('limit') ) { 78 | $invokeParams.add( 'limit', $limit ) 79 | } 80 | 81 | switch ( $PSCmdlet.ParameterSetName ) { 82 | "id" { 83 | $filter_value = $id 84 | $filter_attribute = "id" 85 | } 86 | "name" { 87 | $filter_value = $name 88 | $filter_attribute = "name" 89 | } 90 | default { } 91 | } 92 | 93 | if ( $PsBoundParameters.ContainsKey('filter_type') ) { 94 | switch ( $filter_type ) { 95 | "equal" { 96 | $filter_value = @{ "`$eq" = $filter_value } 97 | } 98 | "contains" { 99 | $filter_value = @{ "`$contains" = $filter_value } 100 | } 101 | default { } 102 | } 103 | } 104 | 105 | if ($filter_value -and $filter_attribute) { 106 | $filter = @{ $filter_attribute = $filter_value } 107 | $invokeParams.add( 'filter', $filter ) 108 | } 109 | 110 | $uri = "api/auth-source" 111 | 112 | $as = Invoke-ArubaCPRestMethod -method "GET" -uri $uri @invokeParams -connection $connection 113 | $as._embedded.items 114 | } 115 | 116 | End { 117 | } 118 | } -------------------------------------------------------------------------------- /PowerArubaCP/Public/CertTrustList.ps1: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2021, Alexis La Goutte 3 | # 4 | # SPDX-License-Identifier: Apache-2.0 5 | # 6 | 7 | function Get-ArubaCPCertTrustList { 8 | 9 | <# 10 | .SYNOPSIS 11 | Get Certificate Trusted List on CPPM 12 | 13 | .DESCRIPTION 14 | Get Certificate Trusted List (Id, file, enabled, Usage ...) 15 | 16 | .EXAMPLE 17 | Get-ArubaCPCertTrustList 18 | 19 | Get ALL Certificate Trusted Lists on the Clearpass 20 | 21 | .EXAMPLE 22 | Get-ArubaCPCertTrustList -details 23 | 24 | Get ALL Certificate Trusted Lists with details (subject_DN, issue_date, expiry_date, signature_algorithm...) on the Clearpass 25 | 26 | .EXAMPLE 27 | Get-ArubaCPCertTrustList -id 23 28 | 29 | Get info about Cert Trust List id 23 on the ClearPass 30 | 31 | .EXAMPLE 32 | Get-ArubaCPCertTrustList Aruba -filter_type contains 33 | 34 | Get info about Cert Trust List where cert usage contains Aruba 35 | 36 | .EXAMPLE 37 | Get-ArubaCPCertTrustList -details -filter_attribute enabled -filter_type equal -filter_value True 38 | 39 | Get info about Cert Trust List details where enabled equal True 40 | 41 | #> 42 | 43 | [CmdLetBinding(DefaultParameterSetName = "Default")] 44 | 45 | Param( 46 | [Parameter (Mandatory = $false)] 47 | [switch]$details, 48 | [Parameter (Mandatory = $false)] 49 | [Parameter (ParameterSetName = "id")] 50 | [int]$id, 51 | [Parameter (Mandatory = $false)] 52 | [Parameter (ParameterSetName = "cert_usage")] 53 | [string]$cert_usage, 54 | [Parameter (Mandatory = $false)] 55 | [Parameter (ParameterSetName = "filter")] 56 | [string]$filter_attribute, 57 | [Parameter (Mandatory = $false)] 58 | [Parameter (ParameterSetName = "id")] 59 | [Parameter (ParameterSetName = "name")] 60 | [Parameter (ParameterSetName = "filter")] 61 | [ValidateSet('equal', 'contains')] 62 | [string]$filter_type, 63 | [Parameter (Mandatory = $false)] 64 | [Parameter (ParameterSetName = "filter")] 65 | [psobject]$filter_value, 66 | [Parameter (Mandatory = $false)] 67 | [int]$limit, 68 | [Parameter (Mandatory = $False)] 69 | [ValidateNotNullOrEmpty()] 70 | [PSObject]$connection = $DefaultArubaCPConnection 71 | ) 72 | 73 | Begin { 74 | } 75 | 76 | Process { 77 | 78 | $invokeParams = @{ } 79 | if ( $PsBoundParameters.ContainsKey('limit') ) { 80 | $invokeParams.add( 'limit', $limit ) 81 | } 82 | 83 | switch ( $PSCmdlet.ParameterSetName ) { 84 | "id" { 85 | $filter_value = $id 86 | $filter_attribute = "id" 87 | } 88 | "cert_usage" { 89 | $filter_value = $name 90 | $filter_attribute = "cert_usage" 91 | } 92 | default { } 93 | } 94 | 95 | if ( $PsBoundParameters.ContainsKey('filter_type') ) { 96 | switch ( $filter_type ) { 97 | "equal" { 98 | $filter_value = @{ "`$eq" = $filter_value } 99 | } 100 | "contains" { 101 | $filter_value = @{ "`$contains" = $filter_value } 102 | } 103 | default { } 104 | } 105 | } 106 | 107 | if ($filter_value -and $filter_attribute) { 108 | $filter = @{ $filter_attribute = $filter_value } 109 | $invokeParams.add( 'filter', $filter ) 110 | } 111 | if ($details) { 112 | $uri = "api/cert-trust-list-details" 113 | } 114 | else { 115 | $uri = "api/cert-trust-list" 116 | } 117 | 118 | 119 | $ctl = Invoke-ArubaCPRestMethod -method "GET" -uri $uri @invokeParams -connection $connection 120 | $ctl._embedded.items 121 | } 122 | 123 | End { 124 | } 125 | } -------------------------------------------------------------------------------- /PowerArubaCP/Public/Certificate.ps1: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2020, Alexis La Goutte 3 | # Copyright 2020, Cédric Moreau 4 | # 5 | # SPDX-License-Identifier: Apache-2.0 6 | # 7 | 8 | function Get-ArubaCPClusterCertificate { 9 | 10 | <# 11 | .SYNOPSIS 12 | Get all the cluster certificates on ClearPass 13 | 14 | .DESCRIPTION 15 | Get all the cluster certificates on ClearPass (HTTPS, RADIUS, etc ...) 16 | 17 | .EXAMPLE 18 | Get-ArubaCPClusterCertificate 19 | 20 | Return a list of cluster certificates on ClearPass 21 | 22 | .EXAMPLE 23 | Get-ArubaCPClusterCertificate -service_id 1 24 | 25 | Return the cluster certificate for service id 1 (RADIUS) 26 | 27 | .EXAMPLE 28 | Get-ArubaCPClusterCertificate -service_name "HTTPS" 29 | 30 | Return the cluster certificate for service name HTTPS 31 | 32 | .EXAMPLE 33 | Get-ArubaCPClusterCertificate -certificate_type "RadSec Server Certificate" 34 | 35 | Return the cluster certificate which is a RadSec Server Certificate type 36 | #> 37 | 38 | [CmdLetBinding(DefaultParameterSetName = "Default")] 39 | [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSReviewUnusedParameter", "")] 40 | Param( 41 | [Parameter (Mandatory = $false)] 42 | [Parameter (ParameterSetName = "id")] 43 | [ValidateSet (1, 2, 7, 21, 106)] 44 | [int]$service_id, 45 | [Parameter (Mandatory = $false)] 46 | [Parameter (ParameterSetName = "name")] 47 | [ValidateSet ("RADIUS", "HTTPS(RSA)", "HTTPS(ECC)", "RadSec", "Database")] 48 | [string]$service_name, 49 | [Parameter (Mandatory = $false)] 50 | [Parameter (ParameterSetName = "type")] 51 | [string]$certificate_type, 52 | [Parameter (Mandatory = $False)] 53 | [ValidateNotNullOrEmpty()] 54 | [PSObject]$connection = $DefaultArubaCPConnection 55 | ) 56 | 57 | Begin { 58 | } 59 | 60 | Process { 61 | $uri = "api/server-cert" 62 | 63 | $cert = Invoke-ArubaCPRestMethod -method "GET" -uri $uri -connection $connection 64 | 65 | switch ( $PSCmdlet.ParameterSetName ) { 66 | "id" { $cert._embedded.items | Where-Object { $_.service_id -eq $service_id } } 67 | "name" { $cert._embedded.items | Where-Object { $_.service_name -like $service_name } } 68 | "type" { $cert._embedded.items | Where-Object { $_.certificate_type -eq $certificate_type } } 69 | default { $cert._embedded.items } 70 | } 71 | } 72 | 73 | End { 74 | } 75 | } 76 | 77 | function Get-ArubaCPServerCertificate { 78 | 79 | <# 80 | .SYNOPSIS 81 | Get a server certificate on ClearPass 82 | 83 | .DESCRIPTION 84 | Get a server certificate on ClearPass (HTTPS, RADIUS, etc ...) 85 | 86 | .EXAMPLE 87 | $server_uuid = (Get-ArubaCPServerConfiguration).server_uuid[0] 88 | Get-ArubaCPServerCertificate -service_name RADIUS -server_uuid server_uuid 89 | 90 | Return the RADIUS certificates of first Server (using uuid) 91 | #> 92 | 93 | [CmdLetBinding(DefaultParameterSetName = "Default")] 94 | 95 | Param( 96 | [Parameter (Mandatory = $true)] 97 | [ValidateSet("RADIUS", "HTTPS(RSA)", "HTTPS(ECC)", "RadSec", "Database")] 98 | [string]$service_name, 99 | [Parameter (Mandatory = $true)] 100 | [string]$server_uuid, 101 | [Parameter (Mandatory = $False)] 102 | [ValidateNotNullOrEmpty()] 103 | [PSObject]$connection = $DefaultArubaCPConnection 104 | ) 105 | 106 | Begin { 107 | } 108 | 109 | Process { 110 | $uri = "api/server-cert/name/${server_uuid}/${service_name}" 111 | 112 | $cert = Invoke-ArubaCPRestMethod -method "GET" -uri $uri -connection $connection 113 | 114 | $cert 115 | } 116 | 117 | End { 118 | } 119 | } 120 | 121 | function Get-ArubaCPServiceCertificate { 122 | 123 | <# 124 | .SYNOPSIS 125 | Get Service Certificate on CPPM 126 | 127 | .DESCRIPTION 128 | Get Service Certificate (Id, file, Usage ...) 129 | 130 | .EXAMPLE 131 | Get-ArubaCPServiceCertificate 132 | 133 | Get ALL Service Certificates on the Clearpass 134 | 135 | .EXAMPLE 136 | Get-ArubaCPServiceCertificate -id 23 137 | 138 | Get info about Service Certificate id 23 on the ClearPass 139 | 140 | .EXAMPLE 141 | Get-ArubaCPServiceCertificate Aruba -filter_type contains 142 | 143 | Get info about Service Certificate where subject contains Aruba 144 | 145 | .EXAMPLE 146 | Get-ArubaCPServiceCertificate -filter_attribute validity -filter_type equal -filter_value Valid 147 | 148 | Get info about Service Certificates where validity equal Valid 149 | 150 | #> 151 | 152 | [CmdLetBinding(DefaultParameterSetName = "Default")] 153 | 154 | Param( 155 | [Parameter (Mandatory = $false)] 156 | [switch]$details, 157 | [Parameter (Mandatory = $false)] 158 | [Parameter (ParameterSetName = "id")] 159 | [int]$id, 160 | [Parameter (Mandatory = $false, Position = 1)] 161 | [Parameter (ParameterSetName = "subject")] 162 | [string]$subject, 163 | [Parameter (Mandatory = $false)] 164 | [Parameter (ParameterSetName = "filter")] 165 | [string]$filter_attribute, 166 | [Parameter (Mandatory = $false)] 167 | [Parameter (ParameterSetName = "id")] 168 | [Parameter (ParameterSetName = "subject")] 169 | [Parameter (ParameterSetName = "filter")] 170 | [ValidateSet('equal', 'contains')] 171 | [string]$filter_type, 172 | [Parameter (Mandatory = $false)] 173 | [Parameter (ParameterSetName = "filter")] 174 | [psobject]$filter_value, 175 | [Parameter (Mandatory = $false)] 176 | [int]$limit, 177 | [Parameter (Mandatory = $False)] 178 | [ValidateNotNullOrEmpty()] 179 | [PSObject]$connection = $DefaultArubaCPConnection 180 | ) 181 | 182 | Begin { 183 | } 184 | 185 | Process { 186 | 187 | $invokeParams = @{ } 188 | if ( $PsBoundParameters.ContainsKey('limit') ) { 189 | $invokeParams.add( 'limit', $limit ) 190 | } 191 | 192 | switch ( $PSCmdlet.ParameterSetName ) { 193 | "id" { 194 | $filter_value = $id 195 | $filter_attribute = "id" 196 | } 197 | "subject" { 198 | $filter_value = $subject 199 | $filter_attribute = "subject" 200 | } 201 | default { } 202 | } 203 | 204 | if ( $PsBoundParameters.ContainsKey('filter_type') ) { 205 | switch ( $filter_type ) { 206 | "equal" { 207 | $filter_value = @{ "`$eq" = $filter_value } 208 | } 209 | "contains" { 210 | $filter_value = @{ "`$contains" = $filter_value } 211 | } 212 | default { } 213 | } 214 | } 215 | 216 | if ($filter_value -and $filter_attribute) { 217 | $filter = @{ $filter_attribute = $filter_value } 218 | $invokeParams.add( 'filter', $filter ) 219 | } 220 | 221 | $uri = "api/service-cert" 222 | 223 | $service_cert = Invoke-ArubaCPRestMethod -method "GET" -uri $uri @invokeParams -connection $connection 224 | $service_cert._embedded.items 225 | } 226 | 227 | End { 228 | } 229 | } -------------------------------------------------------------------------------- /PowerArubaCP/Public/Connection.ps1: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2018, Alexis La Goutte 3 | # 4 | # SPDX-License-Identifier: Apache-2.0 5 | # 6 | 7 | function Connect-ArubaCP { 8 | 9 | <# 10 | .SYNOPSIS 11 | Connect to an Aruba ClearPass 12 | 13 | .DESCRIPTION 14 | Connect to an Aruba ClearPass 15 | 16 | .EXAMPLE 17 | Connect-ArubaCP -Server 192.0.2.1 -client_id PowerArubaCP -client_secret MySecret 18 | 19 | Connect to an Aruba ClearPass with IP 192.0.2.1 using client_id PowerArubaCP and client_secret MySecret 20 | 21 | .EXAMPLE 22 | Connect-ArubaCP -Server 192.0.2.1 -token aaaaaaaaaaaaa 23 | 24 | Connect to an Aruba ClearPass with IP 192.0.2.1 using token aaaaaaa 25 | 26 | .EXAMPLE 27 | Connect-ArubaCP -Server 192.0.2.1 -token aaaaaaaaaaaaa -SkipCertificateCheck 28 | 29 | Connect to an Aruba ClearPass using HTTPS (without check certificate validation) with IP 192.0.2.1 using token aaaaaaa 30 | 31 | .EXAMPLE 32 | Connect-ArubaCP -Server 192.0.2.1 -token aaaaaaaaaaaaa -port 4443 33 | 34 | Connect to an Aruba ClearPass with IP 192.0.2.1 using token aaaaaaa on port 4443 35 | 36 | .EXAMPLE 37 | $cppm1 = Connect-ArubaCP -Server 192.0.2.1 -token aaaaaaaaaaaaa 38 | 39 | Connect to an ArubaOS ClaerPass with IP 192.0.2.1 and store connection info to $cppm1 variable 40 | 41 | .EXAMPLE 42 | $cppm2 = Connect-ArubaSW -Server 192.0.2.1 -token aaaaaaaaaaaaa -DefaultConnection:$false 43 | 44 | Connect to an ArubaOS Switch with IP 192.0.2.1 and store connection info to $cppm2 variable 45 | and don't store connection on global ($DefaultArubaCPConnection) variable 46 | #> 47 | 48 | Param( 49 | [Parameter(Mandatory = $true, position = 1)] 50 | [String]$Server, 51 | [Parameter(Mandatory = $false, ParameterSetName = "token")] 52 | [String]$token, 53 | [Parameter(Mandatory = $false, ParameterSetName = "client_credentials")] 54 | [String]$client_id, 55 | [Parameter(Mandatory = $false, ParameterSetName = "client_credentials")] 56 | [String]$client_secret, 57 | [Parameter(Mandatory = $false)] 58 | [switch]$SkipCertificateCheck = $false, 59 | [Parameter(Mandatory = $false)] 60 | [ValidateRange(1, 65535)] 61 | [int]$port = 443, 62 | [Parameter(Mandatory = $false)] 63 | [boolean]$DefaultConnection = $true 64 | ) 65 | 66 | Begin { 67 | } 68 | 69 | Process { 70 | 71 | $connection = @{server = ""; token = ""; invokeParams = "" ; version = "" ; port = $port } 72 | $invokeParams = @{DisableKeepAlive = $false; UseBasicParsing = $true; SkipCertificateCheck = $SkipCertificateCheck } 73 | 74 | if ("Desktop" -eq $PSVersionTable.PsEdition) { 75 | #Remove -SkipCertificateCheck from Invoke Parameter (not supported <= PS 5) 76 | $invokeParams.remove("SkipCertificateCheck") 77 | } 78 | else { 79 | #Core Edition 80 | #Remove -UseBasicParsing (Enable by default with PowerShell 6/Core) 81 | $invokeParams.remove("UseBasicParsing") 82 | } 83 | 84 | #for PowerShell (<=) 5 (Desktop), Enable TLS 1.1, 1.2 and Disable SSL chain trust (needed/recommanded by ClearPass) 85 | if ("Desktop" -eq $PSVersionTable.PsEdition) { 86 | #Enable TLS 1.1 and 1.2 87 | Set-ArubaCPCipherSSL 88 | if ($SkipCertificateCheck) { 89 | #Disable SSL chain trust... 90 | Set-ArubaCPuntrustedSSL 91 | } 92 | } 93 | 94 | #Try to oauth... 95 | if ($PSCmdlet.ParameterSetName -eq "client_credentials") { 96 | 97 | $oauth = @{ 98 | grant_type = 'client_credentials'; 99 | client_id = $client_id; 100 | client_secret = $client_secret; 101 | } 102 | 103 | $headers = @{ Accept = "application/json"; "Content-type" = "application/json" } 104 | $fullurl = "https://${Server}:${port}/api/oauth" 105 | $response = Invoke-RestMethod -uri $fullurl -Method "POST" -body ($oauth | ConvertTo-Json) -Headers $headers @invokeParams 106 | 107 | $token = $response.access_token 108 | } 109 | 110 | $connection.server = $server 111 | $connection.token = $token 112 | $connection.invokeParams = $invokeParams 113 | 114 | if ( $DefaultConnection ) { 115 | set-variable -name DefaultArubaCPConnection -value $connection -scope Global 116 | } 117 | 118 | $cv = Get-ArubaCPCPPMVersion -connection $connection 119 | $connection.version = [version]"$($cv.app_major_version).$($cv.app_minor_version).