├── .ansible-lint ├── .github └── ISSUE_TEMPLATE │ ├── bug_report.md │ └── feature_request.md ├── .gitignore ├── .kitchen.yml ├── .yamllint ├── Jenkinsfile ├── LICENSE ├── README.md ├── defaults └── main.yml ├── files ├── Reset-TSGracePeriod.ps1 ├── add_admin_to_psmmaster.ps1 └── aws │ ├── AWS.EC2.Windows.CloudWatch.json │ ├── CloudWatch.ps1 │ ├── Common.ps1 │ ├── PSMConfiguration.ps1 │ └── PSMRegistration.ps1 ├── handlers └── main.yml ├── meta └── main.yml ├── tasks ├── main.yml ├── psm_clean.yml ├── psm_extract.yml ├── psm_hardening.yml ├── psm_install.yml ├── psm_postinstall.yml ├── psm_prerequisites.yml ├── psm_registration.yml └── psm_validateparameters.yml ├── tests ├── ansible.cfg ├── default.yml ├── integration │ └── default │ │ └── pester │ │ └── defaults.tests.ps1 ├── requirements.txt └── scripts │ └── user_data_windows_2016.ps1 └── vars └── main.yml /.ansible-lint: -------------------------------------------------------------------------------- 1 | exclude_paths: 2 | - .*/ 3 | parseable: true 4 | quiet: true 5 | use_default_rules: true 6 | verbosity: 1 7 | skip_list: 8 | - '204' -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/bug_report.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Bug report 3 | about: Create a report to help us improve 4 | title: '' 5 | labels: '' 6 | assignees: '' 7 | 8 | --- 9 | 10 | **Describe the bug** 11 | A clear and concise description of what the bug is. 12 | 13 | **To Reproduce** 14 | Steps to reproduce the behavior: 15 | 1. Go to '...' 16 | 2. Click on '....' 17 | 3. Scroll down to '....' 18 | 4. See error 19 | 20 | **Expected behavior** 21 | A clear and concise description of what you expected to happen. 22 | 23 | **Screenshots** 24 | If applicable, add screenshots to help explain your problem. 25 | 26 | **Environment(please complete the following information):** 27 | - Ansible version 28 | - Deployment environment [e.g. aws, azure, on-prem] 29 | - Version [e.g. 22] 30 | 31 | **Additional context** 32 | Add any other context about the problem here. 33 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/feature_request.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Feature request 3 | about: Suggest an idea for this project 4 | title: '' 5 | labels: '' 6 | assignees: '' 7 | 8 | --- 9 | 10 | **Is your feature request related to a problem? Please describe.** 11 | A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] 12 | 13 | **Describe the solution you'd like** 14 | A clear and concise description of what you want to happen. 15 | 16 | **Describe alternatives you've considered** 17 | A clear and concise description of any alternative solutions or features you've considered. 18 | 19 | **Additional context** 20 | Add any other context or screenshots about the feature request here. 21 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # ignore *.retry files 2 | *.retry 3 | .kitchen.local.yml 4 | .kitchen/ 5 | tests/inventory/hosts 6 | .idea/* 7 | -------------------------------------------------------------------------------- /.kitchen.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | driver: 4 | name: ec2 5 | interface: private 6 | 7 | transport: 8 | name: winrm 9 | port: 5986 10 | winrm_transport: ssl 11 | ssl: true 12 | connect_timeout: 60 13 | connection_retries: 5 14 | username: Administrator 15 | password: Nopass123 16 | 17 | provisioner: 18 | name: ansible_push 19 | verbose: "vvv" 20 | chef_bootstrap_url: nil 21 | remote_user: Administrator 22 | ansible_port: 5986 23 | ansible_connection: winrm 24 | pass_transport_password: true 25 | raw_arguments: "--timeout=3600" 26 | ansible_config: tests/ansible.cfg 27 | ansible_playbook_bin: .testenv/bin/ansible-playbook 28 | playbook: tests/default.yml 29 | 30 | platforms: 31 | - name: psm 32 | driver_plugin: ec2 33 | driver_config: 34 | instance_type: c4.2xlarge 35 | associate_public_ip: false 36 | subnet_filter: 37 | tag: 'Name' 38 | value: 'Jenkins Private Subnet' 39 | security_group_filter: 40 | name: 'ansible-sg' 41 | tags: 42 | created-by: test-kitchen 43 | component-type: psm 44 | kitchen-type: psm 45 | block_device_mappings: 46 | - device_name: /dev/sda1 47 | ebs: 48 | volume_size: 30 49 | delete_on_termination: true 50 | image_search: 51 | owner-id: 801119661308 52 | name: Windows_Server-2016-English-Full-Base-20* 53 | user_data: tests/scripts/user_data_windows_2016.ps1 54 | 55 | suites: 56 | - name: default 57 | -------------------------------------------------------------------------------- /.yamllint: -------------------------------------------------------------------------------- 1 | --- 2 | ignore: | 3 | .