$($cv.app_service_release)" 120 | 121 | $connection 122 | } 123 | 124 | End { 125 | } 126 | } 127 | 128 | function Disconnect-ArubaCP { 129 | 130 | <# 131 | .SYNOPSIS 132 | Disconnect to an Aruba ClearPass 133 | 134 | .DESCRIPTION 135 | Disconnect the connection on Aruba ClearPass 136 | 137 | .EXAMPLE 138 | Disconnect-ArubaCP 139 | 140 | Disconnect the connection 141 | 142 | .EXAMPLE 143 | Disconnect-ArubaCP -confirm:$false 144 | 145 | Disconnect the connection with no confirmation 146 | 147 | #> 148 | 149 | [CmdletBinding(SupportsShouldProcess, ConfirmImpact = 'High')] 150 | Param( 151 | [Parameter (Mandatory = $False)] 152 | [ValidateNotNullOrEmpty()] 153 | [PSObject]$connection = $DefaultArubaCPConnection 154 | ) 155 | 156 | Begin { 157 | } 158 | 159 | Process { 160 | 161 | if ($PSCmdlet.ShouldProcess($connection.server, 'Remove ClearPass connection ?')) { 162 | #Not really connection on CPPM with token 163 | if ( ($connection -eq $DefaultArubaCPConnection) -and (Test-Path variable:global:DefaultArubaCPConnection) ) { 164 | Remove-Variable -name DefaultArubaCPConnection -scope global 165 | } 166 | } 167 | 168 | } 169 | 170 | End { 171 | } 172 | } 173 | -------------------------------------------------------------------------------- /PowerArubaCP/Public/DeviceFingerprint.ps1: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2021, Alexis La Goutte 3 | # 4 | # SPDX-License-Identifier: Apache-2.0 5 | # 6 | 7 | function Add-ArubaCPDeviceFingerprint { 8 | 9 | <# 10 | .SYNOPSIS 11 | Add a Device Fingerprint on ClearPass 12 | 13 | .DESCRIPTION 14 | Add a Device Fingerprint with mac address, hostname, ip (address) and device info (Category, Name, Family) 15 | 16 | .EXAMPLE 17 | Add-ArubaCPDeviceFingerprint -mac_address 000102030405 -hostname "My PowerArubaCP Device Fingerprint" 18 | 19 | Add a Device Fingerprint with MAC Address 000102030405 and a hostname 20 | 21 | .EXAMPLE 22 | Add-ArubaCPDeviceFingerprint -mac_address 000102030405 -ip_address 192.0.2.1 23 | 24 | Add a Device Fingerprint with MAC Address 000102030405 and an IP Address 25 | 26 | .EXAMPLE 27 | Add-ArubaCPDeviceFingerprint -mac_address 000102030405 -device_category Server -device_family ClearPass -device_name ClearPass VM 28 | 29 | Add a Device Fingerprint with MAC Address 000102030405 with device information (Category, Name, Family) 30 | #> 31 | 32 | Param( 33 | [Parameter (Mandatory = $true)] 34 | [string]$mac_address, 35 | [Parameter (Mandatory = $false)] 36 | [string]$hostname, 37 | [Parameter (Mandatory = $false)] 38 | [ipaddress]$ip_address, 39 | [Parameter (Mandatory = $false)] 40 | [string]$device_category, 41 | [Parameter (Mandatory = $false)] 42 | [string]$device_name, 43 | [Parameter (Mandatory = $false)] 44 | [string]$device_family, 45 | [Parameter (Mandatory = $False)] 46 | [ValidateNotNullOrEmpty()] 47 | [PSObject]$connection = $DefaultArubaCPConnection 48 | ) 49 | 50 | Begin { 51 | } 52 | 53 | Process { 54 | 55 | $uri = "api/device-profiler/device-fingerprint" 56 | 57 | $_dfp = new-Object -TypeName PSObject 58 | 59 | $_dfp | add-member -name "mac" -membertype NoteProperty -Value (Format-ArubaCPMacAddress $mac_address) 60 | 61 | if ( $PsBoundParameters.ContainsKey('hostname') ) { 62 | $_dfp | add-member -name "hostname" -membertype NoteProperty -Value $hostname 63 | } 64 | 65 | if ( $PsBoundParameters.ContainsKey('ip_address') ) { 66 | $_dfp | add-member -name "ip" -membertype NoteProperty -Value $ip_address.ToString() 67 | } 68 | 69 | $_device = new-Object -TypeName PSObject 70 | if ( $PsBoundParameters.ContainsKey('device_category') ) { 71 | $_device | add-member -name "category" -membertype NoteProperty -Value $device_category 72 | } 73 | 74 | if ( $PsBoundParameters.ContainsKey('device_name') ) { 75 | $_device | add-member -name "name" -membertype NoteProperty -Value $device_name 76 | } 77 | 78 | if ( $PsBoundParameters.ContainsKey('device_family') ) { 79 | $_device | add-member -name "family" -membertype NoteProperty -Value $device_family 80 | } 81 | 82 | $_dfp | add-member -name "device" -membertype NoteProperty -Value $_device 83 | 84 | $dfp = Invoke-ArubaCPRestMethod -method "POST" -body $_dfp -uri $uri -connection $connection 85 | $dfp 86 | } 87 | 88 | End { 89 | } 90 | } 91 | 92 | function Get-ArubaCPDeviceFingerprint { 93 | 94 | <# 95 | .SYNOPSIS 96 | Get Device Fingerprint info on CPPM 97 | 98 | .DESCRIPTION 99 | Get Device Fingerprint (hostname, ip, device category/name/family) 100 | 101 | .EXAMPLE 102 | Get-ArubaCPDeviceFingerprint -mac_address 000102030405 103 | 104 | Get Device FingerPrint about Endpoint 000102030405 Aruba on the ClearPass 105 | 106 | .EXAMPLE 107 | Get-ArubaCPEndpoint 000102030405 | Get-ArubaCPDeviceFingerprint 108 | 109 | Get Device FingerPrint using Endpoint 000102030405 110 | 111 | .EXAMPLE 112 | Get-ArubaCPDeviceFingerprint -ip_address 192.0.2.1 113 | 114 | Get Device FingerPrint about Endpoint 192.0.2.1 Aruba on the ClearPass 115 | 116 | #> 117 | 118 | Param( 119 | [Parameter (ParameterSetName = "mac_address", Mandatory = $true)] 120 | [string]$mac_address, 121 | [Parameter (ParameterSetName = "ip_address", Mandatory = $true)] 122 | [IPAddress]$ip_address, 123 | [Parameter (ParameterSetName = "endpoint", Mandatory = $true, ValueFromPipeline = $true)] 124 | [ValidateScript( { Confirm-ArubaCPEndpoint $_ })] 125 | [psobject]$endpoint, 126 | [Parameter (Mandatory = $false)] 127 | [ValidateNotNullOrEmpty()] 128 | [PSObject]$connection = $DefaultArubaCPConnection 129 | ) 130 | 131 | Begin { 132 | } 133 | 134 | Process { 135 | 136 | if ($connection.version -lt [version]"6.9.0") { 137 | throw "Need ClearPass >= 6.9.0 for use this cmdlet" 138 | } 139 | 140 | $invokeParams = @{ } 141 | 142 | $uri = "api/device-profiler/device-fingerprint/" 143 | 144 | switch ( $PSCmdlet.ParameterSetName ) { 145 | "mac_address" { 146 | $uri += $mac_address 147 | } 148 | "ip_address" { 149 | $uri += $ip_address.ToString() 150 | } 151 | "endpoint" { 152 | $uri += $endpoint.mac_address 153 | } 154 | default { } 155 | } 156 | 157 | $dfp = Invoke-ArubaCPRestMethod -method "GET" -uri $uri @invokeParams -connection $connection 158 | $dfp 159 | } 160 | 161 | End { 162 | } 163 | } -------------------------------------------------------------------------------- /PowerArubaCP/Public/Endpoint.ps1: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2019, Alexis La Goutte 3 | # 4 | # SPDX-License-Identifier: Apache-2.0 5 | # 6 | 7 | function Add-ArubaCPEndpoint { 8 | 9 | <# 10 | .SYNOPSIS 11 | Add an Endpoint on ClearPass 12 | 13 | .DESCRIPTION 14 | Add an Endpoint with mac address, description, status, attributes 15 | 16 | .EXAMPLE 17 | Add-ArubaCPEndpoint -mac_address 000102030405 -description "Add by PowerArubaCP" -Status Known 18 | 19 | Add an Endpoint with MAC Address 000102030405 with Known Status and a description 20 | 21 | .EXAMPLE 22 | Add-ArubaCPEndpoint -mac_address 00:01:02:03:04:06 -status Unknown 23 | 24 | Add an Endpoint with MAC Address 00:01:02:03:04:06 with Unknown Status 25 | 26 | .EXAMPLE 27 | $attributes = @{"Disabled by"="PowerArubaCP"} 28 | PS >Add-ArubaCPEndpoint -mac_address 000102-030407 -Status Disabled -attributes $attributes 29 | 30 | Add an Endpoint with MAC Address 000102030405 with Disabled Status and attributes to Disabled by PowerArubaCP 31 | #> 32 | 33 | Param( 34 | [Parameter (Mandatory = $false)] 35 | [int]$id, 36 | [Parameter (Mandatory = $true)] 37 | [string]$mac_address, 38 | [Parameter (Mandatory = $false)] 39 | [string]$description, 40 | [Parameter (Mandatory = $true)] 41 | [ValidateSet('Known', 'Unknown', 'Disabled', IgnoreCase = $false)] 42 | [string]$status, 43 | [Parameter (Mandatory = $false)] 44 | [psobject]$attributes, 45 | [Parameter (Mandatory = $False)] 46 | [ValidateNotNullOrEmpty()] 47 | [PSObject]$connection = $DefaultArubaCPConnection 48 | ) 49 | 50 | Begin { 51 | } 52 | 53 | Process { 54 | 55 | $uri = "api/endpoint" 56 | 57 | $_ep = new-Object -TypeName PSObject 58 | 59 | if ( $PsBoundParameters.ContainsKey('id') ) { 60 | $_ep | add-member -name "id" -membertype NoteProperty -Value $id 61 | } 62 | 63 | $_ep | add-member -name "mac_address" -membertype NoteProperty -Value (Format-ArubaCPMacAddress $mac_address) 64 | 65 | if ( $PsBoundParameters.ContainsKey('description') ) { 66 | $_ep | add-member -name "description" -membertype NoteProperty -Value $description 67 | } 68 | 69 | $_ep | add-member -name "status" -membertype NoteProperty -Value $status 70 | 71 | if ( $PsBoundParameters.ContainsKey('attributes') ) { 72 | $_ep | add-member -name "attributes" -membertype NoteProperty -Value $attributes 73 | } 74 | 75 | $ep = invoke-ArubaCPRestMethod -method "POST" -body $_ep -uri $uri -connection $connection 76 | $ep 77 | } 78 | 79 | End { 80 | } 81 | } 82 | 83 | function Get-ArubaCPEndpoint { 84 | 85 | <# 86 | .SYNOPSIS 87 | Get Endpoint info on CPPM 88 | 89 | .DESCRIPTION 90 | Get Endpoint (Id, MAC Address, Status, Attributes) 91 | 92 | .EXAMPLE 93 | Get-ArubaCPEndpoint 94 | 95 | Get ALL Endpoint on the Clearpass 96 | 97 | .EXAMPLE 98 | Get-ArubaCPEndpoint 000102030405 99 | 100 | Get info about Endpoint 000102030405 Aruba on the ClearPass 101 | 102 | .EXAMPLE 103 | Get-ArubaCPEndpoint -id 23 104 | 105 | Get info about Endpoint id 23 on the ClearPass 106 | 107 | .EXAMPLE 108 | Get-ArubaCPEndpoint 000102030405 -filter_type contains 109 | 110 | Get info about Endpoint where name contains 000102 111 | 112 | .EXAMPLE 113 | Get-ArubaCPEndpoint -filter_attribute attribute -filter_type contains -filter_value 192.0.2.1 114 | 115 | Get info about Endpoint where attribute contains 192.0.2.1 116 | #> 117 | 118 | [CmdLetBinding(DefaultParameterSetName = "Default")] 119 | 120 | Param( 121 | [Parameter (Mandatory = $false)] 122 | [Parameter (ParameterSetName = "id")] 123 | [int]$id, 124 | [Parameter (Mandatory = $false, Position = 1)] 125 | [Parameter (ParameterSetName = "mac_address")] 126 | [string]$mac_address, 127 | [Parameter (Mandatory = $false)] 128 | [Parameter (ParameterSetName = "status")] 129 | [ValidateSet('Known', 'Unknown', 'Disabled')] 130 | [string]$status, 131 | [Parameter (Mandatory = $false)] 132 | [Parameter (ParameterSetName = "filter")] 133 | [string]$filter_attribute, 134 | [Parameter (Mandatory = $false)] 135 | [Parameter (ParameterSetName = "id")] 136 | [Parameter (ParameterSetName = "mac_address")] 137 | [Parameter (ParameterSetName = "status")] 138 | [Parameter (ParameterSetName = "filter")] 139 | [ValidateSet('equal', 'contains')] 140 | [string]$filter_type, 141 | [Parameter (Mandatory = $false)] 142 | [Parameter (ParameterSetName = "filter")] 143 | [psobject]$filter_value, 144 | [Parameter (Mandatory = $false)] 145 | [int]$limit, 146 | [Parameter (Mandatory = $False)] 147 | [ValidateNotNullOrEmpty()] 148 | [PSObject]$connection = $DefaultArubaCPConnection 149 | ) 150 | 151 | Begin { 152 | } 153 | 154 | Process { 155 | 156 | $invokeParams = @{ } 157 | if ( $PsBoundParameters.ContainsKey('limit') ) { 158 | $invokeParams.add( 'limit', $limit ) 159 | } 160 | 161 | switch ( $PSCmdlet.ParameterSetName ) { 162 | "id" { 163 | $filter_value = $id 164 | $filter_attribute = "id" 165 | } 166 | "mac_address" { 167 | $filter_value = Format-ArubaCPMACAddress $mac_address 168 | $filter_attribute = "mac_address" 169 | } 170 | "status" { 171 | $filter_value = $status 172 | $filter_attribute = "status" 173 | } 174 | default { } 175 | } 176 | 177 | if ( $PsBoundParameters.ContainsKey('filter_type') ) { 178 | switch ( $filter_type ) { 179 | "equal" { 180 | $filter_value = @{ "`$eq" = $filter_value } 181 | } 182 | "contains" { 183 | $filter_value = @{ "`$contains" = $filter_value } 184 | } 185 | default { } 186 | } 187 | } 188 | 189 | if ($filter_value -and $filter_attribute) { 190 | $filter = @{ $filter_attribute = $filter_value } 191 | $invokeParams.add( 'filter', $filter ) 192 | } 193 | 194 | $uri = "api/endpoint" 195 | 196 | $endpoint = Invoke-ArubaCPRestMethod -method "GET" -uri $uri @invokeParams -connection $connection 197 | 198 | $endpoint._embedded.items 199 | } 200 | 201 | End { 202 | } 203 | } 204 | 205 | 206 | function Set-ArubaCPEndpoint { 207 | 208 | <# 209 | .SYNOPSIS 210 | Configure an Endpoint on ClearPass 211 | 212 | .DESCRIPTION 213 | Configure an Endpoint on ClearPass 214 | 215 | .EXAMPLE 216 | $ep = Get-ArubaCPEndpoint -mac_address 00:01:02:03:04:05 217 | PS C:\>$ep | Set-ArubaCPEndpoint -status Disabled 218 | 219 | Set Status Disabled for MAC Address 00:01:02:03:04:05 220 | 221 | .EXAMPLE 222 | $ep = Get-ArubaCPEndpoint -mac_address 00:01:02:03:04:05 223 | PS C:\>$ep | Set-ArubaCPEndpoint -description "Change by PowerAruba" 224 | 225 | Change Description for MAC Address 00:01:02:03:04:05 226 | 227 | .EXAMPLE 228 | $ep = Get-ArubaCPEndpoint -mac_address 00:01:02:03:04:05 229 | PS C:\>$ep | Set-ArubaCPEndpoint -mac_address 00:01:02:03:04:06 230 | 231 | Change MAC Address 00:01:02:03:04:05 => 00:01:02:03:04:06 232 | 233 | #> 234 | 235 | [CmdletBinding(SupportsShouldProcess, ConfirmImpact = 'medium')] 236 | Param( 237 | [Parameter (Mandatory = $true, ParameterSetName = "id")] 238 | [int]$id, 239 | [Parameter (Mandatory = $true, ValueFromPipeline = $true, Position = 1, ParameterSetName = "ep")] 240 | [ValidateScript( { Confirm-ArubaCPEndpoint $_ })] 241 | [psobject]$ep, 242 | [Parameter (Mandatory = $false)] 243 | [string]$mac_address, 244 | [Parameter (Mandatory = $false)] 245 | [string]$description, 246 | [Parameter (Mandatory = $false)] 247 | [ValidateSet('Known', 'Unknown', 'Disabled', IgnoreCase = $false)] 248 | [string]$status, 249 | [Parameter (Mandatory = $False)] 250 | [ValidateNotNullOrEmpty()] 251 | [PSObject]$connection = $DefaultArubaCPConnection 252 | ) 253 | 254 | Begin { 255 | } 256 | 257 | Process { 258 | 259 | #get nad id from nad ps object 260 | if ($ep) { 261 | $id = $ep.id 262 | } 263 | 264 | $uri = "api/endpoint/${id}" 265 | $_ep = new-Object -TypeName PSObject 266 | 267 | if ( $PsBoundParameters.ContainsKey('id') ) { 268 | $_ep | add-member -name "id" -membertype NoteProperty -Value $id 269 | } 270 | 271 | if ( $PsBoundParameters.ContainsKey('mac_address') ) { 272 | $_ep | add-member -name "mac_address" -membertype NoteProperty -Value $mac_address 273 | } 274 | 275 | if ( $PsBoundParameters.ContainsKey('description') ) { 276 | $_ep | add-member -name "description" -membertype NoteProperty -Value $description 277 | } 278 | 279 | if ( $PsBoundParameters.ContainsKey('status') ) { 280 | $_ep | add-member -name "status" -membertype NoteProperty -Value $status 281 | } 282 | 283 | if ($PSCmdlet.ShouldProcess($id, 'Configure Endpoint')) { 284 | $ep = Invoke-ArubaCPRestMethod -method "PATCH" -body $_ep -uri $uri -connection $connection 285 | $ep 286 | } 287 | 288 | } 289 | 290 | End { 291 | } 292 | } 293 | function Remove-ArubaCPEndpoint { 294 | 295 | <# 296 | .SYNOPSIS 297 | Remove an Endpoint on ClearPass 298 | 299 | .DESCRIPTION 300 | Remove an Endpoint on ClearPass 301 | 302 | .EXAMPLE 303 | $ep = Get-ArubaCPEndpoint -mac_address 00:01:02:03:04:05 304 | PS C:\>$ep | Remove-ArubaCPEndpoint 305 | 306 | Remove an Endpoint with MAC Address 00:01:02:03:04:05 307 | 308 | .EXAMPLE 309 | Remove-ArubaCPEndpoint -id 3001 -confirm:$false 310 | 311 | Remove an Endpoint with id 3001 and no confirmation 312 | #> 313 | 314 | [CmdletBinding(SupportsShouldProcess, ConfirmImpact = 'high')] 315 | Param( 316 | [Parameter (Mandatory = $true, ParameterSetName = "id")] 317 | [int]$id, 318 | [Parameter (Mandatory = $true, ValueFromPipeline = $true, Position = 1, ParameterSetName = "ep")] 319 | [ValidateScript( { Confirm-ArubaCPEndpoint $_ })] 320 | [psobject]$ep, 321 | [Parameter (Mandatory = $False)] 322 | [ValidateNotNullOrEmpty()] 323 | [PSObject]$connection = $DefaultArubaCPConnection 324 | ) 325 | 326 | Begin { 327 | } 328 | 329 | Process { 330 | 331 | #get endpoint id from ep ps object 332 | if ($ep) { 333 | $id = $ep.id 334 | $mac = "(" + $ep.mac_address + ")" 335 | } 336 | 337 | $uri = "api/endpoint/${id}" 338 | 339 | if ($PSCmdlet.ShouldProcess("$id $mac", 'Remove Endpoint')) { 340 | Invoke-ArubaCPRestMethod -method "DELETE" -uri $uri -connection $connection 341 | } 342 | 343 | } 344 | 345 | End { 346 | } 347 | 348 | } 349 | -------------------------------------------------------------------------------- /PowerArubaCP/Public/Enforcement.ps1: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2020, Alexis La Goutte 3 | # 4 | # SPDX-License-Identifier: Apache-2.0 5 | # 6 | 7 | 8 | function Get-ArubaCPEnforcementPolicy { 9 | 10 | <# 11 | .SYNOPSIS 12 | Get Enforcement Policy on CPPM 13 | 14 | .DESCRIPTION 15 | Get Enforcement Policy (Id, name, description, (enforcement_)type, rules ...) 