*/ 4 | 5 | rules: 6 | braces: 7 | min-spaces-inside: 0 8 | max-spaces-inside: 0 9 | min-spaces-inside-empty: -1 10 | max-spaces-inside-empty: -1 11 | brackets: 12 | min-spaces-inside: 0 13 | max-spaces-inside: 0 14 | min-spaces-inside-empty: -1 15 | max-spaces-inside-empty: -1 16 | colons: 17 | max-spaces-before: 0 18 | max-spaces-after: 1 19 | commas: 20 | max-spaces-before: 0 21 | min-spaces-after: 1 22 | max-spaces-after: 1 23 | comments: 24 | level: warning 25 | require-starting-space: true 26 | min-spaces-from-content: 2 27 | comments-indentation: 28 | level: warning 29 | document-end: disable 30 | document-start: 31 | level: warning 32 | present: true 33 | empty-lines: 34 | max: 2 35 | max-start: 0 36 | max-end: 0 37 | empty-values: 38 | forbid-in-block-mappings: false 39 | forbid-in-flow-mappings: false 40 | hyphens: 41 | max-spaces-after: 1 42 | indentation: 43 | spaces: consistent 44 | indent-sequences: true 45 | check-multi-line-strings: false 46 | key-duplicates: enable 47 | key-ordering: disable 48 | line-length: 49 | max: 350 50 | level: warning 51 | allow-non-breakable-words: true 52 | allow-non-breakable-inline-mappings: false 53 | new-line-at-end-of-file: enable 54 | new-lines: 55 | type: unix 56 | trailing-spaces: enable 57 | truthy: disable 58 | -------------------------------------------------------------------------------- /Jenkinsfile: -------------------------------------------------------------------------------- 1 | pipeline { 2 | agent { 3 | node { 4 | label 'ansible' 5 | } 6 | } 7 | environment { 8 | AWS_REGION = sh(script: 'curl -s http://169.254.169.254/latest/dynamic/instance-identity/document | python3 -c "import json,sys;obj=json.load(sys.stdin);print (obj[\'region\'])"', returnStdout: true).trim() 9 | shortCommit = sh(script: "git log -n 1 --pretty=format:'%h'", returnStdout: true).trim() 10 | } 11 | stages { 12 | stage('Install virtual environment') { 13 | steps { 14 | sh ''' 15 | python3 -m pip install --user virtualenv 16 | python3 -m virtualenv .testenv 17 | source .testenv/bin/activate 18 | pip install -r tests/requirements.txt 19 | ''' 20 | } 21 | } 22 | stage('yamllint validation') { 23 | steps { 24 | sh ''' 25 | source .testenv/bin/activate 26 | yamllint . 27 | ''' 28 | } 29 | } 30 | stage('Provision testing environment') { 31 | steps { 32 | sh ''' 33 | export PATH="$HOME/.rbenv/bin:$PATH" 34 | eval "$(rbenv init -)" 35 | rbenv global 2.5.1 36 | kitchen create 37 | ''' 38 | 39 | } 40 | } 41 | stage('Run playbook on windows machine') { 42 | steps { 43 | sh ''' 44 | export PATH="$HOME/.rbenv/bin:$PATH" 45 | eval "$(rbenv init -)" 46 | rbenv global 2.5.1 47 | source .testenv/bin/activate 48 | kitchen converge 49 | ''' 50 | } 51 | } 52 | } 53 | post { 54 | always { 55 | sh ''' 56 | export PATH="$HOME/.rbenv/bin:$PATH" 57 | eval "$(rbenv init -)" 58 | rbenv global 2.5.1 59 | kitchen destroy 60 | ''' 61 | archiveArtifacts artifacts: 'tests/logs/psm/*.log' 62 | } 63 | } 64 | } 65 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Copyright 2013-2018 CyberArk Software Ltd. https://CyberArk.com. 2 | 3 | Licensed under the Apache License, Version 2.0 (the "License"); 4 | you may not use this file except in compliance with the License. 5 | You may obtain a copy of the License at 6 | 7 | https://www.apache.org/licenses/LICENSE-2.0 8 | 9 | Unless required by applicable law or agreed to in writing, software 10 | distributed under the License is distributed on an "AS IS" BASIS, 11 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | See the License for the specific language governing permissions and 13 | limitations under the License. 14 | 15 | Apache License 16 | Version 2.0, January 2004 17 | https://www.apache.org/licenses/ 18 | 19 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 20 | 21 | 1. Definitions. 22 | 23 | "License" shall mean the terms and conditions for use, reproduction, 24 | and distribution as defined by Sections 1 through 9 of this document. 25 | 26 | "Licensor" shall mean the copyright owner or entity authorized by 27 | the copyright owner that is granting the License. 28 | 29 | "Legal Entity" shall mean the union of the acting entity and all 30 | other entities that control, are controlled by, or are under common 31 | control with that entity. For the purposes of this definition, 32 | "control" means (i) the power, direct or indirect, to cause the 33 | direction or management of such entity, whether by contract or 34 | otherwise, or (ii) ownership of fifty percent (50%) or more of the 35 | outstanding shares, or (iii) beneficial ownership of such entity. 