16 | 17 | .EXAMPLE 18 | Get-ArubaCPEnforcementPolicy 19 | 20 | Get ALL Enforcement Policies on the Clearpass 21 | 22 | .EXAMPLE 23 | Get-ArubaCPEnforcementPolicy -id 23 24 | 25 | Get info about Enforcement Policy id 23 on the ClearPass 26 | 27 | .EXAMPLE 28 | Get-ArubaCPEnforcementPolicy Aruba -filter_type contains 29 | 30 | Get info about Enforcement Policy where bae contains Aruba 31 | 32 | .EXAMPLE 33 | Get-ArubaCPEnforcementPolicy -filter_attribute description -filter_type equal -filter_value MAC 34 | 35 | Get info about Enforcement Policies where description equal MAC 36 | 37 | #> 38 | 39 | [CmdLetBinding(DefaultParameterSetName = "Default")] 40 | 41 | Param( 42 | [Parameter (Mandatory = $false)] 43 | [switch]$details, 44 | [Parameter (Mandatory = $false)] 45 | [Parameter (ParameterSetName = "id")] 46 | [int]$id, 47 | [Parameter (Mandatory = $false, Position = 1)] 48 | [Parameter (ParameterSetName = "name")] 49 | [string]$name, 50 | [Parameter (Mandatory = $false)] 51 | [Parameter (ParameterSetName = "filter")] 52 | [string]$filter_attribute, 53 | [Parameter (Mandatory = $false)] 54 | [Parameter (ParameterSetName = "id")] 55 | [Parameter (ParameterSetName = "name")] 56 | [Parameter (ParameterSetName = "filter")] 57 | [ValidateSet('equal', 'contains')] 58 | [string]$filter_type, 59 | [Parameter (Mandatory = $false)] 60 | [Parameter (ParameterSetName = "filter")] 61 | [psobject]$filter_value, 62 | [Parameter (Mandatory = $false)] 63 | [int]$limit, 64 | [Parameter (Mandatory = $False)] 65 | [ValidateNotNullOrEmpty()] 66 | [PSObject]$connection = $DefaultArubaCPConnection 67 | ) 68 | 69 | Begin { 70 | } 71 | 72 | Process { 73 | 74 | if ($connection.version -lt [version]"6.11.0") { 75 | throw "Need ClearPass >= 6.11.0 for use this cmdlet" 76 | } 77 | 78 | $invokeParams = @{ } 79 | 80 | if ( $PsBoundParameters.ContainsKey('limit') ) { 81 | $invokeParams.add( 'limit', $limit ) 82 | } 83 | 84 | switch ( $PSCmdlet.ParameterSetName ) { 85 | "id" { 86 | $filter_value = $id 87 | $filter_attribute = "id" 88 | } 89 | "name" { 90 | $filter_value = $name 91 | $filter_attribute = "name" 92 | } 93 | default { } 94 | } 95 | 96 | if ( $PsBoundParameters.ContainsKey('filter_type') ) { 97 | switch ( $filter_type ) { 98 | "equal" { 99 | $filter_value = @{ "`$eq" = $filter_value } 100 | } 101 | "contains" { 102 | $filter_value = @{ "`$contains" = $filter_value } 103 | } 104 | default { } 105 | } 106 | } 107 | 108 | if ($filter_value -and $filter_attribute) { 109 | $filter = @{ $filter_attribute = $filter_value } 110 | $invokeParams.add( 'filter', $filter ) 111 | } 112 | 113 | $uri = "api/enforcement-policy" 114 | 115 | $epl = Invoke-ArubaCPRestMethod -method "GET" -uri $uri @invokeParams -connection $connection 116 | $epl._embedded.items 117 | } 118 | 119 | End { 120 | } 121 | } 122 | 123 | function Get-ArubaCPEnforcementProfile { 124 | 125 | <# 126 | .SYNOPSIS 127 | Get Enforcement Profile on CPPM 128 | 129 | .DESCRIPTION 130 | Get Enforcement Profile (Id, name, description, type, attributes ...) 131 | 132 | .EXAMPLE 133 | Get-ArubaCPEnforcementProfile 134 | 135 | Get ALL Enforcement Profiles on the Clearpass 136 | 137 | .EXAMPLE 138 | Get-ArubaCPEnforcementProfile -id 23 139 | 140 | Get info about Enforcement Profile id 23 on the ClearPass 141 | 142 | .EXAMPLE 143 | Get-ArubaCPEnforcementProfile Aruba -filter_type contains 144 | 145 | Get info about Enforcement Profile where bae contains Aruba 146 | 147 | .EXAMPLE 148 | Get-ArubaCPEnforcementProfile -filter_attribute description -filter_type equal -filter_value MAC 149 | 150 | Get info about Enforcement Profiles where description equal MAC 151 | 152 | #> 153 | 154 | [CmdLetBinding(DefaultParameterSetName = "Default")] 155 | 156 | Param( 157 | [Parameter (Mandatory = $false)] 158 | [switch]$details, 159 | [Parameter (Mandatory = $false)] 160 | [Parameter (ParameterSetName = "id")] 161 | [int]$id, 162 | [Parameter (Mandatory = $false, Position = 1)] 163 | [Parameter (ParameterSetName = "name")] 164 | [string]$name, 165 | [Parameter (Mandatory = $false)] 166 | [Parameter (ParameterSetName = "filter")] 167 | [string]$filter_attribute, 168 | [Parameter (Mandatory = $false)] 169 | [Parameter (ParameterSetName = "id")] 170 | [Parameter (ParameterSetName = "name")] 171 | [Parameter (ParameterSetName = "filter")] 172 | [ValidateSet('equal', 'contains')] 173 | [string]$filter_type, 174 | [Parameter (Mandatory = $false)] 175 | [Parameter (ParameterSetName = "filter")] 176 | [psobject]$filter_value, 177 | [Parameter (Mandatory = $false)] 178 | [int]$limit, 179 | [Parameter (Mandatory = $False)] 180 | [ValidateNotNullOrEmpty()] 181 | [PSObject]$connection = $DefaultArubaCPConnection 182 | ) 183 | 184 | Begin { 185 | } 186 | 187 | Process { 188 | 189 | if ($connection.version -lt [version]"6.11.0") { 190 | throw "Need ClearPass >= 6.11.0 for use this cmdlet" 191 | } 192 | 193 | $invokeParams = @{ } 194 | 195 | if ( $PsBoundParameters.ContainsKey('limit') ) { 196 | $invokeParams.add( 'limit', $limit ) 197 | } 198 | 199 | switch ( $PSCmdlet.ParameterSetName ) { 200 | "id" { 201 | $filter_value = $id 202 | $filter_attribute = "id" 203 | } 204 | "name" { 205 | $filter_value = $name 206 | $filter_attribute = "name" 207 | } 208 | default { } 209 | } 210 | 211 | if ( $PsBoundParameters.ContainsKey('filter_type') ) { 212 | switch ( $filter_type ) { 213 | "equal" { 214 | $filter_value = @{ "`$eq" = $filter_value } 215 | } 216 | "contains" { 217 | $filter_value = @{ "`$contains" = $filter_value } 218 | } 219 | default { } 220 | } 221 | } 222 | 223 | if ($filter_value -and $filter_attribute) { 224 | $filter = @{ $filter_attribute = $filter_value } 225 | $invokeParams.add( 'filter', $filter ) 226 | } 227 | 228 | $uri = "api/enforcement-profile" 229 | 230 | $epf = Invoke-ArubaCPRestMethod -method "GET" -uri $uri @invokeParams -connection $connection 231 | $epf._embedded.items 232 | } 233 | 234 | End { 235 | } 236 | } -------------------------------------------------------------------------------- /PowerArubaCP/Public/LocalUser.ps1: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2022 Alexis La Goutte 3 | # 4 | # SPDX-License-Identifier: Apache-2.0 5 | # 6 | 7 | function Add-ArubaCPLocaluser { 8 | 9 | <# 10 | .SYNOPSIS 11 | Add a Local User on ClearPass 12 | 13 | .DESCRIPTION 14 | Add a Local User with user_id, username, password, role... 15 | 16 | .EXAMPLE 17 | Add-ArubaCPLocaluser -user_id MyPowerArubaCP_userid -password ( ConvertTo-SecureString MyPassword -AsPlainText -Force ) -role_name "[Employee]" 18 | 19 | Add a Local User with user_id MyPowerArubaCP_userid (same username) and role_name [Employee] 20 | 21 | .EXAMPLE 22 | Add-ArubaCPLocaluser -user_id MyPowerArubaCP_userid -username MyPowerArubaCP_username -password ( ConvertTo-SecureString MyPassword -AsPlainText -Force ) -role_name "[Employee]" 23 | 24 | Add a Local User with user_id MyPowerArubaCP_userid, username MyPowerArubaCP_username and role_name [Employee] 25 | 26 | .EXAMPLE 27 | $mysecurepassword = ConvertTo-SecureString MyPassword -AsPlainText -Force 28 | PS >$attributes = @{ "Sponsor" = "PowerArubaCP" } 29 | PS >Add-ArubaCPLocaluser -user_id MyPowerArubaCP_userid -password $mysecurepassword -role_name "[Employee]" -attributes $attributes 30 | 31 | Add a Local User with user_id MyPowerArubaCP_userid (same username), role_name [Employee] with Sponsor Attributes to PowerArubaCP 32 | #> 33 | 34 | Param( 35 | [Parameter (Mandatory = $false)] 36 | [int]$id, 37 | [Parameter (Mandatory = $true)] 38 | [string]$user_id, 39 | [Parameter (Mandatory = $false)] 40 | [string]$username, 41 | [Parameter (Mandatory = $true)] 42 | [securestring]$password, 43 | [Parameter (Mandatory = $true)] 44 | [string]$role_name, 45 | [Parameter (Mandatory = $false)] 46 | [switch]$enabled, 47 | [Parameter (Mandatory = $false)] 48 | [switch]$change_pwd_next_login, 49 | [Parameter (Mandatory = $false)] 50 | [psobject]$attributes, 51 | [Parameter (Mandatory = $False)] 52 | [ValidateNotNullOrEmpty()] 53 | [PSObject]$connection = $DefaultArubaCPConnection 54 | ) 55 | 56 | Begin { 57 | } 58 | 59 | Process { 60 | 61 | $uri = "api/local-user" 62 | 63 | $_lu = new-Object -TypeName PSObject 64 | 65 | if ( $PsBoundParameters.ContainsKey('id') ) { 66 | $_lu | add-member -name "id" -membertype NoteProperty -Value $id 67 | } 68 | 69 | $_lu | add-member -name "user_id" -membertype NoteProperty -Value $user_id 70 | 71 | if ( $PsBoundParameters.ContainsKey('username') ) { 72 | $_lu | add-member -name "username" -membertype NoteProperty -Value $username 73 | } 74 | else { 75 | #if don't define username use the user_id 76 | $_lu | add-member -name "username" -membertype NoteProperty -Value $user_id 77 | } 78 | 79 | $credentials = New-Object System.Net.NetworkCredential("", $password) 80 | $_lu | add-member -name "password" -membertype NoteProperty -Value $credentials.Password 81 | 82 | $_lu | add-member -name "role_name" -membertype NoteProperty -Value $role_name 83 | 84 | if ( $PsBoundParameters.ContainsKey('enabled') ) { 85 | if ($enabled) { 86 | $_lu | add-member -name "enabled" -membertype NoteProperty -Value $true 87 | } 88 | else { 89 | $_lu | add-member -name "enabled" -membertype NoteProperty -Value $false 90 | } 91 | } 92 | 93 | if ( $PsBoundParameters.ContainsKey('change_pwd_next_login') ) { 94 | if ($change_pwd_next_login) { 95 | $_lu | add-member -name "change_pwd_next_login" -membertype NoteProperty -Value $true 96 | } 97 | else { 98 | $_lu | add-member -name "change_pwd_next_login" -membertype NoteProperty -Value $false 99 | } 100 | } 101 | 102 | if ( $PsBoundParameters.ContainsKey('attributes') ) { 103 | $_lu | add-member -name "attributes" -membertype NoteProperty -Value $attributes 104 | } 105 | 106 | $lu = invoke-ArubaCPRestMethod -method "POST" -body $_lu -uri $uri -connection $connection 107 | $lu 108 | } 109 | 110 | End { 111 | } 112 | } 113 | 114 | function Get-ArubaCPLocaluser { 115 | 116 | <# 117 | .SYNOPSIS 118 | Get Local user info on CPPM 119 | 120 | .DESCRIPTION 121 | Get Local User (user_id, username, password, roles) 122 | 123 | .EXAMPLE 124 | Get-ArubaCPLocalUser 125 | 126 | Get ALL Local User on the Clearpass 127 | 128 | .EXAMPLE 129 | Get-ArubaCPLocalUser MyPowerArubaCP_userid 130 | 131 | Get info about Local User ID MyPowerArubaCP_userid on the ClearPass 132 | 133 | .EXAMPLE 134 | Get-ArubaCPLocalUser -id 23 135 | 136 | Get info about Local User id 23 on the ClearPass 137 | 138 | .EXAMPLE 139 | Get-ArubaCPLocalUser -username MyPowerArubaCP -filter_type contains 140 | 141 | Get info about Local User username where name contains MyPowerArubaCP 142 | 143 | .EXAMPLE 144 | Get-ArubaCPLocalUser -filter_attribute role -filter_type contains -filter_value Employee 145 | 146 | Get info about Local User where role contains Employee 147 | #> 148 | 149 | [CmdLetBinding(DefaultParameterSetName = "Default")] 150 | 151 | Param( 152 | [Parameter (Mandatory = $false)] 153 | [Parameter (ParameterSetName = "id")] 154 | [int]$id, 155 | [Parameter (Mandatory = $false, Position = 1)] 156 | [Parameter (ParameterSetName = "user_id")] 157 | [string]$user_id, 158 | [Parameter (Mandatory = $false)] 159 | [Parameter (ParameterSetName = "username")] 160 | [string]$username, 161 | [Parameter (Mandatory = $false)] 162 | [Parameter (ParameterSetName = "filter")] 163 | [string]$filter_attribute, 164 | [Parameter (Mandatory = $false)] 165 | [Parameter (ParameterSetName = "id")] 166 | [Parameter (ParameterSetName = "user_id")] 167 | [Parameter (ParameterSetName = "username")] 168 | [Parameter (ParameterSetName = "filter")] 169 | [ValidateSet('equal', 'contains')] 170 | [string]$filter_type, 171 | [Parameter (Mandatory = $false)] 172 | [Parameter (ParameterSetName = "filter")] 173 | [psobject]$filter_value, 174 | [Parameter (Mandatory = $false)] 175 | [int]$limit, 176 | [Parameter (Mandatory = $False)] 177 | [ValidateNotNullOrEmpty()] 178 | [PSObject]$connection = $DefaultArubaCPConnection 179 | ) 180 | 181 | Begin { 182 | } 183 | 184 | Process { 185 | 186 | $invokeParams = @{ } 187 | if ( $PsBoundParameters.ContainsKey('limit') ) { 188 | $invokeParams.add( 'limit', $limit ) 189 | } 190 | 191 | switch ( $PSCmdlet.ParameterSetName ) { 192 | "id" { 193 | $filter_value = $id 194 | $filter_attribute = "id" 195 | } 196 | "user_id" { 197 | $filter_value = $user_id 198 | $filter_attribute = "user_id" 199 | } 200 | "username" { 201 | $filter_value = $username 202 | $filter_attribute = "username" 203 | } 204 | default { } 205 | } 206 | 207 | if ( $PsBoundParameters.ContainsKey('filter_type') ) { 208 | switch ( $filter_type ) { 209 | "equal" { 210 | $filter_value = @{ "`$eq" = $filter_value } 211 | } 212 | "contains" { 213 | $filter_value = @{ "`$contains" = $filter_value } 214 | } 215 | default { } 216 | } 217 | } 218 | 219 | if ($filter_value -and $filter_attribute) { 220 | $filter = @{ $filter_attribute = $filter_value } 221 | $invokeParams.add( 'filter', $filter ) 222 | } 223 | 224 | $uri = "api/local-user" 225 | 226 | $lu = Invoke-ArubaCPRestMethod -method "GET" -uri $uri @invokeParams -connection $connection 227 | 228 | $lu._embedded.items 229 | } 230 | 231 | End { 232 | } 233 | } 234 | 235 | 236 | function Set-ArubaCPLocalUser { 237 | 238 | <# 239 | .SYNOPSIS 240 | Configure a Local User on ClearPass 241 | 242 | .DESCRIPTION 243 | Configure a Local User on ClearPass 244 | 245 | .EXAMPLE 246 | $lu = Get-ArubaCPLocalUser -username MyPowerArubaCP 247 | PS C:\>$lu | Set-ArubaCPLocalUser -username MyPowerArubaCP2 248 | 249 | Change username for user(name) MyPowerArubaCP 250 | 251 | .EXAMPLE 252 | $lu = Get-ArubaCPLocalUser -username MyPowerArubaCP 253 | PS C:\>$lu | Set-ArubaCPLocalUser -password ( ConvertTo-SecureString MyPassword -AsPlainText -Force ) 254 | 255 | Change Password for user(name) MyPowerArubaCP 256 | 257 | .EXAMPLE 258 | $lu = Get-ArubaCPLocalUser -username MyPowerArubaCP 259 | PS C:\>$lu | Set-ArubaCPLocalUser -role "[Guest]" 260 | 261 | Change Role (Guest) for user(name) MyPowerArubaCP 262 | 263 | #> 264 | 265 | [CmdletBinding(SupportsShouldProcess, ConfirmImpact = 'medium')] 266 | Param( 267 | [Parameter (Mandatory = $true, ParameterSetName = "id")] 268 | [int]$id, 269 | [Parameter (Mandatory = $true, ValueFromPipeline = $true, Position = 1, ParameterSetName = "ep")] 270 | [ValidateScript( { Confirm-ArubaCPLocalUser $_ })] 271 | [psobject]$lu, 272 | [Parameter (Mandatory = $false)] 273 | [string]$user_id, 274 | [Parameter (Mandatory = $false)] 275 | [string]$username, 276 | [Parameter (Mandatory = $false)] 277 | [securestring]$password, 278 | [Parameter (Mandatory = $false)] 279 | [string]$role_name, 280 | [Parameter (Mandatory = $false)] 281 | [switch]$enabled, 282 | [Parameter (Mandatory = $false)] 283 | [switch]$change_pwd_next_login, 284 | [Parameter (Mandatory = $false)] 285 | [ValidateNotNullOrEmpty()] 286 | [PSObject]$connection = $DefaultArubaCPConnection 287 | ) 288 | 289 | Begin { 290 | } 291 | 292 | Process { 293 | 294 | #get lu id from Local User ps object 295 | if ($lu) { 296 | $id = $lu.id 297 | } 298 | 299 | $uri = "api/local-user/${id}" 300 | $_lu = new-Object -TypeName PSObject 301 | 302 | if ( $PsBoundParameters.ContainsKey('user_id') ) { 303 | $_lu | add-member -name "user_id" -membertype NoteProperty -Value $user_id 304 | } 305 | 306 | if ( $PsBoundParameters.ContainsKey('username') ) { 307 | $_lu | add-member -name "username" -membertype NoteProperty -Value $username 308 | } 309 | 310 | if ( $PsBoundParameters.ContainsKey('password') ) { 311 | $credentials = New-Object System.Net.NetworkCredential("", $password) 312 | $_lu | add-member -name "password" -membertype NoteProperty -Value $credentials.Password 313 | } 314 | 315 | if ( $PsBoundParameters.ContainsKey('role_name') ) { 316 | $_lu | add-member -name "role_name" -membertype NoteProperty -Value $role_name 317 | } 318 | 319 | if ( $PsBoundParameters.ContainsKey('enabled') ) { 320 | if ( $enabled ) { 321 | $_lu | add-member -name "enabled" -membertype NoteProperty -Value $True 322 | } 323 | else { 324 | $_lu | add-member -name "enabled" -membertype NoteProperty -Value $false 325 | } 326 | } 327 | 328 | if ( $PsBoundParameters.ContainsKey('change_pwd_next_login') ) { 329 | if ( $change_pwd_next_login ) { 330 | $_lu | add-member -name "change_pwd_next_login" -membertype NoteProperty -Value $True 331 | } 332 | else { 333 | $_lu | add-member -name "change_pwd_next_login" -membertype NoteProperty -Value $false 334 | } 335 | } 336 | 337 | if ($PSCmdlet.ShouldProcess($id, 'Configure Local User')) { 338 | $lu = Invoke-ArubaCPRestMethod -method "PATCH" -body $_lu -uri $uri -connection $connection 339 | $lu 340 | } 341 | 342 | } 343 | 344 | End { 345 | } 346 | } 347 | 348 | function Remove-ArubaCPLocalUser { 349 | 350 | <# 351 | .SYNOPSIS 352 | Remove a Local User on ClearPass 353 | 354 | .DESCRIPTION 355 | Remove a Local User on ClearPass 356 | 357 | .EXAMPLE 358 | $lu = Get-ArubaCPLocalUser -username MyPowerArubaCP_username 359 | PS C:\>$lu | Remove-ArubaCPLocalUser 360 | 361 | Remove a Local User with user name MyPowerArubaCP_username 362 | 363 | .EXAMPLE 364 | Remove-ArubaCPLocalUser -id 3001 -confirm:$false 365 | 366 | Remove a Local User with id 3001 and no confirmation 367 | #> 368 | 369 | [CmdletBinding(SupportsShouldProcess, ConfirmImpact = 'high')] 370 | Param( 371 | [Parameter (Mandatory = $true, ParameterSetName = "id")] 372 | [int]$id, 373 | [Parameter (Mandatory = $true, ValueFromPipeline = $true, Position = 1, ParameterSetName = "ep")] 374 | [ValidateScript( { Confirm-ArubaCPLocalUser $_ })] 375 | [psobject]$lu, 376 | [Parameter (Mandatory = $False)] 377 | [ValidateNotNullOrEmpty()] 378 | [PSObject]$connection = $DefaultArubaCPConnection 379 | ) 380 | 381 | Begin { 382 | } 383 | 384 | Process { 385 | 386 | #get Local User id from lp ps object 387 | if ($lu) { 388 | $id = $lu.id 389 | $user_id = "(" + $lu.user_id + ")" 390 | } 391 | 392 | $uri = "api/local-user/${id}" 393 | 394 | if ($PSCmdlet.ShouldProcess("$id $user_id", 'Remove Local User')) { 395 | Invoke-ArubaCPRestMethod -method "DELETE" -uri $uri -connection $connection 396 | } 397 | 398 | } 399 | 400 | End { 401 | } 402 | 403 | } -------------------------------------------------------------------------------- /PowerArubaCP/Public/Platform.ps1: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2018-2020, Alexis La Goutte 3 | # 4 | # SPDX-License-Identifier: Apache-2.0 5 | # 6 | 7 | function Get-ArubaCPCPPMVersion { 8 | 9 | <# 10 | .SYNOPSIS 11 | Get CPPM Version info on CPPM 12 | 13 | .DESCRIPTION 14 | Get CPPM Version (major, minor, hardware, eval... ) 15 | 16 | .EXAMPLE 17 | Get-ArubaCPCPPMVersion 18 | 19 | Get CPPM Version 20 | 21 | #> 22 | 23 | 24 | Param( 25 | [Parameter (Mandatory = $False)] 26 | [ValidateNotNullOrEmpty()] 27 | [PSObject]$connection = $DefaultArubaCPConnection 28 | ) 29 | 30 | Begin { 31 | } 32 | 33 | Process { 34 | 35 | $uri = "api/cppm-version" 36 | 37 | $cv = Invoke-ArubaCPRestMethod -method "GET" -uri $uri -connection $connection 38 | 39 | $cv 40 | } 41 | 42 | End { 43 | } 44 | } 45 | 46 | function Get-ArubaCPServerConfiguration { 47 | 48 | <# 49 | .SYNOPSIS 50 | Get Server Configuration info on CPPM 51 | 52 | .DESCRIPTION 53 | Get Server Configuration (name, uuid, server / management ip... ) 54 | 55 | .EXAMPLE 56 | Get-ArubaCPServerConfiguration 57 | 58 | Get Server Configuration 59 | 60 | #> 61 | 62 | [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSReviewUnusedParameter", '')] #False positive see https://github.com/PowerShell/PSScriptAnalyzer/issues/1472 63 | [CmdLetBinding(DefaultParameterSetName = "Default")] 64 | 65 | Param( 66 | [Parameter (Mandatory = $false, ParameterSetName = "uuid")] 67 | [string]$uuid, 68 | [Parameter (Mandatory = $false, ParameterSetName = "name")] 69 | [string]$name, 70 | [Parameter (Mandatory = $false, ParameterSetName = "ip_address")] 71 | [ipaddress]$ip_address, 72 | [Parameter (Mandatory = $False)] 73 | [ValidateNotNullOrEmpty()] 74 | [PSObject]$connection = $DefaultArubaCPConnection 75 | ) 76 | 77 | Begin { 78 | } 79 | 80 | Process { 81 | 82 | $uri = "api/cluster/server" 83 | 84 | $sc = Invoke-ArubaCPRestMethod -method "GET" -uri $uri -connection $connection 85 | 86 | switch ( $PSCmdlet.ParameterSetName ) { 87 | "uuid" { $sc._embedded.items | Where-Object { $_.server_uuid -eq $uuid } } 88 | "name" { $sc._embedded.items | Where-Object { $_.name -eq $name } } 89 | "ip_address" { $sc._embedded.items | Where-Object { $_.management_ip -eq $ip_address } } 90 | default { $sc._embedded.items } 91 | } 92 | } 93 | 94 | End { 95 | } 96 | } 97 | function Get-ArubaCPServerVersion { 98 | 99 | <# 100 | .SYNOPSIS 101 | Get Server Version info on CPPM 102 | 103 | .DESCRIPTION 104 | Get Server Version (CPPM version, Guest, Installed Patches ) 105 | 106 | .EXAMPLE 107 | Get-ArubaCPServerVersion 108 | 109 | Get Server Version 110 | 111 | #> 112 | 113 | 114 | Param( 115 | [Parameter (Mandatory = $False)] 116 | [ValidateNotNullOrEmpty()] 117 | [PSObject]$connection = $DefaultArubaCPConnection 118 | ) 119 | 120 | Begin { 121 | } 122 | 123 | Process { 124 | 125 | $uri = "api/server/version" 126 | 127 | $sv = Invoke-ArubaCPRestMethod -method "GET" -uri $uri -connection $connection 128 | 129 | $sv 130 | } 131 | 132 | End { 133 | } 134 | } -------------------------------------------------------------------------------- /PowerArubaCP/Public/Role.ps1: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2022, Alexis La Goutte 3 | # 4 | # SPDX-License-Identifier: Apache-2.0 5 | # 6 | 7 | function Add-ArubaCPRole { 8 | 9 | <# 10 | .SYNOPSIS 11 | Add a Role on ClearPass 12 | 13 | .DESCRIPTION 14 | Add a Role with id, name, description 15 | 16 | .EXAMPLE 17 | Add-ArubaCPRole -name MyPowerArubaCP_role 18 | 19 | Add a Role with name MyPowerArubaCP_role 20 | 21 | .EXAMPLE 22 | Add-ArubaCPRole -name MyPowerArubaCP_role -description "Add via PowerArubaCP" 23 | 24 | Add a Role with name MyPowerArubaCP_role with a description 25 | 26 | #> 27 | 28 | Param( 29 | [Parameter (Mandatory = $false)] 30 | [int]$id, 31 | [Parameter (Mandatory = $true)] 32 | [string]$name, 33 | [Parameter (Mandatory = $false)] 34 | [string]$description, 35 | [Parameter (Mandatory = $False)] 36 | [ValidateNotNullOrEmpty()] 37 | [PSObject]$connection = $DefaultArubaCPConnection 38 | ) 39 | 40 | Begin { 41 | } 42 | 43 | Process { 44 | 45 | $uri = "api/role" 46 | 47 | $_r = new-Object -TypeName PSObject 48 | 49 | if ( $PsBoundParameters.ContainsKey('id') ) { 50 | $_r | add-member -name "id" -membertype NoteProperty -Value $id 51 | } 52 | 53 | $_r | add-member -name "name" -membertype NoteProperty -Value $name 54 | 55 | if ( $PsBoundParameters.ContainsKey('description') ) { 56 | $_r | add-member -name "description" -membertype NoteProperty -Value $description 57 | } 58 | 59 | $r = invoke-ArubaCPRestMethod -method "POST" -body $_r -uri $uri -connection $connection 60 | $r 61 | } 62 | 63 | End { 64 | } 65 | 66 | } 67 | 68 | function Get-ArubaCPRole { 69 | 70 | <# 71 | .SYNOPSIS 72 | Get Role info on CPPM 73 | 74 | .DESCRIPTION 75 | Get Role (name, description) 76 | 77 | .EXAMPLE 78 | Get-ArubaCPRole 79 | 80 | Get ALL Role on the Clearpass 81 | 82 | .EXAMPLE 83 | Get-ArubaCPRole MyPowerArubaCP_role 84 | 85 | Get info about Role name MyPowerArubaCP_role on the ClearPass 86 | 87 | .EXAMPLE 88 | Get-ArubaCPRole -id 23 89 | 90 | Get info about Role id 23 on the ClearPass 91 | 92 | .EXAMPLE 93 | Get-ArubaCPRole -name MyPowerArubaCP -filter_type contains 94 | 95 | Get info about Role username where name contains MyPowerArubaCP 96 | 97 | .EXAMPLE 98 | Get-ArubaCPRole -filter_attribute description -filter_type contains -filter_value PowerArubaCP 99 | 100 | Get info about Role where description contains PowerArubaCP 101 | #> 102 | 103 | [CmdLetBinding(DefaultParameterSetName = "Default")] 104 | 105 | Param( 106 | [Parameter (Mandatory = $false)] 107 | [Parameter (ParameterSetName = "id")] 108 | [int]$id, 109 | [Parameter (Mandatory = $false, Position = 1)] 110 | [Parameter (ParameterSetName = "name")] 111 | [string]$name, 112 | [Parameter (Mandatory = $false)] 113 | [Parameter (ParameterSetName = "filter")] 114 | [string]$filter_attribute, 115 | [Parameter (Mandatory = $false)] 116 | [Parameter (ParameterSetName = "id")] 117 | [Parameter (ParameterSetName = "name")] 118 | [Parameter (ParameterSetName = "filter")] 119 | [ValidateSet('equal', 'contains')] 120 | [string]$filter_type, 121 | [Parameter (Mandatory = $false)] 122 | [Parameter (ParameterSetName = "filter")] 123 | [psobject]$filter_value, 124 | [Parameter (Mandatory = $false)] 125 | [int]$limit, 126 | [Parameter (Mandatory = $False)] 127 | [ValidateNotNullOrEmpty()] 128 | [PSObject]$connection = $DefaultArubaCPConnection 129 | ) 130 | 131 | Begin { 132 | } 133 | 134 | Process { 135 | 136 | $invokeParams = @{ } 137 | if ( $PsBoundParameters.ContainsKey('limit') ) { 138 | $invokeParams.add( 'limit', $limit ) 139 | } 140 | 141 | switch ( $PSCmdlet.ParameterSetName ) { 142 | "id" { 143 | $filter_value = $id 144 | $filter_attribute = "id" 145 | } 146 | "name" { 147 | $filter_value = $name 148 | $filter_attribute = "name" 149 | } 150 | default { } 151 | } 152 | 153 | if ( $PsBoundParameters.ContainsKey('filter_type') ) { 154 | switch ( $filter_type ) { 155 | "equal" { 156 | $filter_value = @{ "`$eq" = $filter_value } 157 | } 158 | "contains" { 159 | $filter_value = @{ "`$contains" = $filter_value } 160 | } 161 | default { } 162 | } 163 | } 164 | 165 | if ($filter_value -and $filter_attribute) { 166 | $filter = @{ $filter_attribute = $filter_value } 167 | $invokeParams.add( 'filter', $filter ) 168 | } 169 | 170 | $uri = "api/role" 171 | 172 | $r = Invoke-ArubaCPRestMethod -method "GET" -uri $uri @invokeParams -connection $connection 173 | 174 | $r._embedded.items 175 | } 176 | 177 | End { 178 | } 179 | 180 | } 181 | 182 | function Set-ArubaCPRole { 183 | 184 | <# 185 | .SYNOPSIS 186 | Configure a Role on ClearPass 187 | 188 | .DESCRIPTION 189 | Configure a Role on ClearPass 190 | 191 | .EXAMPLE 192 | $r = Get-ArubaCPRole -name MyPowerArubaCP_role 193 | PS C:\>$r | Set-ArubaCPRole -username MyPowerArubaCP_role2 194 | 195 | Change role name (MyPowerArubaCP_role2) for role MyPowerArubaCP 196 | 197 | .EXAMPLE 198 | $r = Get-ArubaCPRole -name MyPowerArubaCP_role 199 | PS C:\>$r | Set-ArubaCPRole -description "Modified by PowerArubaCP" 200 | 201 | Change description for role MyPowerArubaCP_role 202 | 203 | #> 204 | 205 | [CmdletBinding(SupportsShouldProcess, ConfirmImpact = 'medium')] 206 | Param( 207 | [Parameter (Mandatory = $true, ParameterSetName = "id")] 208 | [int]$id, 209 | [Parameter (Mandatory = $true, ValueFromPipeline = $true, Position = 1, ParameterSetName = "ep")] 210 | [ValidateScript( { Confirm-ArubaCPRole $_ })] 211 | [psobject]$r, 212 | [Parameter (Mandatory = $false)] 213 | [string]$name, 214 | [Parameter (Mandatory = $false)] 215 | [string]$description, 216 | [Parameter (Mandatory = $false)] 217 | [ValidateNotNullOrEmpty()] 218 | [PSObject]$connection = $DefaultArubaCPConnection 219 | ) 220 | 221 | Begin { 222 | } 223 | 224 | Process { 225 | 226 | #get role id from role ps object 227 | if ($r) { 228 | $id = $r.id 229 | $rname = "(" + $r.name + ")" 230 | } 231 | 232 | $uri = "api/role/${id}" 233 | $_r = new-Object -TypeName PSObject 234 | 235 | if ( $PsBoundParameters.ContainsKey('name') ) { 236 | $_r | add-member -name "name" -membertype NoteProperty -Value $name 237 | } 238 | 239 | if ( $PsBoundParameters.ContainsKey('description') ) { 240 | $_r | add-member -name "description" -membertype NoteProperty -Value $description 241 | } 242 | 243 | if ($PSCmdlet.ShouldProcess("$id $rname", 'Configure Role')) { 244 | $r = Invoke-ArubaCPRestMethod -method "PATCH" -body $_r -uri $uri -connection $connection 245 | $r 246 | } 247 | 248 | } 249 | 250 | End { 251 | } 252 | 253 | } 254 | 255 | function Remove-ArubaCPRole { 256 | 257 | <# 258 | .SYNOPSIS 259 | Remove a Role on ClearPass 260 | 261 | .DESCRIPTION 262 | Remove a Role on ClearPass 263 | 264 | .EXAMPLE 265 | $r = Get-ArubaCPRole -role MyPowerArubaCP_role 266 | PS C:\>$r | Remove-ArubaCPRole 267 | 268 | Remove a Role with user name MyPowerArubaCP_role 269 | 270 | .EXAMPLE 271 | Remove-ArubaCPRole -id 3001 -confirm:$false 272 | 273 | Remove a Role with id 3001 and no confirmation 274 | #> 275 | 276 | [CmdletBinding(SupportsShouldProcess, ConfirmImpact = 'high')] 277 | Param( 278 | [Parameter (Mandatory = $true, ParameterSetName = "id")] 279 | [int]$id, 280 | [Parameter (Mandatory = $true, ValueFromPipeline = $true, Position = 1, ParameterSetName = "ep")] 281 | [ValidateScript( { Confirm-ArubaCPRole $_ })] 282 | [psobject]$r, 283 | [Parameter (Mandatory = $False)] 284 | [ValidateNotNullOrEmpty()] 285 | [PSObject]$connection = $DefaultArubaCPConnection 286 | ) 287 | 288 | Begin { 289 | } 290 | 291 | Process { 292 | 293 | #get Role id from lp ps object 294 | if ($r) { 295 | $id = $r.id 296 | $name = "(" + $r.name + ")" 297 | } 298 | 299 | $uri = "api/role/${id}" 300 | 301 | if ($PSCmdlet.ShouldProcess("$id $name", 'Remove Role')) { 302 | Invoke-ArubaCPRestMethod -method "DELETE" -uri $uri -connection $connection 303 | } 304 | 305 | } 306 | 307 | End { 308 | } 309 | 310 | } -------------------------------------------------------------------------------- /PowerArubaCP/Public/Services.ps1: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2018, Alexis La Goutte 3 | # 4 | # SPDX-License-Identifier: Apache-2.0 5 | # 6 | 7 | function Get-ArubaCPService { 8 | 9 | <# 10 | .SYNOPSIS 11 | Get Service info on CPPM 12 | 13 | .DESCRIPTION 14 | Get Service (Id, Name, Type, Template ....) 15 | 16 | .EXAMPLE 17 | Get-ArubaCPService 18 | 19 | Get ALL Service on the Clearpass 20 | 21 | .EXAMPLE 22 | Get-ArubaCPService SVC-PowerArubaCP 23 | 24 | Get info about Service SVC-PowerArubaCP Aruba on the ClearPass 25 | 26 | .EXAMPLE 27 | Get-ArubaCPService -id 23 28 | 29 | Get info about Service id 23 on the ClearPass 30 | 31 | .EXAMPLE 32 | Get-ArubaCPService PowerArubaCP -filter_type contains 33 | 34 | Get info about Service where name contains PowerArubaCP 35 | 36 | .EXAMPLE 37 | Get-ArubaCPService -filter_attribute type -filter_type equal -filter_value RADIUS 38 | 39 | Get info about Service where type equal RADIUS 40 | 41 | #> 42 | 43 | [CmdLetBinding(DefaultParameterSetName = "Default")] 44 | 45 | Param( 46 | [Parameter (Mandatory = $false)] 47 | [Parameter (ParameterSetName = "id")] 48 | [int]$id, 49 | [Parameter (Mandatory = $false, Position = 1)] 50 | [Parameter (ParameterSetName = "name")] 51 | [string]$Name, 52 | [Parameter (Mandatory = $false)] 53 | [Parameter (ParameterSetName = "filter")] 54 | [string]$filter_attribute, 55 | [Parameter (Mandatory = $false)] 56 | [Parameter (ParameterSetName = "id")] 57 | [Parameter (ParameterSetName = "name")] 58 | [Parameter (ParameterSetName = "filter")] 59 | [ValidateSet('equal', 'contains')] 60 | [string]$filter_type, 61 | [Parameter (Mandatory = $false)] 62 | [Parameter (ParameterSetName = "filter")] 63 | [psobject]$filter_value, 64 | [Parameter (Mandatory = $false)] 65 | [int]$limit, 66 | [Parameter (Mandatory = $False)] 67 | [ValidateNotNullOrEmpty()] 68 | [PSObject]$connection = $DefaultArubaCPConnection 69 | ) 70 | 71 | Begin { 72 | } 73 | 74 | Process { 75 | 76 | if($connection.version -lt [version]"6.8.0"){ 77 | throw "Need ClearPass >= 6.8.0 for use this cmdlet" 78 | } 79 | 80 | $invokeParams = @{ } 81 | if ( $PsBoundParameters.ContainsKey('limit') ) { 82 | $invokeParams.add( 'limit', $limit ) 83 | } 84 | 85 | switch ( $PSCmdlet.ParameterSetName ) { 86 | "id" { 87 | $filter_value = $id 88 | $filter_attribute = "id" 89 | } 90 | "name" { 91 | $filter_value = $name 92 | $filter_attribute = "name" 93 | } 94 | default { } 95 | } 96 | 97 | if ( $PsBoundParameters.ContainsKey('filter_type') ) { 98 | switch ( $filter_type ) { 99 | "equal" { 100 | $filter_value = @{ "`$eq" = $filter_value } 101 | } 102 | "contains" { 103 | $filter_value = @{ "`$contains" = $filter_value } 104 | } 105 | default { } 106 | } 107 | } 108 | 109 | if ($filter_value -and $filter_attribute) { 110 | $filter = @{ $filter_attribute = $filter_value } 111 | $invokeParams.add( 'filter', $filter ) 112 | } 113 | 114 | $uri = "api/config/service" 115 | 116 | $cs = Invoke-ArubaCPRestMethod -method "GET" -uri $uri @invokeParams -connection $connection 117 | 118 | $cs._embedded.items 119 | } 120 | 121 | End { 122 | } 123 | } 124 | 125 | function Enable-ArubaCPService { 126 | 127 | <# 128 | .SYNOPSIS 129 | Enable a Service on ClearPass 130 | 131 | .DESCRIPTION 132 | Enable a Service on ClearPass 133 | 134 | .EXAMPLE 135 | Get-ArubaCPService -name PowerArubaCP | Enable-ArubaCPService 136 | 137 | Enable Service PowerArubaCP 138 | 139 | .EXAMPLE 140 | Get-ArubaCPService -id 1 | Enable-ArubaCPService 141 | 142 | Enable Service with id 1 143 | #> 144 | 145 | Param( 146 | [Parameter (Mandatory = $true, ValueFromPipeline = $true)] 147 | [ValidateScript( { Confirm-ArubaCPService $_ })] 148 | [psobject]$cs, 149 | [ValidateNotNullOrEmpty()] 150 | [PSObject]$connection = $DefaultArubaCPConnection 151 | ) 152 | 153 | Begin { 154 | } 155 | 156 | Process { 157 | 158 | $id = $cs.id 159 | $uri = "api/config/service/${id}/enable" 160 | 161 | $cs = Invoke-ArubaCPRestMethod -method "PATCH" -uri $uri -connection $connection 162 | $cs 163 | } 164 | 165 | End { 166 | } 167 | } 168 | 169 | function Disable-ArubaCPService { 170 | 171 | <# 172 | .SYNOPSIS 173 | Disable a Service on ClearPass 174 | 175 | .DESCRIPTION 176 | Disable a Service on ClearPass 177 | 178 | .EXAMPLE 179 | Get-ArubaCPService -name PowerArubaCP | Disable-ArubaCPService 180 | 181 | Disable Service PowerArubaCP 182 | 183 | .EXAMPLE 184 | Get-ArubaCPService -id 1 | Disable-ArubaCPService 185 | 186 | Disable Service with id 1 187 | #> 188 | 189 | Param( 190 | [Parameter (Mandatory = $true, ValueFromPipeline = $true)] 191 | [ValidateScript( { Confirm-ArubaCPService $_ })] 192 | [psobject]$cs, 193 | [ValidateNotNullOrEmpty()] 194 | [PSObject]$connection = $DefaultArubaCPConnection 195 | ) 196 | 197 | Begin { 198 | } 199 | 200 | Process { 201 | 202 | $id = $cs.id 203 | $uri = "api/config/service/${id}/disable" 204 | 205 | $cs = Invoke-ArubaCPRestMethod -method "PATCH" -uri $uri -connection $connection 206 | $cs 207 | } 208 | 209 | End { 210 | } 211 | } 212 | -------------------------------------------------------------------------------- /PowerArubaCP/en-US/about_PowerArubaCP.help.