36 | 37 | "You" (or "Your") shall mean an individual or Legal Entity 38 | exercising permissions granted by this License. 39 | 40 | "Source" form shall mean the preferred form for making modifications, 41 | including but not limited to software source code, documentation 42 | source, and configuration files. 43 | 44 | "Object" form shall mean any form resulting from mechanical 45 | transformation or translation of a Source form, including but 46 | not limited to compiled object code, generated documentation, 47 | and conversions to other media types. 48 | 49 | "Work" shall mean the work of authorship, whether in Source or 50 | Object form, made available under the License, as indicated by a 51 | copyright notice that is included in or attached to the work 52 | (an example is provided in the Appendix below). 53 | 54 | "Derivative Works" shall mean any work, whether in Source or Object 55 | form, that is based on (or derived from) the Work and for which the 56 | editorial revisions, annotations, elaborations, or other modifications 57 | represent, as a whole, an original work of authorship. For the purposes 58 | of this License, Derivative Works shall not include works that remain 59 | separable from, or merely link (or bind by name) to the interfaces of, 60 | the Work and Derivative Works thereof. 61 | 62 | "Contribution" shall mean any work of authorship, including 63 | the original version of the Work and any modifications or additions 64 | to that Work or Derivative Works thereof, that is intentionally 65 | submitted to Licensor for inclusion in the Work by the copyright owner 66 | or by an individual or Legal Entity authorized to submit on behalf of 67 | the copyright owner. For the purposes of this definition, "submitted" 68 | means any form of electronic, verbal, or written communication sent 69 | to the Licensor or its representatives, including but not limited to 70 | communication on electronic mailing lists, source code control systems, 71 | and issue tracking systems that are managed by, or on behalf of, the 72 | Licensor for the purpose of discussing and improving the Work, but 73 | excluding communication that is conspicuously marked or otherwise 74 | designated in writing by the copyright owner as "Not a Contribution." 75 | 76 | "Contributor" shall mean Licensor and any individual or Legal Entity 77 | on behalf of whom a Contribution has been received by Licensor and 78 | subsequently incorporated within the Work. 79 | 80 | 2. Grant of Copyright License. Subject to the terms and conditions of 81 | this License, each Contributor hereby grants to You a perpetual, 82 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 83 | copyright license to reproduce, prepare Derivative Works of, 84 | publicly display, publicly perform, sublicense, and distribute the 85 | Work and such Derivative Works in Source or Object form. 86 | 87 | 3. Grant of Patent License. Subject to the terms and conditions of 88 | this License, each Contributor hereby grants to You a perpetual, 89 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 90 | (except as stated in this section) patent license to make, have made, 91 | use, offer to sell, sell, import, and otherwise transfer the Work, 92 | where such license applies only to those patent claims licensable 93 | by such Contributor that are necessarily infringed by their 94 | Contribution(s) alone or by combination of their Contribution(s) 95 | with the Work to which such Contribution(s) was submitted. If You 96 | institute patent litigation against any entity (including a 97 | cross-claim or counterclaim in a lawsuit) alleging that the Work 98 | or a Contribution incorporated within the Work constitutes direct 99 | or contributory patent infringement, then any patent licenses 100 | granted to You under this License for that Work shall terminate 101 | as of the date such litigation is filed. 