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PowerAruba/PowerArubaCP/491ec9c27a3db43d8795dd2779bda7fb09fc4d27/PowerArubaCP/en-US/about_PowerArubaCP.help.txt -------------------------------------------------------------------------------- /Tests/.gitignore: -------------------------------------------------------------------------------- 1 | credential.ps1 -------------------------------------------------------------------------------- /Tests/PowerArubaCP.Tests.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PowerAruba/PowerArubaCP/491ec9c27a3db43d8795dd2779bda7fb09fc4d27/Tests/PowerArubaCP.Tests.ps1 -------------------------------------------------------------------------------- /Tests/README.md: -------------------------------------------------------------------------------- 1 | # PowerArubaCP Tests 2 | 3 | ## Pre-Requisites 4 | 5 | The tests don't be to be run on PRODUCTION ClearPass ! there is no warning about change on ClearPass. 6 | It need to be use only for TESTS ! 7 | 8 | An ArubaOS ClearPass with release >= 6.8.x, 6.9.x and 6.10.x 9 | A Token API (See Doc for HOWTO get API) 10 | 11 | These are the required modules for the tests 12 | 13 | Pester 14 | 15 | ## Executing Tests 16 | 17 | Assuming you have git cloned the PowerArubaCP repository. Go on tests folder and copy credentials.example.ps1 to credentials.ps1 and edit to set information about your switch (ipaddress, token) 18 | 19 | Go after on integration folder and launch all tests via 20 | 21 | ```powershell 22 | Invoke-Pester * 23 | ``` 24 | 25 | 34 | 35 | ## Executing Individual Tests 36 | 37 | Tests are broken up according to functional area. If you are working on NetworkDevice functionality for instance, its possible to just run NetworkDevice related tests. 38 | 39 | Example: 40 | 41 | ```powershell 42 | Invoke-Pester NetworkDevice.Tests.ps1 43 | ``` 44 | 45 | if you only launch a sub test (Describe on pester file), you can use for example to 'Add Network Device' part 46 | 47 | ```powershell 48 | Invoke-Pester NetworkDevice.Tests.ps1 -Testname 'Add Network Device' 49 | ``` 50 | 51 | ## Known Issues -------------------------------------------------------------------------------- /Tests/common.ps1: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2019, Alexis La Goutte 3 | # 4 | # SPDX-License-Identifier: Apache-2.0 5 | # 6 | 7 | [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSAvoidUsingConvertToSecureStringWithPlainText", "")] 8 | Param() 9 | 10 | if ("Desktop" -eq $PSVersionTable.PsEdition) { 11 | # -BeOfType is not same on PowerShell Core and Desktop (get int with Desktop and long with Core for number) 12 | $script:pester_longint = "int" 13 | } 14 | else { 15 | $script:pester_longint = "long" 16 | } 17 | 18 | . ../credential.ps1 19 | $script:invokeParams = @{ 20 | server = $ipaddress; 21 | token = $token; 22 | port = $port; 23 | SkipCertificateCheck = $true; 24 | } 25 | 26 | if ($null -eq $port) { 27 | $invokeParams.port = 443 28 | } 29 | 30 | #TODO: Add check if no ipaddress/token info... 31 | Connect-ArubaCP @invokeParams 32 | $script:MySecurePassword = ConvertTo-SecureString MyPassword -AsPlainText -Force 33 | $script:MyNewSecurePassword = ConvertTo-SecureString MyNewassword -AsPlainText -Force 34 | 35 | $script:VersionBefore680 = $DefaultArubaCPConnection.Version -lt [version]"6.8.0" 36 | $script:VersionBefore686 = $DefaultArubaCPConnection.Version -lt [version]"6.8.6" 37 | $script:VersionBefore690 = $DefaultArubaCPConnection.Version -lt [version]"6.9.0" 38 | $script:VersionBefore6100 = $DefaultArubaCPConnection.Version -lt [version]"6.10.0" 39 | $script:VersionBefore6110 = $DefaultArubaCPConnection.Version -lt [version]"6.11.0" 40 | 41 | $script:server_uuid = (Get-ArubaCPServerConfiguration)[0].server_uuid 42 | 43 | Disconnect-ArubaCP -confirm:$false -------------------------------------------------------------------------------- /Tests/credential.example.ps1: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2019, Alexis La Goutte 3 | # 4 | # SPDX-License-Identifier: Apache-2.0 5 | # 6 | 7 | # Copy this file to credential.ps1 (on Tests folder) and change connection settings.. 8 | 9 | $script:ipaddress = "10.44.23.213" 10 | $script:token = "aaaaaaaaaaaaaaaaaa" 11 | 12 | #Uncomment if you want to use another port to access to ClearPass 13 | #script:port = "443" 14 | 15 | #Uncomment if you want to enable add and Remove Application License (recommended to use Onboard license for test...) 16 | #$script:pester_license_type = "Onboard" 17 | #$script:pester_license = " 18 | #-----BEGIN CLEARPASS ONBOARD LICENSE KEY----- 19 | #..... 20 | #-----END CLEARPASS ONBOARD LICENSE KEY-----" -------------------------------------------------------------------------------- /Tests/integration/ApiClient.Tests.ps1: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2019, Alexis La Goutte 3 | # 4 | # SPDX-License-Identifier: Apache-2.0 5 | # 6 | . ../common.ps1 7 | 8 | BeforeAll { 9 | Connect-ArubaCP @invokeParams 10 | } 11 | 12 | Describe "Get API Client" { 13 | 14 | BeforeAll { 15 | #Add 2 entries 16 | Add-ArubaCPApiClient -client_id pester_PowerArubaCP1 -client_secret "mySecret" -client_description "Add by PowerArubaCP" -grant_types "client_credentials" -profile_id 1 17 | Add-ArubaCPApiClient -client_id pester_PowerArubaCP2 -client_secret "mySecret" -client_description "Add by PowerArubaCP" -grant_types "client_credentials" -profile_id 1 18 | } 19 | 20 | It "Get NetworkDevice Does not throw an error" { 21 | { 22 | Get-ArubaCPApiClient 23 | } | Should -Not -Throw 24 | } 25 | 26 | It "Get ALL Api Client" { 27 | $ac = Get-ArubaCPApiClient 28 | $ac.count | Should -Not -Be $NULL 29 | } 30 | 31 | It "Get Api Client (pester_PowerArubaCP1)" { 32 | $ac = Get-ArubaCPApiClient | Where-Object { $_.client_id -eq "pester_PowerArubaCP1" } 33 | $ac.id | Should -Not -BeNullOrEmpty 34 | $ac.client_id | Should -Be "pester_PowerArubaCP1" 35 | $ac.client_secret | Should -Not -BeNullOrEmpty 36 | $ac.client_description | Should -Be "Add by PowerArubaCP" 37 | $ac.grant_types | Should -Be "client_credentials" 38 | $ac.profile_id | Should -Be "1" 39 | } 40 | 41 | It "Get Api Client (pester_PowerArubaCP2) and confirm (via Confirm-ArubaCPApiClient)" { 42 | $ac = Get-ArubaCPApiClient | Where-Object { $_.client_id -eq "pester_PowerArubaCP2" } 43 | Confirm-ArubaCPApiClient $ac | Should -Be $true 44 | } 45 | 46 | It "Search Api Client by client_id (pester_PowerArubaCP1)" { 47 | $ac = Get-ArubaCPApiClient -client_id pester_PowerArubaCP1 48 | @($ac).count | Should -Be 1 49 | $ac.id | Should -Not -BeNullOrEmpty 50 | $ac.client_id | Should -Be "pester_PowerArubaCP1" 51 | $ac.client_description | Should -Be "Add by PowerArubaCP" 52 | } 53 | 54 | It "Search Api Client by client_id (contains *pester*)" { 55 | $ac = Get-ArubaCPApiClient -client_id pester -filter_type contains 56 | @($ac).count | Should -Be 2 57 | } 58 | 59 | AfterAll { 60 | #Remove 2 entries 61 | Get-ArubaCPApiClient -client_id pester_PowerArubaCP1 | Remove-ArubaCPApiClient -confirm:$false 62 | Get-ArubaCPApiClient -client_id pester_PowerArubaCP2 | Remove-ArubaCPApiClient -confirm:$false 63 | } 64 | } 65 | 66 | Describe "Add Api Client" { 67 | 68 | It "Add Api Client with grant types client_credentials and description" { 69 | Add-ArubaCPApiClient -client_id pester_PowerArubaCP1 -client_description "Add by PowerArubaCP" -grant_types "client_credentials" -profile_id 1 70 | $ac = Get-ArubaCPApiClient -client_id pester_PowerArubaCP1 71 | $ac.id | Should -Not -BeNullOrEmpty 72 | $ac.client_id | Should -Not -BeNullOrEmpty 73 | $ac.client_secret | Should -Not -BeNullOrEmpty 74 | $ac.client_description | Should -Be "Add by PowerArubaCP" 75 | $ac.grant_types | Should -Be "client_credentials" 76 | $ac.profile_id | Should -Be "1" 77 | } 78 | 79 | It "Add Api Client with grant type password (refresh_token) and status disabled" { 80 | Add-ArubaCPApiClient -client_id pester_PowerArubaCP1 -grant_types password -profile_id 1 -enabled:$false 81 | $ac = Get-ArubaCPApiClient -client_id pester_PowerArubaCP1 82 | $ac.id | Should -Not -BeNullOrEmpty 83 | $ac.client_id | Should -Be "pester_PowerArubaCP1" 84 | $ac.grant_types | Should -Be "password refresh_token" 85 | $ac.profile_id | Should -Be "1" 86 | $ac.enabled | Should -Be "false" 87 | } 88 | 89 | AfterEach { 90 | Get-ArubaCPApiClient -client_id pester_PowerArubaCP1 | Remove-ArubaCPApiClient -confirm:$false 91 | } 92 | } 93 | 94 | 95 | Describe "Remove Api Client" { 96 | 97 | It "Remove Api Client by id" { 98 | Add-ArubaCPApiClient -client_id pester_PowerArubaCP1 -grant_types "client_credentials" -profile_id 1 99 | $ac = Get-ArubaCPApiClient -client_id pester_PowerArubaCP1 100 | $ac.client_id | Should -Be "pester_PowerArubaCP1" 101 | @($ac).count | Should -Be 1 102 | Remove-ArubaCPApiClient -id $ac.client_id -confirm:$false 103 | $ac = Get-ArubaCPApiClient -client_id pester_PowerArubaCP1 104 | $ac | Should -BeNullOrEmpty 105 | @($ac).count | Should -Be 0 106 | } 107 | 108 | It "Remove Api Client by client_id (and pipeline)" { 109 | Add-ArubaCPApiClient -client_id pester_PowerArubaCP1 -grant_types "client_credentials" -profile_id 1 110 | $ac = Get-ArubaCPApiClient -client_id pester_PowerArubaCP1 111 | $ac.client_id | Should -Be "pester_PowerArubaCP1" 112 | @($ac).count | Should -Be 1 113 | Get-ArubaCPApiClient -client_id pester_PowerArubaCP1 | Remove-ArubaCPApiClient -confirm:$false 114 | $ac = Get-ArubaCPApiClient -client_id pester_PowerArubaCP1 115 | $ac | Should -BeNullOrEmpty 116 | @($ac).count | Should -Be 0 117 | } 118 | 119 | AfterEach { 120 | Get-ArubaCPApiClient -client_id pester_PowerArubaCP1 | Remove-ArubaCPApiClient -confirm:$false 121 | } 122 | } 123 | 124 | AfterAll { 125 | Disconnect-ArubaCP -confirm:$false 126 | } -------------------------------------------------------------------------------- /Tests/integration/ApplicationLicense.Tests.ps1: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2019, Alexis La Goutte 3 | # 4 | # SPDX-License-Identifier: Apache-2.0 5 | # 6 | . ../common.ps1 7 | 8 | BeforeAll { 9 | Connect-ArubaCP @invokeParams 10 | } 11 | 12 | Describe "Get Application License" { 13 | 14 | It "Get Application License Does not throw an error" -Skip:$VersionBefore680 { 15 | { 16 | Get-ArubaCPApplicationLicense 17 | } | Should -Not -Throw 18 | } 19 | 20 | It "Get ALL Application License" -Skip:$VersionBefore680 { 21 | $al = Get-ArubaCPApplicationLicense 22 | @($al).count | Should -Not -Be $NULL 23 | } 24 | 25 | It "Get Application License and confirm" -Skip:$VersionBefore680 { 26 | $al = Get-ArubaCPApplicationLicense 27 | Confirm-ArubaCPApplicationLicense $al[0] | Should -Be $true 28 | } 29 | 30 | It "Get Application License throw a error when use with CPPM <= 6.8.0" -Skip: ($VersionBefore680 -eq 0) { 31 | { Get-ArubaCPApplicationLicense } | Should -Throw "Need ClearPass >= 6.8.0 for use this cmdlet" 32 | } 33 | 34 | } 35 | 36 | Describe "Add and Remove Application License" { 37 | 38 | It "Add Application License ($pester_license_type)" -Skip:( -not ($pester_license -ne $null -and $VersionBefore680 -eq 0) ) { 39 | Add-ArubaCPApplicationLicense -product_name $pester_license_type -license_key $pester_license 40 | $al = Get-ArubaCPApplicationLicense -product_name $pester_license_type #Only check if search work ! 41 | $al.id | Should -Not -BeNullOrEmpty 42 | $al.product_name | Should -Be $pester_license_type 43 | } 44 | 45 | It "Remove Application License ($pester_license_type)" -Skip:( -not ($pester_license -ne $null -and $VersionBefore680 -eq 0)) { 46 | Get-ArubaCPApplicationLicense -product_name $pester_license_type | Remove-ArubaCPApplicationLicense -confirm:$false 47 | $al = Get-ArubaCPApplicationLicense -product_name $pester_license_type 48 | $al | Should -Be $null 49 | } 50 | 51 | } 52 | 53 | AfterAll { 54 | Disconnect-ArubaCP -confirm:$false 55 | } -------------------------------------------------------------------------------- /Tests/integration/AuthMethod.Tests.ps1: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2018-2021, Alexis La Goutte 3 | # 4 | # SPDX-License-Identifier: Apache-2.0 5 | # 6 | . ../common.ps1 7 | 8 | BeforeAll { 9 | Connect-ArubaCP @invokeParams 10 | } 11 | 12 | Describe "Get Auth Method" { 13 | 14 | It "Get Auth Method Does not throw an error" { 15 | { 16 | Get-ArubaCPAuthMethod 17 | } | Should -Not -Throw 18 | } 19 | 20 | It "Get Auth Method" { 21 | $am = Get-ArubaCPAuthMethod 22 | $am.count | Should -Not -Be $NULL 23 | } 24 | 25 | It "Get Auth Method id (id 1)" { 26 | $am = Get-ArubaCPAuthMethod | Where-Object { $_.id -eq "1" } 27 | $am.id | Should -Be "1" 28 | $am.name | Should -Be "[PAP]" 29 | $am.description | Should -Be "Default settings for PAP" 30 | $am.method_type | Should -Be "PAP" 31 | $am.details.encryption_scheme | Should -Be "auto" 32 | } 33 | 34 | #There is no yet Confirm-ArubaCPAuthMethod... 35 | #It "Get Auth Method (id 1) and confirm (via Confirm-ArubaCPAuthMethod)" { 36 | # $am = Get-ArubaCPAuthMethod | Where-Object { $_.id -eq "1" } 37 | # Confirm-ArubaCPAuthMethod $am | Should -Be $true 38 | #} 39 | 40 | It "Search Auth Method by id (1)" { 41 | $am = Get-ArubaCPAuthMethod -id 1 42 | @($am).count | Should -Be 1 43 | $am.id | Should -Not -BeNullOrEmpty 44 | $am.name | Should -Be "[PAP]" 45 | } 46 | 47 | It "Search Auth Method by name ([PAP])" { 48 | $am = Get-ArubaCPAuthMethod -name '[PAP]' 49 | @($am).count | Should -Be 1 50 | $am.id | Should -Not -BeNullOrEmpty 51 | $am.name | Should -Be "[PAP]" 52 | } 53 | 54 | It "Search Auth Method by name (contains *PAP*)" { 55 | $am = Get-ArubaCPAuthMethod -name PAP -filter_type contains 56 | @($am).count | Should -Be 1 57 | $am.id | Should -Not -BeNullOrEmpty 58 | $am.name | Should -Be "[PAP]" 59 | } 60 | 61 | It "Search Auth Method by attribute (method_type equal PAP)" { 62 | $am = Get-ArubaCPAuthMethod -filter_attribute method_type -filter_type equal -filter_value PAP 63 | @($am).count | Should -Be 2 64 | $am.method_type | Should -BeIn "PAP" 65 | } 66 | 67 | } 68 | 69 | AfterAll { 70 | Disconnect-ArubaCP -confirm:$false 71 | } -------------------------------------------------------------------------------- /Tests/integration/AuthSource.Tests.ps1: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2018-2021, Alexis La Goutte 3 | # 4 | # SPDX-License-Identifier: Apache-2.0 5 | # 6 | . ../common.ps1 7 | 8 | BeforeAll { 9 | Connect-ArubaCP @invokeParams 10 | } 11 | 12 | Describe "Get Auth Source" { 13 | 14 | It "Get Auth Source Does not throw an error" { 15 | { 16 | Get-ArubaCPAuthSource 17 | } | Should -Not -Throw 18 | } 19 | 20 | It "Get Auth Source" { 21 | $as = Get-ArubaCPAuthSource 22 | $as.count | Should -Not -Be $NULL 23 | } 24 | 25 | It "Get Auth Source id (id 1)" { 26 | $as = Get-ArubaCPAuthSource | Where-Object { $_.id -eq "1" } 27 | $as.id | Should -Be "1" 28 | $as.name | Should -Be "[Local User Repository]" 29 | $as.type | Should -Be "Local" 30 | $as.use_for_authorization | Should -Be "True" 31 | } 32 | 33 | #There is no yet Confirm-ArubaCPAuthSource... 34 | #It "Get Auth Source (id 1) and confirm (via Confirm-ArubaCPAuthSource)" { 35 | # $as = Get-ArubaCPAuthSource | Where-Object { $_.id -eq "1" } 36 | # Confirm-ArubaCPAuthSource $as | Should -Be $true 37 | #} 38 | 39 | It "Search Auth Source by id (1)" { 40 | $as = Get-ArubaCPAuthSource -id 1 41 | @($as).count | Should -Be 1 42 | $as.id | Should -Not -BeNullOrEmpty 43 | $as.name | Should -Be "[Local User Repository]" 44 | } 45 | 46 | It "Search Auth Source by name ([Local User Repository])" { 47 | $as = Get-ArubaCPAuthSource -name '[Local User Repository]' 48 | @($as).count | Should -Be 1 49 | $as.id | Should -Not -BeNullOrEmpty 50 | $as.name | Should -Be "[Local User Repository]" 51 | } 52 | 53 | It "Search Auth Source by name (contains *Local*)" { 54 | $as = Get-ArubaCPAuthSource -name Local -filter_type contains 55 | @($as).count | Should -Be 1 56 | $as.id | Should -Not -BeNullOrEmpty 57 | $as.name | Should -Be "[Local User Repository]" 58 | } 59 | 60 | It "Search Auth Source by attribute (type equal http)" { 61 | $as = Get-ArubaCPAuthSource -filter_attribute type -filter_type equal -filter_value http 62 | @($as).count | Should -Be 1 63 | $as.type | Should -Be "http" 64 | } 65 | 66 | #Don't work ?! Bug 67 | #It "Search Auth Source by attribute (type equal local)" { 68 | # $as = Get-ArubaCPAuthSource -filter_attribute type -filter_type equal -filter_value http 69 | # @($as).count | Should -Not -BeNullOrEmpty 70 | # $as.type | Should -Be "local" 71 | #} 72 | 73 | } 74 | 75 | AfterAll { 76 | Disconnect-ArubaCP -confirm:$false 77 | } -------------------------------------------------------------------------------- /Tests/integration/Certificates.Tests.ps1: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2021, Cedric Moreau 3 | # 4 | # SPDX-License-Identifier: Apache-2.0 5 | # 6 | . ../common.ps1 7 | 8 | BeforeAll { 9 | Connect-ArubaCP @invokeParams 10 | } 11 | 12 | Describe "Get Cluster Certificates (Get-ArubaCPClusterCertificate)" { 13 | 14 | It "Get Cluster Certificates Does not throw an error" { 15 | { 16 | Get-ArubaCPClusterCertificate 17 | } | Should -Not -Throw 18 | } 19 | 20 | It "Get Cluster Certificates" { 21 | $cc = Get-ArubaCPClusterCertificate 22 | @($cc).count | Should -Not -Be $NULL 23 | } 24 | 25 | It "Get Cluster Certificates and confirm" { 26 | $cc = Get-ArubaCPClusterCertificate 27 | Confirm-ArubaCPServerCertificate $cc | Should -Be $true 28 | } 29 | 30 | It "Get Cluster Certificates with service_id Does not throw an error" { 31 | { 32 | Get-ArubaCPClusterCertificate -service_id 1 33 | } | Should -Not -Throw 34 | } 35 | 36 | It "Get Cluster Certificates with service_name Does not throw an error" -Skip:$VersionBefore6100 { 37 | { 38 | Get-ArubaCPClusterCertificate -service_name "HTTPS(ECC)" 39 | } | Should -Not -Throw 40 | } 41 | 42 | 43 | It "Get Cluster Certificates with service_type Does not throw an error" -Skip:$VersionBefore6100 { 44 | { 45 | Get-ArubaCPClusterCertificate -certificate_type "HTTPS(RSA) Server Certificate" 46 | } | Should -Not -Throw 47 | } 48 | 49 | 50 | It "Get Cluster Certificates with service_id" { 51 | $cc = Get-ArubaCPClusterCertificate -service_id 1 52 | @($cc).count | Should -Not -Be $NULL 53 | } 54 | 55 | It "Get Cluster Certificates with service_name" -Skip:$VersionBefore6100 { 56 | $cc = Get-ArubaCPClusterCertificate -service_name "HTTPS(ECC)" 57 | @($cc).count | Should -Not -Be $NULL 58 | } 59 | 60 | 61 | It "Get Cluster Certificates with service_type" -Skip:$VersionBefore6100 { 62 | $cc = Get-ArubaCPClusterCertificate -certificate_type "HTTPS(RSA) Server Certificate" 63 | @($cc).count | Should -Not -Be $NULL 64 | } 65 | 66 | 67 | } 68 | 69 | Describe "Get Server Certificate (Get-ArubaCPServerCertificate)" { 70 | 71 | It "Get Server Certificate Does not throw an error" { 72 | { 73 | Get-ArubaCPServerCertificate -service_name "RADIUS" -server_uuid $server_uuid 74 | } | Should -Not -Throw 75 | } 76 | 77 | It "Get Server Certificate" { 78 | $cc = Get-ArubaCPServerCertificate -service_name "RadSec" -server_uuid $server_uuid 79 | @($cc).count | Should -Not -Be $NULL 80 | } 81 | 82 | It "Get Server Certificate and confirm" -Skip:$VersionBefore6100 { 83 | $cc = Get-ArubaCPServerCertificate -service_name "HTTPS(RSA)" -server_uuid $server_uuid 84 | Confirm-ArubaCPServerCertificate $cc | Should -Be $true 85 | } 86 | 87 | } 88 | 89 | AfterAll { 90 | Disconnect-ArubaCP -confirm:$false 91 | } -------------------------------------------------------------------------------- /Tests/integration/Connection.Tests.ps1: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2019, Alexis La Goutte 3 | # 4 | # SPDX-License-Identifier: Apache-2.0 5 | # 6 | . ../common.ps1 7 | 8 | Describe "Connect to a ClearPass (using Token)" { 9 | BeforeAll { 10 | #Disconnect "default connection" 11 | Disconnect-ArubaCP -confirm:$false 12 | } 13 | It "Connect to ClearPass (using Token) and check global variable" { 14 | Connect-ArubaCP @invokeParams 15 | $DefaultArubaCPConnection | Should -Not -BeNullOrEmpty 16 | $DefaultArubaCPConnection.server | Should -Be $invokeParams.server 17 | $DefaultArubaCPConnection.token | Should -Be $invokeParams.token 18 | $DefaultArubaCPConnection.port | Should -Be $invokeParams.port 19 | } 20 | It "Disconnect to ClearPass and check global variable" { 21 | Disconnect-ArubaCP -confirm:$false 22 | $DefaultArubaCPConnection | Should -Be $null 23 | } 24 | #TODO: Connect using wrong login/password 25 | 26 | #This test only work with PowerShell 6 / Core (-SkipCertificateCheck don't change global variable but only Invoke-WebRequest/RestMethod) 27 | #This test will be fail, if there is valid certificate...x 28 | It "Throw when try to use Connect-ArubaCP with don't use -SkipCertificateCheck" -Skip:("Desktop" -eq $PSEdition) { 29 | { Connect-ArubaCP $invokeParams.server -Token $invokeParams.token -port $invokeParams.port } | Should -Throw "Unable to connect (certificate)" 30 | Disconnect-ArubaCP -confirm:$false 31 | } 32 | It "Throw when try to use Invoke-ArubaCPRestMethod and not connected" { 33 | { Invoke-ArubaCPRestMethod -uri "api/cppm-version" } | Should -Throw "Not Connected. Connect to the ClearPass with Connect-ArubaCP" 34 | } 35 | } 36 | 37 | Describe "Connect to a ClearPass (using multi connection)" { 38 | BeforeAll { 39 | #Disconnect "default connection" 40 | Disconnect-ArubaCP -confirm:$false 41 | } 42 | 43 | It "Connect to a ClearPass (using token and store on cppm variable)" { 44 | $script:cppm = Connect-ArubaCP @invokeParams -DefaultConnection:$false 45 | $DefaultArubaCPConnection | Should -BeNullOrEmpty 46 | $cppm.server | Should -Be $invokeParams.server 47 | $cppm.token | Should -Be $invokeParams.token 48 | $cppm.port | Should -Be $invokeParams.port 49 | } 50 | 51 | Context "Use Multi connection for call some (Get) cmdlet (Application Licence, Version, NAS, SHL...)" { 52 | It "Use Multi connection for call Get Application License" -Skip:$VersionBefore680 { 53 | { Get-ArubaCPApplicationLicense -connection $cppm } | Should -Not -Throw 54 | } 55 | It "Use Multi connection for call Get Auth(entication) Source" { 56 | { Get-ArubaCPAuthSource -connection $cppm } | Should -Not -Throw 57 | } 58 | It "Use Multi connection for call Get Auth(entication) Method" { 59 | { Get-ArubaCPAuthMethod -connection $cppm } | Should -Not -Throw 60 | } 61 | It "Use Multi connection for call Get CPPM Version" { 62 | { Get-ArubaCPCPPMVersion -connection $cppm } | Should -Not -Throw 63 | } 64 | It "Use Multi connection for call Get Network Device" { 65 | { Get-ArubaCPNetworkDevice -connection $cppm } | Should -Not -Throw 66 | } 67 | It "Use Multi connection for call Get Network Device Group" { 68 | { Get-ArubaCPNetworkDeviceGroup -connection $cppm } | Should -Not -Throw 69 | } 70 | It "Use Multi connection for call Get Server Configuration" { 71 | { Get-ArubaCPServerConfiguration -connection $cppm } | Should -Not -Throw 72 | } 73 | It "Use Multi connection for call Get Server Version" { 74 | { Get-ArubaCPServerVersion -connection $cppm } | Should -Not -Throw 75 | } 76 | It "Use Multi connection for call Get Static Host List" -Skip:$VersionBefore680 { 77 | { Get-ArubaCPStaticHostList -connection $cppm } | Should -Not -Throw 78 | } 79 | It "Use Multi connection for call Get Endpoint" { 80 | { Get-ArubaCPEndpoint -connection $cppm } | Should -Not -Throw 81 | } 82 | It "Use Multi connection for call Get Api Client" { 83 | { Get-ArubaCPApiClient -connection $cppm } | Should -Not -Throw 84 | } 85 | It "Use Multi connection for call Get Service" -Skip:$VersionBefore680 { 86 | { Get-ArubaCPService -connection $cppm } | Should -Not -Throw 87 | } 88 | It "Use Multi connection for call Device Fingerprint" -Skip:$VersionBefore690 { 89 | $ip = (Get-ArubaCPServerConfiguration -connection $cppm).management_ip 90 | { Get-ArubaCPDeviceFingerprint -ip_address $ip -connection $cppm } | Should -Not -Throw 91 | } 92 | It "Use Multi connection for call Get Local User" { 93 | { Get-ArubaCPLocalUser -connection $cppm } | Should -Not -Throw 94 | } 95 | It "Use Multi connection for call Get Cluster Certificate" { 96 | { Get-ArubaCPClusterCertificate -connection $cppm } | Should -Not -Throw 97 | } 98 | It "Use Multi connection for call Get Certificate Trust List" { 99 | { Get-ArubaCPCertTrustList -connection $cppm } | Should -Not -Throw 100 | } 101 | It "Use Multi connection for call Get Service Certificate" { 102 | { Get-ArubaCPServiceCertificate -connection $cppm } | Should -Not -Throw 103 | } 104 | It "Use Multi connection for call Get Enforcement Policy" -Skip:$VersionBefore6110 { 105 | { Get-ArubaCPEnforcementPolicy -connection $cppm } | Should -Not -Throw 106 | } 107 | It "Use Multi connection for call Get Enforcement Profile" -Skip:$VersionBefore6110 { 108 | { Get-ArubaCPEnforcementProfile -connection $cppm } | Should -Not -Throw 109 | } 110 | } 111 | 112 | It "Disconnect to a ClearPass (Multi connection)" { 113 | Disconnect-ArubaCP -connection $cppm -confirm:$false 114 | $DefaultArubaCPConnection | Should -Be $null 115 | } 116 | 117 | } 118 | 119 | Describe "Connect using client_credentials" { 120 | BeforeAll { 121 | #connect... 122 | Connect-ArubaCP @invokeParams 123 | #Create a API Client with client credentials 124 | Add-ArubaCPApiClient -client_id pester_PowerArubaCP -client_secret pester_MySecret -grant_types "client_credentials" -profile_id 1 125 | } 126 | 127 | It "Connect to a ClearPass (using client_credentials and store on cppm variable)" { 128 | $script:cppm = Connect-ArubaCP $invokeParams.server -client_id pester_PowerArubaCP -client_secret pester_MySecret -SkipCertificateCheck -port $invokeParams.port -DefaultConnection:$false 129 | $cppm.server | Should -Be $invokeParams.server 130 | $cppm.token | Should -Not -BeNullOrEmpty 131 | $cppm.port | Should -Be $invokeParams.port 132 | } 133 | 134 | It "Use Multi connection for call Get (Api Client)" { 135 | { Get-ArubaCPApiClient -connection $cppm } | Should -Not -Throw 136 | } 137 | 138 | AfterAll { 139 | #Remove API Client 140 | Get-ArubaCPApiClient -client_id pester_PowerArubaCP | Remove-ArubaCPApiClient -confirm:$false 141 | #And disconnect 142 | Disconnect-ArubaCP -confirm:$false 143 | } 144 | } 145 | 146 | Describe "Invoke ArubaCP RestMethod tests" { 147 | BeforeAll { 148 | #connect... 149 | Connect-ArubaCP @invokeParams 150 | #Add 26 Network Device (NAS) 151 | Add-ArubaCPNetworkDevice -name pester_SW1 -ip_address 192.0.2.1 -radius_secret MySecurePassword -vendor Aruba 152 | Add-ArubaCPNetworkDevice -name pester_SW2 -ip_address 192.0.2.2 -radius_secret MySecurePassword -vendor Aruba 153 | Add-ArubaCPNetworkDevice -name pester_SW3 -ip_address 192.0.2.3 -radius_secret MySecurePassword -vendor Aruba 154 | Add-ArubaCPNetworkDevice -name pester_SW4 -ip_address 192.0.2.4 -radius_secret MySecurePassword -vendor Aruba 155 | Add-ArubaCPNetworkDevice -name pester_SW5 -ip_address 192.0.2.5 -radius_secret MySecurePassword -vendor Aruba 156 | Add-ArubaCPNetworkDevice -name pester_SW6 -ip_address 192.0.2.6 -radius_secret MySecurePassword -vendor Aruba 157 | Add-ArubaCPNetworkDevice -name pester_SW7 -ip_address 192.0.2.7 -radius_secret MySecurePassword -vendor Aruba 158 | Add-ArubaCPNetworkDevice -name pester_SW8 -ip_address 192.0.2.8 -radius_secret MySecurePassword -vendor Aruba 159 | Add-ArubaCPNetworkDevice -name pester_SW9 -ip_address 192.0.2.9 -radius_secret MySecurePassword -vendor Aruba 160 | Add-ArubaCPNetworkDevice -name pester_SW10 -ip_address 192.0.2.10 -radius_secret MySecurePassword -vendor Aruba 161 | Add-ArubaCPNetworkDevice -name pester_SW11 -ip_address 192.0.2.11 -radius_secret MySecurePassword -vendor Aruba 162 | Add-ArubaCPNetworkDevice -name pester_SW12 -ip_address 192.0.2.12 -radius_secret MySecurePassword -vendor Aruba 163 | Add-ArubaCPNetworkDevice -name pester_SW13 -ip_address 192.0.2.13 -radius_secret MySecurePassword -vendor Aruba 164 | Add-ArubaCPNetworkDevice -name pester_SW14 -ip_address 192.0.2.14 -radius_secret MySecurePassword -vendor Aruba 165 | Add-ArubaCPNetworkDevice -name pester_SW15 -ip_address 192.0.2.15 -radius_secret MySecurePassword -vendor Aruba 166 | Add-ArubaCPNetworkDevice -name pester_SW16 -ip_address 192.0.2.16 -radius_secret MySecurePassword -vendor Aruba 167 | Add-ArubaCPNetworkDevice -name pester_SW17 -ip_address 192.0.2.17 -radius_secret MySecurePassword -vendor Aruba 168 | Add-ArubaCPNetworkDevice -name pester_SW18 -ip_address 192.0.2.18 -radius_secret MySecurePassword -vendor Aruba 169 | Add-ArubaCPNetworkDevice -name pester_SW19 -ip_address 192.0.2.19 -radius_secret MySecurePassword -vendor Aruba 170 | Add-ArubaCPNetworkDevice -name pester_SW20 -ip_address 192.0.2.20 -radius_secret MySecurePassword -vendor Aruba 171 | Add-ArubaCPNetworkDevice -name pester_SW21 -ip_address 192.0.2.21 -radius_secret MySecurePassword -vendor Aruba 172 | Add-ArubaCPNetworkDevice -name pester_SW22 -ip_address 192.0.2.22 -radius_secret MySecurePassword -vendor Aruba 173 | Add-ArubaCPNetworkDevice -name pester_SW23 -ip_address 192.0.2.23 -radius_secret MySecurePassword -vendor Aruba 174 | Add-ArubaCPNetworkDevice -name pester_SW24 -ip_address 192.0.2.24 -radius_secret MySecurePassword -vendor Aruba 175 | Add-ArubaCPNetworkDevice -name pester_SW25 -ip_address 192.0.2.25 -radius_secret MySecurePassword -vendor Aruba 176 | Add-ArubaCPNetworkDevice -name pester_SW26 -ip_address 192.0.2.26 -radius_secret MySecurePassword -vendor Aruba 177 | } 178 | 179 | It "Use Invoke-ArubaCPRestMethod without limit parameter" { 180 | #Need to found only less 25 entries... 181 | $response = Invoke-ArubaCPRestMethod -method "GET" -uri "api/network-device" 182 | $nad = $response._embedded.items | where-object { $_.name -match "pester_" } 183 | $nad.count | should -BeLessOrEqual 25 184 | } 185 | 186 | It "Use Invoke-ArubaCPRestMethod with limit parameter" { 187 | $response = Invoke-ArubaCPRestMethod -method "GET" -uri "api/network-device" -limit 1000 188 | $nad = $response._embedded.items | where-object { $_.name -match "pester_" } 189 | $nad.count | Should -Be 26 190 | } 191 | 192 | It "Use Invoke-ArubaCPRestMethod with filter parameter (equal)" { 193 | #Need to found only pester_SW1 194 | $response = Invoke-ArubaCPRestMethod -method "GET" -uri "api/network-device" -filter @{ "name" = "pester_SW1" } 195 | $nad = $response._embedded.items 196 | $nad.count | should -BeLessOrEqual 1 197 | } 198 | 199 | It "Use Invoke-ArubaCPRestMethod with filter parameter (contains)" { 200 | #Need to found only pester_SW1[X] (11 entries) 201 | $response = Invoke-ArubaCPRestMethod -method "GET" -uri "api/network-device" -filter @{ "name" = @{ "`$contains" = "pester_SW1" } } 202 | $nad = $response._embedded.items 203 | $nad.count | should -BeLessOrEqual 11 204 | } 205 | 206 | AfterAll { 207 | #Remove NAD entries... 208 | Get-ArubaCPNetworkDevice -name pester_SW1 | Remove-ArubaCPNetworkDevice -confirm:$false 209 | Get-ArubaCPNetworkDevice -name pester_SW2 | Remove-ArubaCPNetworkDevice -confirm:$false 210 | Get-ArubaCPNetworkDevice -name pester_SW3 | Remove-ArubaCPNetworkDevice -confirm:$false 211 | Get-ArubaCPNetworkDevice -name pester_SW4 | Remove-ArubaCPNetworkDevice -confirm:$false 212 | Get-ArubaCPNetworkDevice -name pester_SW5 | Remove-ArubaCPNetworkDevice -confirm:$false 213 | Get-ArubaCPNetworkDevice -name pester_SW6 | Remove-ArubaCPNetworkDevice -confirm:$false 214 | Get-ArubaCPNetworkDevice -name pester_SW7 | Remove-ArubaCPNetworkDevice -confirm:$false 215 | Get-ArubaCPNetworkDevice -name pester_SW8 | Remove-ArubaCPNetworkDevice -confirm:$false 216 | Get-ArubaCPNetworkDevice -name pester_SW9 | Remove-ArubaCPNetworkDevice -confirm:$false 217 | Get-ArubaCPNetworkDevice -name pester_SW10 | Remove-ArubaCPNetworkDevice -confirm:$false 218 | Get-ArubaCPNetworkDevice -name pester_SW11 | Remove-ArubaCPNetworkDevice -confirm:$false 219 | Get-ArubaCPNetworkDevice -name pester_SW12 | Remove-ArubaCPNetworkDevice -confirm:$false 220 | Get-ArubaCPNetworkDevice -name pester_SW13 | Remove-ArubaCPNetworkDevice -confirm:$false 221 | Get-ArubaCPNetworkDevice -name pester_SW14 | Remove-ArubaCPNetworkDevice -confirm:$false 222 | Get-ArubaCPNetworkDevice -name pester_SW15 | Remove-ArubaCPNetworkDevice -confirm:$false 223 | Get-ArubaCPNetworkDevice -name pester_SW16 | Remove-ArubaCPNetworkDevice -confirm:$false 224 | Get-ArubaCPNetworkDevice -name pester_SW17 | Remove-ArubaCPNetworkDevice -confirm:$false 225 | Get-ArubaCPNetworkDevice -name pester_SW18 | Remove-ArubaCPNetworkDevice -confirm:$false 226 | Get-ArubaCPNetworkDevice -name pester_SW19 | Remove-ArubaCPNetworkDevice -confirm:$false 227 | Get-ArubaCPNetworkDevice -name pester_SW20 | Remove-ArubaCPNetworkDevice -confirm:$false 228 | Get-ArubaCPNetworkDevice -name pester_SW21 | Remove-ArubaCPNetworkDevice -confirm:$false 229 | Get-ArubaCPNetworkDevice -name pester_SW22 | Remove-ArubaCPNetworkDevice -confirm:$false 230 | Get-ArubaCPNetworkDevice -name pester_SW23 | Remove-ArubaCPNetworkDevice -confirm:$false 231 | Get-ArubaCPNetworkDevice -name pester_SW24 | Remove-ArubaCPNetworkDevice -confirm:$false 232 | Get-ArubaCPNetworkDevice -name pester_SW25 | Remove-ArubaCPNetworkDevice -confirm:$false 233 | Get-ArubaCPNetworkDevice -name pester_SW26 | Remove-ArubaCPNetworkDevice -confirm:$false 234 | #And disconnect 235 | Disconnect-ArubaCP -confirm:$false 236 | } 237 | } -------------------------------------------------------------------------------- /Tests/integration/DeviceFingerprint.Tests.ps1: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2021, Alexis La Goutte 3 | # 4 | # SPDX-License-Identifier: Apache-2.0 5 | # 6 | . ../common.ps1 7 | 8 | BeforeAll { 9 | Connect-ArubaCP @invokeParams 10 | } 11 | 12 | Describe "Get Device FingerPrint" { 13 | 14 | BeforeAll { 15 | if ($VersionBefore690 -eq 0) { 16 | #Add 2 entries 17 | Add-ArubaCPDeviceFingerPrint -mac_address 00-01-02-03-04-05 -ip_address 192.0.2.1 18 | Add-ArubaCPDeviceFingerPrint -mac_address 00-01-02-03-04-06 -ip_address 192.0.2.2 19 | #Need to wait the time of profiling... (2 seconds...) 20 | Start-Sleep 2 21 | } 22 | } 23 | 24 | It "Get Endpoint (with mac filter) Does not throw an error" -Skip:$VersionBefore690 { 25 | { 26 | Get-ArubaCPDeviceFingerPrint -mac_address 00-01-02-03-04-05 27 | } | Should -Not -Throw 28 | } 29 | 30 | It "Search Device Fingerprint by mac (00-01-02-03-04-05)" -Skip:$VersionBefore690 { 31 | $dfp = Get-ArubaCPDeviceFingerprint -mac_address 000102030405 32 | $dfp.updated_at | Should -Not -BeNullOrEmpty 33 | $dfp.added_at | Should -Not -BeNullOrEmpty 34 | $dfp.mac | Should -Be "000102030405" 35 | $dfp.device_category | Should -Not -BeNullOrEmpty 36 | $dfp.device_name | Should -Not -BeNullOrEmpty 37 | $dfp.device_family | Should -Not -BeNullOrEmpty 38 | } 39 | 40 | It "Search Device Fingerprint by Endpoint pipeline (00-01-02-03-04-06)" -Skip:$VersionBefore690 { 41 | $dfp = Get-ArubaCPEndpoint -mac_address 000102030406 | Get-ArubaCPDeviceFingerprint 42 | $dfp.updated_at | Should -Not -BeNullOrEmpty 43 | $dfp.added_at | Should -Not -BeNullOrEmpty 44 | $dfp.mac | Should -Be "000102030406" 45 | $dfp.device_category | Should -Not -BeNullOrEmpty 46 | $dfp.device_name | Should -Not -BeNullOrEmpty 47 | $dfp.device_family | Should -Not -BeNullOrEmpty 48 | } 49 | 50 | It "Search Device Fingerprint by ip_address (192.0.2.2)" -Skip:$VersionBefore690 { 51 | $dfp = Get-ArubaCPDeviceFingerprint -ip_address 192.0.2.2 52 | $dfp.updated_at | Should -Not -BeNullOrEmpty 53 | $dfp.added_at | Should -Not -BeNullOrEmpty 54 | $dfp.ip | Should -Be "192.0.2.2" 55 | $dfp.device_category | Should -Not -BeNullOrEmpty 56 | $dfp.device_name | Should -Not -BeNullOrEmpty 57 | $dfp.device_family | Should -Not -BeNullOrEmpty 58 | } 59 | 60 | It "Get Device Fingerprint throw a error when use with CPPM <= 6.9.0" -Skip: ($VersionBefore690 -eq 0) { 61 | { Get-ArubaCPDeviceFingerprint -ip_address 192.0.2.2 } | Should -Throw "Need ClearPass >= 6.9.0 for use this cmdlet" 62 | } 63 | 64 | AfterAll { 65 | if ($VersionBefore690 -eq 0) { 66 | #Remove 2 entries 67 | Get-ArubaCPEndpoint -mac_address 00-01-02-03-04-05 | Remove-ArubaCPEndpoint -confirm:$false 68 | Get-ArubaCPEndpoint -mac_address 00-01-02-03-04-06 | Remove-ArubaCPEndpoint -confirm:$false 69 | } 70 | } 71 | } 72 | 73 | Describe "Add Device Fingerprint" { 74 | 75 | It "Add Device Fingerprint with hostname" -Skip:$VersionBefore690 { 76 | Add-ArubaCPDeviceFingerprint -mac_address 00-01-02-03-04-07 -hostname pester_PowerArubaCP 77 | Start-Sleep 2 78 | $dfp = Get-ArubaCPDeviceFingerprint -mac_address 00-01-02-03-04-07 79 | $dfp.hostname | Should -be "pester_PowerArubaCP" 80 | $dfp.updated_at | Should -Not -BeNullOrEmpty 81 | $dfp.added_at | Should -Not -BeNullOrEmpty 82 | $dfp.mac | Should -Be "000102030407" 83 | $dfp.device_category | Should -Not -BeNullOrEmpty 84 | $dfp.device_name | Should -Not -BeNullOrEmpty 85 | $dfp.device_family | Should -Not -BeNullOrEmpty 86 | } 87 | 88 | It "Add Device Fingerprint with IP (Address)" -Skip:$VersionBefore690 { 89 | Add-ArubaCPDeviceFingerprint -mac_address 00-01-02-03-04-08 -ip_address 192.0.2.1 90 | Start-Sleep 2 91 | $dfp = Get-ArubaCPDeviceFingerprint -mac_address 00-01-02-03-04-08 92 | $dfp.ip | Should -be "192.0.2.1" 93 | $dfp.updated_at | Should -Not -BeNullOrEmpty 94 | $dfp.added_at | Should -Not -BeNullOrEmpty 95 | $dfp.mac | Should -Be "000102030408" 96 | $dfp.device_category | Should -Not -BeNullOrEmpty 97 | $dfp.device_name | Should -Not -BeNullOrEmpty 98 | $dfp.device_family | Should -Not -BeNullOrEmpty 99 | } 100 | 101 | It "Add Device Fingerprint with device information" -Skip:$VersionBefore690 { 102 | Add-ArubaCPDeviceFingerprint -mac_address 00-01-02-03-04-09 -device_category Server -device_family ClearPass -device_name ClearPass VM 103 | Start-Sleep 2 104 | $dfp = Get-ArubaCPDeviceFingerprint -mac_address 00-01-02-03-04-09 105 | $dfp.updated_at | Should -Not -BeNullOrEmpty 106 | $dfp.added_at | Should -Not -BeNullOrEmpty 107 | $dfp.mac | Should -Be "000102030409" 108 | $dfp.device_category | Should -Be "Server" 109 | $dfp.device_name | Should -Be "Clearpass" 110 | $dfp.device_family | Should -Be "ClearPass" 111 | } 112 | 113 | AfterAll { 114 | if ($VersionBefore690 -eq 0) { 115 | Get-ArubaCPEndpoint -mac_address 00-01-02-03-04-07 | Remove-ArubaCPEndpoint -confirm:$false 116 | Get-ArubaCPEndpoint -mac_address 00-01-02-03-04-08 | Remove-ArubaCPEndpoint -confirm:$false 117 | Get-ArubaCPEndpoint -mac_address 00-01-02-03-04-09 | Remove-ArubaCPEndpoint -confirm:$false 118 | } 119 | } 120 | } 121 | 122 | AfterAll { 123 | Disconnect-ArubaCP -confirm:$false 124 | } -------------------------------------------------------------------------------- /Tests/integration/NetworkDeviceGroup.Tests.ps1: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2019, Alexis La Goutte 3 | # 4 | # SPDX-License-Identifier: Apache-2.0 5 | # 6 | . ../common.ps1 7 | 8 | BeforeAll { 9 | Connect-ArubaCP @invokeParams 10 | } 11 | 12 | Describe "Get Network Device Group" { 13 | 14 | BeforeAll { 15 | #Add 2 entries 16 | Add-ArubaCPNetworkDeviceGroup -name pester_NDG-subnet1 -subnet 192.0.2.0/24 -description "Add via PowerArubaCP" 17 | Add-ArubaCPNetworkDeviceGroup -name pester_NDG-subnet2 -subnet 198.51.100.0/24 -description "Add via PowerArubaCP" 18 | } 19 | 20 | It "Get Network Device Group Does not throw an error" { 21 | { 22 | Get-ArubaCPNetworkDeviceGroup 23 | } | Should -Not -Throw 24 | } 25 | 26 | It "Get ALL Network Device Group" { 27 | $ndg = Get-ArubaCPNetworkDeviceGroup 28 | $ndg.count | Should -Not -Be be $NULL 29 | } 30 | 31 | It "Get Network Device Group (pester_NDG-subnet1)" { 32 | $ndg = Get-ArubaCPNetworkDeviceGroup | Where-Object { $_.name -eq "pester_NDG-subnet1" } 33 | $ndg.id | Should -Not -BeNullOrEmpty 34 | $ndg.name | Should -Be "pester_NDG-subnet1" 35 | } 36 | 37 | It "Get Network Device Group (pester_NDG-subnet1) and confirm (via Confirm-ArubaCPNetworkDeviceGroup)" { 38 | $ndg = Get-ArubaCPNetworkDeviceGroup | Where-Object { $_.name -eq "pester_NDG-subnet1" } 39 | Confirm-ArubaCPNetworkDeviceGroup $ndg | Should -Be $true 40 | } 41 | 42 | It "Search Network Device Group by name (pester_NDG-subnet2)" { 43 | $ndg = Get-ArubaCPNetworkDeviceGroup -name pester_NDG-subnet2 44 | @($ndg).count | Should -Be 1 45 | $ndg.id | Should -Not -BeNullOrEmpty 46 | $ndg.name | Should -Be "pester_NDG-subnet2" 47 | } 48 | 49 | It "Search Network Device Group by name (contains *pester*)" { 50 | $ndg = Get-ArubaCPNetworkDeviceGroup -name pester -filter_type contains 51 | @($ndg).count | Should -Be 2 52 | } 53 | 54 | AfterAll { 55 | #Remove 2 entries 56 | Get-ArubaCPNetworkDeviceGroup -name pester_NDG-subnet1 | Remove-ArubaCPNetworkDeviceGroup -confirm:$false 57 | Get-ArubaCPNetworkDeviceGroup -name pester_NDG-subnet2 | Remove-ArubaCPNetworkDeviceGroup -confirm:$false 58 | } 59 | } 60 | 61 | Describe "Add Network Device Group" { 62 | 63 | BeforeAll { 64 | #Add 2 entries 65 | Add-ArubaCPNetworkDevice -name pester_SW1 -ip_address 192.0.2.1 -radius_secret MySecurePassword -vendor Aruba -description "Add by PowerArubaCP" 66 | Add-ArubaCPNetworkDevice -name pester_SW2 -ip_address 192.0.2.2 -radius_secret MySecurePassword -vendor Hewlett-Packard-Enterprise -description "Add by PowerArubaCP" 67 | } 68 | 69 | It "Add Network Device Group with format list (with one IP)" { 70 | Add-ArubaCPNetworkDeviceGroup -name pester_NDG -description "Add via PowerArubaCP" -list_ip 192.0.2.1 71 | $ndg = Get-ArubaCPNetworkDeviceGroup -name pester_NDG 72 | $ndg.id | Should -Not -BeNullOrEmpty 73 | $ndg.name | Should -Be "pester_NDG" 74 | $ndg.description | Should -Be "Add via PowerArubaCP" 75 | $ndg.group_format | Should -Be "list" 76 | $ndg.value | Should -Be "192.0.2.1" 77 | } 78 | 79 | It "Add Network Device Group with format list (with 2 IP)" { 80 | Add-ArubaCPNetworkDeviceGroup -name pester_NDG -description "Add via PowerArubaCP" -list_ip 192.0.2.1, 192.0.2.2 81 | $ndg = Get-ArubaCPNetworkDeviceGroup -name pester_NDG 82 | $ndg.id | Should -Not -BeNullOrEmpty 83 | $ndg.name | Should -Be "pester_NDG" 84 | $ndg.description | Should -Be "Add via PowerArubaCP" 85 | $ndg.group_format | Should -Be "list" 86 | $ndg.value | Should -Be "192.0.2.1, 192.0.2.2" 87 | } 88 | 89 | It "Add Network Device Group with format subnet" { 90 | Add-ArubaCPNetworkDeviceGroup -name pester_NDG -description "Add via PowerArubaCP" -subnet 192.0.2.0/24 91 | $ndg = Get-ArubaCPNetworkDeviceGroup -name pester_NDG 92 | $ndg.id | Should -Not -BeNullOrEmpty 93 | $ndg.name | Should -Be "pester_NDG" 94 | $ndg.description | Should -Be "Add via PowerArubaCP" 95 | $ndg.group_format | Should -Be "subnet" 96 | $ndg.value | Should -Be "192.0.2.0/24" 97 | } 98 | 99 | It "Add Network Device Group with format regex" { 100 | Add-ArubaCPNetworkDeviceGroup -name pester_NDG -description "Add via PowerArubaCP" -regex "^192(.[0-9]*){3}$" 101 | $ndg = Get-ArubaCPNetworkDeviceGroup -name pester_NDG 102 | $ndg.id | Should -Not -BeNullOrEmpty 103 | $ndg.name | Should -Be "pester_NDG" 104 | $ndg.description | Should -Be "Add via PowerArubaCP" 105 | $ndg.group_format | Should -Be "regex" 106 | $ndg.value | Should -Be "^192(.[0-9]*){3}$" 107 | } 108 | 109 | AfterEach { 110 | Get-ArubaCPNetworkDeviceGroup -name pester_NDG | Remove-ArubaCPNetworkDeviceGroup -confirm:$false 111 | } 112 | 113 | AfterAll { 114 | #Remove 2 entries 115 | Get-ArubaCPNetworkDevice -name pester_SW1 | Remove-ArubaCPNetworkDevice -confirm:$false 116 | Get-ArubaCPNetworkDevice -name pester_SW2 | Remove-ArubaCPNetworkDevice -confirm:$false 117 | } 118 | } 119 | 120 | Describe "Add Network Device Group Member" { 121 | 122 | BeforeAll { 123 | #Add 3 entries 124 | Add-ArubaCPNetworkDevice -name pester_SW1 -ip_address 192.0.2.1 -radius_secret MySecurePassword -vendor Aruba -description "Add by PowerArubaCP" 125 | Add-ArubaCPNetworkDevice -name pester_SW2 -ip_address 192.0.2.2 -radius_secret MySecurePassword -vendor Hewlett-Packard-Enterprise -description "Add by PowerArubaCP" 126 | Add-ArubaCPNetworkDevice -name pester_SW3 -ip_address 192.0.2.3 -radius_secret MySecurePassword -vendor Aruba -description "Add by PowerArubaCP" 127 | } 128 | 129 | BeforeEach { 130 | Add-ArubaCPNetworkDeviceGroup -name pester_NDG -description "Add via PowerArubaCP" -list_ip 192.0.2.1 131 | } 132 | 133 | It "Add 1 member to Network Device Group to list_ip (with 1 member before)" { 134 | Get-ArubaCPNetworkDeviceGroup -name pester_NDG | Add-ArubaCPNetworkDeviceGroupMember -list_ip 192.0.2.2 135 | $ndg = Get-ArubaCPNetworkDeviceGroup -name pester_NDG 136 | $ndg.id | Should -Not -BeNullOrEmpty 137 | $ndg.name | Should -Be "pester_NDG" 138 | $ndg.description | Should -Be "Add via PowerArubaCP" 139 | $ndg.group_format | Should -Be "list" 140 | $ndg.value | Should -Be "192.0.2.1, 192.0.2.2" 141 | } 142 | 143 | It "Add 2 members to Network Device Group to list_ip (with 1 member before)" { 144 | Get-ArubaCPNetworkDeviceGroup -name pester_NDG | Add-ArubaCPNetworkDeviceGroupMember -list_ip 192.0.2.2, 192.0.2.3 145 | $ndg = Get-ArubaCPNetworkDeviceGroup -name pester_NDG 146 | $ndg.id | Should -Not -BeNullOrEmpty 147 | $ndg.name | Should -Be "pester_NDG" 148 | $ndg.description | Should -Be "Add via PowerArubaCP" 149 | $ndg.group_format | Should -Be "list" 150 | $ndg.value | Should -Be "192.0.2.1, 192.0.2.2, 192.0.2.3" 151 | } 152 | 153 | AfterEach { 154 | Get-ArubaCPNetworkDeviceGroup -name pester_NDG | Remove-ArubaCPNetworkDeviceGroup -confirm:$false 155 | Get-ArubaCPNetworkDeviceGroup -name pester_NDG2 | Remove-ArubaCPNetworkDeviceGroup -confirm:$false 156 | } 157 | 158 | AfterAll { 159 | #Remove 3 entries 160 | Get-ArubaCPNetworkDevice -name pester_SW1 | Remove-ArubaCPNetworkDevice -confirm:$false 161 | Get-ArubaCPNetworkDevice -name pester_SW2 | Remove-ArubaCPNetworkDevice -confirm:$false 162 | Get-ArubaCPNetworkDevice -name pester_SW3 | Remove-ArubaCPNetworkDevice -confirm:$false 163 | } 164 | 165 | } 166 | 167 | Describe "Set Network Device Group" { 168 | 169 | BeforeAll { 170 | #Add 3 entries 171 | Add-ArubaCPNetworkDevice -name pester_SW1 -ip_address 192.0.2.1 -radius_secret MySecurePassword -vendor Aruba -description "Add by PowerArubaCP" 172 | Add-ArubaCPNetworkDevice -name pester_SW2 -ip_address 192.0.2.2 -radius_secret MySecurePassword -vendor Hewlett-Packard-Enterprise -description "Add by PowerArubaCP" 173 | Add-ArubaCPNetworkDevice -name pester_SW3 -ip_address 192.0.2.3 -radius_secret MySecurePassword -vendor Aruba -description "Add by PowerArubaCP" 174 | } 175 | 176 | BeforeEach { 177 | Add-ArubaCPNetworkDeviceGroup -name pester_NDG -description "Add via PowerArubaCP" -list_ip 192.0.2.1 178 | } 179 | 180 | It "Set Network Device Group (Name and Description)" { 181 | Get-ArubaCPNetworkDeviceGroup -name pester_NDG | Set-ArubaCPNetworkDeviceGroup -name pester_NDG2 -description "Change via PowerArubaCP" 182 | $ndg = Get-ArubaCPNetworkDeviceGroup -name pester_NDG2 183 | $ndg.name | Should -Be "pester_NDG2" 184 | $ndg.description | Should -Be "Change via PowerArubaCP" 185 | } 186 | 187 | It "Set Network Device Group (Change to list_ip with 1 IP)" { 188 | Get-ArubaCPNetworkDeviceGroup -name pester_NDG | Set-ArubaCPNetworkDeviceGroup -list_ip 192.0.2.2 189 | $ndg = Get-ArubaCPNetworkDeviceGroup -name pester_NDG 190 | $ndg.id | Should -Not -BeNullOrEmpty 191 | $ndg.name | Should -Be "pester_NDG" 192 | $ndg.description | Should -Be "Add via PowerArubaCP" 193 | $ndg.group_format | Should -Be "list" 194 | $ndg.value | Should -Be "192.0.2.2" 195 | } 196 | 197 | It "Set Network Device Group (Change to list_ip with 2 IP)" { 198 | Get-ArubaCPNetworkDeviceGroup -name pester_NDG | Set-ArubaCPNetworkDeviceGroup -list_ip 192.0.2.2, 192.0.2.3 199 | $ndg = Get-ArubaCPNetworkDeviceGroup -name pester_NDG 200 | $ndg.id | Should -Not -BeNullOrEmpty 201 | $ndg.name | Should -Be "pester_NDG" 202 | $ndg.description | Should -Be "Add via PowerArubaCP" 203 | $ndg.group_format | Should -Be "list" 204 | $ndg.value | Should -Be "192.0.2.2, 192.0.2.3" 205 | } 206 | 207 | It "Set Network Device Group (Change to subnet)" { 208 | Get-ArubaCPNetworkDeviceGroup -name pester_NDG | Set-ArubaCPNetworkDeviceGroup -subnet 192.0.2.0/24 209 | $ndg = Get-ArubaCPNetworkDeviceGroup -name pester_NDG 210 | $ndg.id | Should -Not -BeNullOrEmpty 211 | $ndg.name | Should -Be "pester_NDG" 212 | $ndg.description | Should -Be "Add via PowerArubaCP" 213 | $ndg.group_format | Should -Be "subnet" 214 | $ndg.value | Should -Be "192.0.2.0/24" 215 | } 216 | 217 | It "Set Network Device Group (Change to regex)" { 218 | Get-ArubaCPNetworkDeviceGroup -name pester_NDG | Set-ArubaCPNetworkDeviceGroup -regex "^192(.[0-9]*){3}$" 219 | $ndg = Get-ArubaCPNetworkDeviceGroup -name pester_NDG 220 | $ndg.id | Should -Not -BeNullOrEmpty 221 | $ndg.name | Should -Be "pester_NDG" 222 | $ndg.description | Should -Be "Add via PowerArubaCP" 223 | $ndg.group_format | Should -Be "regex" 224 | $ndg.value | Should -Be "^192(.[0-9]*){3}$" 225 | } 226 | 227 | AfterEach { 228 | Get-ArubaCPNetworkDeviceGroup -name pester_NDG | Remove-ArubaCPNetworkDeviceGroup -confirm:$false 229 | Get-ArubaCPNetworkDeviceGroup -name pester_NDG2 | Remove-ArubaCPNetworkDeviceGroup -confirm:$false 230 | } 231 | 232 | AfterAll { 233 | #Remove 3 entries 234 | Get-ArubaCPNetworkDevice -name pester_SW1 | Remove-ArubaCPNetworkDevice -confirm:$false 235 | Get-ArubaCPNetworkDevice -name pester_SW2 | Remove-ArubaCPNetworkDevice -confirm:$false 236 | Get-ArubaCPNetworkDevice -name pester_SW3 | Remove-ArubaCPNetworkDevice -confirm:$false 237 | } 238 | } 239 | 240 | Describe "Remove Network Device Group" { 241 | 242 | It "Remove Network Device Group by id" { 243 | Add-ArubaCPNetworkDeviceGroup -name pester_NDG -subnet 192.0.2.0/24 244 | $ndg = Get-ArubaCPNetworkDeviceGroup -name pester_NDG 245 | $ndg.name | Should -Be "pester_NDG" 246 | @($ndg).count | Should -Be 1 247 | Remove-ArubaCPNetworkDeviceGroup -id $ndg.id -confirm:$false 248 | $ndg = Get-ArubaCPNetworkDeviceGroup -name pester_NDG 249 | $ndg | Should -BeNullOrEmpty 250 | @($ndg).count | Should -Be 0 251 | } 252 | 253 | It "Remove Network Device Group by name (and pipeline)" { 254 | Add-ArubaCPNetworkDeviceGroup -name pester_NDG -subnet 192.0.2.0/24 255 | $ndg = Get-ArubaCPNetworkDeviceGroup -name pester_NDG 256 | $ndg.name | Should -Be "pester_NDG" 257 | @($ndg).count | Should -Be 1 258 | Get-ArubaCPNetworkDeviceGroup -name pester_NDG | Remove-ArubaCPNetworkDeviceGroup -confirm:$false 259 | $ndg = Get-ArubaCPNetworkDeviceGroup -name pester_NDG 260 | $ndg | Should -BeNullOrEmpty 261 | @($ndg).count | Should -Be 0 262 | } 263 | 264 | AfterEach { 265 | Get-ArubaCPNetworkDeviceGroup -name pester_NDG | Remove-ArubaCPNetworkDeviceGroup -confirm:$false 266 | } 267 | 268 | } 269 | 270 | Describe "Remove Network Device Group Member" { 271 | 272 | BeforeAll { 273 | #Add 3 entries 274 | Add-ArubaCPNetworkDevice -name pester_SW1 -ip_address 192.0.2.1 -radius_secret MySecurePassword -vendor Aruba -description "Add by PowerArubaCP" 275 | Add-ArubaCPNetworkDevice -name pester_SW2 -ip_address 192.0.2.2 -radius_secret MySecurePassword -vendor Hewlett-Packard-Enterprise -description "Add by PowerArubaCP" 276 | Add-ArubaCPNetworkDevice -name pester_SW3 -ip_address 192.0.2.3 -radius_secret MySecurePassword -vendor Aruba -description "Add by PowerArubaCP" 277 | } 278 | 279 | It "Remove an entry of Network Device Group with format list and type IPAddress (with 2 IP)" { 280 | $ndg = Add-ArubaCPNetworkDeviceGroup -name pester_NDG -list_ip 192.0.2.1, 192.0.2.2 281 | $ndg.value | Should -Be "192.0.2.1, 192.0.2.2" 282 | #Remove an entry... 283 | $ndg = Get-ArubaCPNetworkDeviceGroup -name pester_NDG | Remove-ArubaCPNetworkDeviceGroupMember -list_ip 192.0.2.1 284 | $ndg.value | Should -Be "192.0.2.2" 285 | } 286 | 287 | It "Remove an entry of Network Device Group with format list and type IPAddress (with 3 IP)" { 288 | $ndg = Add-ArubaCPNetworkDeviceGroup -name pester_NDG -list_ip 192.0.2.1, 192.0.2.2, 192.0.2.3 289 | $ndg.value | Should -Be "192.0.2.1, 192.0.2.2, 192.0.2.3" 290 | #Remove an entry... 291 | $ndg = Get-ArubaCPNetworkDeviceGroup -name pester_NDG | Remove-ArubaCPNetworkDeviceGroupMember -list_ip 192.0.2.1 292 | $ndg.value | Should -Be "192.0.2.2, 192.0.2.3" 293 | } 294 | 295 | It "Throw when remove all Entry" { 296 | Add-ArubaCPNetworkDeviceGroup -name pester_NDG -list_ip 192.0.2.1 297 | { Get-ArubaCPNetworkDeviceGroup -name pester_NDG | Remove-ArubaCPNetworkDeviceGroupMember -list_ip 192.0.2.1 } | Should -Throw "You can't remove all entries. Use Remove-ArubaCPNetworkDeviceGroup to remove Network Device Group" 298 | } 299 | 300 | AfterEach { 301 | Get-ArubaCPNetworkDeviceGroup -name pester_NDG | Remove-ArubaCPNetworkDeviceGroup -confirm:$false 302 | } 303 | 304 | AfterAll { 305 | #Remove 3 entries 306 | Get-ArubaCPNetworkDevice -name pester_SW1 | Remove-ArubaCPNetworkDevice -confirm:$false 307 | Get-ArubaCPNetworkDevice -name pester_SW2 | Remove-ArubaCPNetworkDevice -confirm:$false 308 | Get-ArubaCPNetworkDevice -name pester_SW3 | Remove-ArubaCPNetworkDevice -confirm:$false 309 | } 310 | } 311 | 312 | AfterAll { 313 | Disconnect-ArubaCP -confirm:$false 314 | } -------------------------------------------------------------------------------- /Tests/integration/Platform.tests.ps1: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2020, Alexis La Goutte 3 | # 4 | # SPDX-License-Identifier: Apache-2.0 5 | # 6 | . ../common.ps1 7 | 8 | BeforeAll { 9 | Connect-ArubaCP @invokeParams 10 | } 11 | 12 | Describe "Get Server Configuration" { 13 | 14 | It "Get ServerConfiguration Does not throw an error" { 15 | { 16 | Get-ArubaCPServerConfiguration 17 | } | Should -Not -Throw 18 | } 19 | 20 | It "Get Server Configuration (name, uuid, server / management ip... )" { 21 | $sc = Get-ArubaCPServerConfiguration 22 | $sc.name | Should -Not -Be $NULL 23 | $sc.local_server | Should -Not -Be $NULL 24 | $sc.server_uuid | Should -Not -Be $NULL 25 | $sc.server_dns_name | Should -Not -Be $NULL 26 | $sc.management_ip | Should -Not -Be $NULL 27 | if ($DefaultArubaCPConnection.version -ge "6.10.0") { 28 | $sc.is_publisher | Should -Not -Be $NULL 29 | } 30 | else { 31 | $sc.is_master | Should -Not -Be $NULL 32 | } 33 | $sc.is_insight_enabled | Should -Not -Be $NULL 34 | if ($DefaultArubaCPConnection.version -ge "6.10.0") { 35 | $sc.is_insight_primary | Should -Not -Be $NULL 36 | } 37 | else { 38 | $sc.is_insight_master | Should -Not -Be $NULL 39 | } 40 | $sc.replication_status | Should -Not -Be $NULL 41 | $sc.is_profiler_enabled | Should -Not -Be $NULL 42 | } 43 | } 44 | 45 | 46 | Describe "Get Server Version" { 47 | 48 | It "Get ServerVersion Does not throw an error" { 49 | { 50 | Get-ArubaCPServerVersion 51 | } | Should -Not -Throw 52 | } 53 | 54 | It "Get Server Version (CPPM, Guest, Installed Patches)" { 55 | $sv = Get-ArubaCPServerVersion 56 | $sv.cppm_version | Should -Not -Be $NULL 57 | $sv.guest_version | Should -Not -Be $NULL 58 | #No installed patches when it is the first build... (6.10.0...) 59 | if ($DefaultArubaCPConnection.version.build -ne "0") { 60 | $sv.installed_patches | Should -Not -Be $NULL 61 | } 62 | } 63 | } 64 | 65 | Describe "Get CPPM Version" { 66 | 67 | It "Get CPPMVersion Does not throw an error" { 68 | { 69 | Get-ArubaCPCPPMVersion 70 | } | Should -Not -Throw 71 | } 72 | 73 | It "Get CPPM Version (Major, Minor, service, hardware...)" { 74 | $cv = Get-ArubaCPCPPMVersion 75 | $cv.app_major_version | Should -Be "6" 76 | $cv.app_minor_version | Should -BeIn (8..12) 77 | $cv.app_service_release | Should -BeIn (0..15) 78 | $cv.app_build_number | Should -Not -Be $NULL 79 | $cv.hardware_version | Should -Not -Be $NULL 80 | $cv.fips_enabled | Should -Not -Be $NULL 81 | $cv.eval_license | Should -Not -Be $NULL 82 | $cv.cloud_mode | Should -Not -Be $NULL 83 | } 84 | } 85 | 86 | AfterAll { 87 | Disconnect-ArubaCP -confirm:$false 88 | } -------------------------------------------------------------------------------- /Tests/integration/Role.Tests.ps1: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2022, Alexis La Goutte 3 | # 4 | # SPDX-License-Identifier: Apache-2.0 5 | # 6 | . ../common.ps1 7 | 8 | BeforeAll { 9 | Connect-ArubaCP @invokeParams 10 | } 11 | 12 | Describe "Get Role" { 13 | 14 | BeforeAll { 15 | #Add 2 Role... 16 | Add-ArubaCPRole -name pester_PowerArubaCP_1 17 | Add-ArubaCPRole -name pester_PowerArubaCP_2 -description "Add by PowerArubaCP" 18 | } 19 | 20 | It "Get Role Does not throw an error" { 21 | { 22 | Get-ArubaCPRole -limit 100 23 | } | Should -Not -Throw 24 | } 25 | 26 | It "Get ALL Role(s)" { 27 | $r = Get-ArubaCPRole -limit 100 28 | $r.count | Should -Not -Be $NULL 29 | } 30 | 31 | It "Get Role (pester_PowerArubaCP_1)" { 32 | $r = Get-ArubaCPRole -limit 100 | Where-Object { $_.name -eq "pester_PowerArubaCP_1" } 33 | $r.id | Should -Not -BeNullOrEmpty 34 | $r.name | Should -Be "pester_PowerArubaCP_1" 35 | } 36 | 37 | It "Get Role (pester_PowerArubaCP_2) and confirm (via Confirm-ArubaCPRole)" { 38 | $r = Get-ArubaCPRole -limit 100 | Where-Object { $_.name -eq "pester_PowerArubaCP_2" } 39 | Confirm-ArubaCPRole $r | Should -Be $true 40 | } 41 | 42 | Context "Search" { 43 | 44 | It "Search Role by name (pester_PowerArubaCP_2)" { 45 | $r = Get-ArubaCPRole -name pester_PowerArubaCP_2 46 | @($r).count | Should -Be 1 47 | $r.id | Should -Not -BeNullOrEmpty 48 | $r.name | Should -Be "pester_PowerArubaCP_2" 49 | } 50 | 51 | It "Search Role by name (pester_PowerArubaCP_2) with position 1" { 52 | $r = Get-ArubaCPRole pester_PowerArubaCP_2 53 | @($r).count | Should -Be 1 54 | $r.id | Should -Not -BeNullOrEmpty 55 | $r.name | Should -Be "pester_PowerArubaCP_2" 56 | } 57 | 58 | It "Search Role by name (contains *pester*)" { 59 | $r = Get-ArubaCPRole -name pester -filter_type contains 60 | @($r).count | Should -Be 2 61 | } 62 | 63 | It "Search Role by attribute (name contains PowerArubaCP)" { 64 | $r = Get-ArubaCPRole -filter_attribute description -filter_type contains -filter_value PowerArubaCP 65 | @($r).count | Should -Be 1 66 | } 67 | 68 | } 69 | 70 | AfterAll { 71 | #Remove 2 entries 72 | Get-ArubaCPRole -name pester_PowerArubaCP_1 | Remove-ArubaCPRole -confirm:$false 73 | Get-ArubaCPRole -name pester_PowerArubaCP_2 | Remove-ArubaCPRole -confirm:$false 74 | } 75 | } 76 | 77 | Describe "Add Role" { 78 | 79 | It "Add Role with mandatory Parameter (name)" { 80 | Add-ArubaCPRole -name pester_PowerArubaCP_1 81 | $r = Get-ArubaCPRole -name pester_PowerArubaCP_1 82 | $r.id | Should -Not -BeNullOrEmpty 83 | $r.name | Should -Be "pester_PowerArubaCP_1" 84 | #$r.description | Should -Be "" 85 | } 86 | 87 | It "Add Role with description" { 88 | Add-ArubaCPRole -name pester_PowerArubaCP_1 -description "Add via PowerArubaCP" 89 | $r = Get-ArubaCPRole -name pester_PowerArubaCP_1 90 | $r.id | Should -Not -BeNullOrEmpty 91 | $r.name | Should -Be "pester_PowerArubaCP_1" 92 | $r.description | Should -Be "Add via PowerArubaCP" 93 | } 94 | 95 | AfterEach { 96 | Get-ArubaCPRole -name pester_PowerArubaCP_1 | Remove-ArubaCPRole -confirm:$false 97 | } 98 | } 99 | 100 | Describe "Configure Role" { 101 | BeforeEach { 102 | #Add 1 entry 103 | Add-ArubaCPRole -name pester_PowerArubaCP_1 104 | } 105 | 106 | It "Change name Role (pester_PowerArubaCP_1 => pester_PowerArubaCP_2)" { 107 | Get-ArubaCPRole -name pester_PowerArubaCP_1 | Set-ArubaCPRole -name pester_PowerArubaCP_2 108 | $r = Get-ArubaCPRole -name pester_PowerArubaCP_2 109 | $r.id | Should -Not -BeNullOrEmpty 110 | $r.name | Should -Be "pester_PowerArubaCP_2" 111 | } 112 | 113 | It "Change description Role" { 114 | Get-ArubaCPRole -name pester_PowerArubaCP_1 | Set-ArubaCPRole -description "Modified via PowerArubaCP" 115 | $r = Get-ArubaCPRole -name pester_PowerArubaCP_1 116 | $r.id | Should -Not -BeNullOrEmpty 117 | $r.name | Should -Be "pester_PowerArubaCP_1" 118 | $r.description | Should -Be "Modified via PowerArubaCP" 119 | } 120 | 121 | AfterEach { 122 | Get-ArubaCPRole -name pester_PowerArubaCP_1 | Remove-ArubaCPRole -confirm:$false 123 | Get-ArubaCPRole -name pester_PowerArubaCP_2 | Remove-ArubaCPRole -confirm:$false 124 | } 125 | } 126 | 127 | Describe "Remove Role" { 128 | 129 | It "Remove Role by id" { 130 | Add-ArubaCPRole -name pester_PowerArubaCP_1 131 | $r = Get-ArubaCPRole -name pester_PowerArubaCP_1 132 | $r.name | Should -Be "pester_PowerArubaCP_1" 133 | @($r).count | Should -Be 1 134 | Remove-ArubaCPRole -id $r.id -confirm:$false 135 | $r = Get-ArubaCPRole -name pester_PowerArubaCP_1 136 | $r | Should -BeNullOrEmpty 137 | @($r).count | Should -Be 0 138 | } 139 | 140 | It "Remove Role by name (and pipeline)" { 141 | Add-ArubaCPRole -name pester_PowerArubaCP_1 142 | $r = Get-ArubaCPRole -name pester_PowerArubaCP_1 143 | $r.name | Should -Be "pester_PowerArubaCP_1" 144 | @($r).count | Should -Be 1 145 | Get-ArubaCPRole -name pester_PowerArubaCP_1 | Remove-ArubaCPRole -confirm:$false 146 | $r = Get-ArubaCPRole -name pester_PowerArubaCP_1 147 | $r | Should -BeNullOrEmpty 148 | @($r).count | Should -Be 0 149 | } 150 | 151 | AfterEach { 152 | Get-ArubaCPRole -name pester_PowerArubaCP_1 | Remove-ArubaCPRole -confirm:$false 153 | } 154 | } 155 | 156 | AfterAll { 157 | Disconnect-ArubaCP -confirm:$false 158 | } -------------------------------------------------------------------------------- /Tests/integration/Services.Tests.ps1: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2018-2020, Alexis La Goutte 3 | # 4 | # SPDX-License-Identifier: Apache-2.0 5 | # 6 | . ../common.ps1 7 | 8 | BeforeAll { 9 | Connect-ArubaCP @invokeParams 10 | } 11 | 12 | Describe "Get Service" { 13 | 14 | It "Get Service Does not throw an error" -Skip:$VersionBefore680 { 15 | { 16 | Get-ArubaCPService 17 | } | Should -Not -Throw 18 | } 19 | 20 | It "Get Service" -Skip:$VersionBefore680 { 21 | $s = Get-ArubaCPService 22 | $s.count | Should -Not -Be $NULL 23 | } 24 | 25 | It "Get Service id (id 1)" -Skip:$VersionBefore680 { 26 | $s = Get-ArubaCPService | Where-Object { $_.id -eq "1" } 27 | $s.id | Should -Be "1" 28 | $s.name | Should -Be "[Policy Manager Admin Network Login Service]" 29 | $s.type | Should -Be "TACACS" 30 | $s.template | Should -Be "TACACS+ Enforcement" 31 | $s.enabled | Should -Be "True" 32 | if ($DefaultArubaCPConnection.version -ge "6.9.6") { 33 | $s.order_No | Should -Be "1" 34 | } 35 | else { 36 | $s.orderNo | Should -Be "1" 37 | } 38 | } 39 | 40 | It "Get Service (id 1) and confirm (via Confirm-ArubaCPService)" -Skip:$VersionBefore680 { 41 | $s = Get-ArubaCPService | Where-Object { $_.id -eq "1" } 42 | Confirm-ArubaCPService $s | Should -Be $true 43 | } 44 | 45 | It "Search Service by id (1)" -Skip:$VersionBefore680 { 46 | $s = Get-ArubaCPService -id 1 47 | @($s).count | Should -Be 1 48 | $s.id | Should -Not -BeNullOrEmpty 49 | $s.name | Should -Be "[Policy Manager Admin Network Login Service]" 50 | } 51 | 52 | It "Search Service by name ([Policy Manager Admin Network Login Service])" -Skip:$VersionBefore680 { 53 | $s = Get-ArubaCPService -name '[Policy Manager Admin Network Login Service]' 54 | @($s).count | Should -Be 1 55 | $s.id | Should -Not -BeNullOrEmpty 56 | $s.name | Should -Be "[Policy Manager Admin Network Login Service]" 57 | } 58 | 59 | It "Search Service by name (contains *Policy*)" -Skip:$VersionBefore680 { 60 | $s = Get-ArubaCPService -name Policy -filter_type contains 61 | @($s).count | Should -Be 1 62 | $s.id | Should -Not -BeNullOrEmpty 63 | $s.name | Should -Be "[Policy Manager Admin Network Login Service]" 64 | } 65 | 66 | #Warning freeze because 6.8.6... 67 | It "Search Service by attribute (type equal RADIUS)" -Skip:$VersionBefore686 { 68 | $s = Get-ArubaCPService -filter_attribute type -filter_type equal -filter_value RADIUS 69 | @($s).count | Should -Be 1 70 | $s.type | Should -be "RADIUS" 71 | } 72 | 73 | It "Get Service throw a error when use with CPPM <= 6.8.0" -Skip: ($VersionBefore680 -eq 0) { 74 | { Get-ArubaCPService } | Should -Throw "Need ClearPass >= 6.8.0 for use this cmdlet" 75 | } 76 | 77 | } 78 | 79 | Describe "Enable / Disable Service" { 80 | 81 | It "Disable Service (id 1)" -Skip:$VersionBefore680 { 82 | $s = Get-ArubaCPService -id 1 83 | $s.enabled | Should -Be "True" 84 | $s = Get-ArubaCPService -id 1 | Disable-ArubaCPService 85 | $s.enabled | Should -Be "false" 86 | } 87 | 88 | It "Enable Service (id 1)" -Skip:$VersionBefore680 { 89 | $s = Get-ArubaCPService -id 1 | Enable-ArubaCPService 90 | $s.enabled | Should -Be "true" 91 | } 92 | 93 | } 94 | 95 | AfterAll { 96 | Disconnect-ArubaCP -confirm:$false 97 | } --------------------------------------------------------------------------------