102 | 103 | 4. Redistribution. You may reproduce and distribute copies of the 104 | Work or Derivative Works thereof in any medium, with or without 105 | modifications, and in Source or Object form, provided that You 106 | meet the following conditions: 107 | 108 | (a) You must give any other recipients of the Work or 109 | Derivative Works a copy of this License; and 110 | 111 | (b) You must cause any modified files to carry prominent notices 112 | stating that You changed the files; and 113 | 114 | (c) You must retain, in the Source form of any Derivative Works 115 | that You distribute, all copyright, patent, trademark, and 116 | attribution notices from the Source form of the Work, 117 | excluding those notices that do not pertain to any part of 118 | the Derivative Works; and 119 | 120 | (d) If the Work includes a "NOTICE" text file as part of its 121 | distribution, then any Derivative Works that You distribute must 122 | include a readable copy of the attribution notices contained 123 | within such NOTICE file, excluding those notices that do not 124 | pertain to any part of the Derivative Works, in at least one 125 | of the following places: within a NOTICE text file distributed 126 | as part of the Derivative Works; within the Source form or 127 | documentation, if provided along with the Derivative Works; or, 128 | within a display generated by the Derivative Works, if and 129 | wherever such third-party notices normally appear. The contents 130 | of the NOTICE file are for informational purposes only and 131 | do not modify the License. You may add Your own attribution 132 | notices within Derivative Works that You distribute, alongside 133 | or as an addendum to the NOTICE text from the Work, provided 134 | that such additional attribution notices cannot be construed 135 | as modifying the License. 136 | 137 | You may add Your own copyright statement to Your modifications and 138 | may provide additional or different license terms and conditions 139 | for use, reproduction, or distribution of Your modifications, or 140 | for any such Derivative Works as a whole, provided Your use, 141 | reproduction, and distribution of the Work otherwise complies with 142 | the conditions stated in this License. 143 | 144 | 5. Submission of Contributions. Unless You explicitly state otherwise, 145 | any Contribution intentionally submitted for inclusion in the Work 146 | by You to the Licensor shall be under the terms and conditions of 147 | this License, without any additional terms or conditions. 148 | Notwithstanding the above, nothing herein shall supersede or modify 149 | the terms of any separate license agreement you may have executed 150 | with Licensor regarding such Contributions. 151 | 152 | 6. Trademarks. This License does not grant permission to use the trade 153 | names, trademarks, service marks, or product names of the Licensor, 154 | except as required for reasonable and customary use in describing the 155 | origin of the Work and reproducing the content of the NOTICE file. 156 | 157 | 7. Disclaimer of Warranty. Unless required by applicable law or 158 | agreed to in writing, Licensor provides the Work (and each 159 | Contributor provides its Contributions) on an "AS IS" BASIS, 160 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 161 | implied, including, without limitation, any warranties or conditions 162 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A 163 | PARTICULAR PURPOSE. You are solely responsible for determining the 164 | appropriateness of using or redistributing the Work and assume any 165 | risks associated with Your exercise of permissions under this License. 166 | 167 | 8. Limitation of Liability. In no event and under no legal theory, 168 | whether in tort (including negligence), contract, or otherwise, 169 | unless required by applicable law (such as deliberate and grossly 170 | negligent acts) or agreed to in writing, shall any Contributor be 171 | liable to You for damages, including any direct, indirect, special, 172 | incidental, or consequential damages of any character arising as a 173 | result of this License or out of the use or inability to use the 174 | Work (including but not limited to damages for loss of goodwill, 175 | work stoppage, computer failure or malfunction, or any and all 176 | other commercial damages or losses), even if such Contributor 177 | has been advised of the possibility of such damages. 178 | 179 | 9. Accepting Warranty or Additional Liability. While redistributing 180 | the Work or Derivative Works thereof, You may choose to offer, 181 | and charge a fee for, acceptance of support, warranty, indemnity, 182 | or other liability obligations and/or rights consistent with this 183 | License. However, in accepting such obligations, You may act only 184 | on Your own behalf and on Your sole responsibility, not on behalf 185 | of any other Contributor, and only if You agree to indemnify, 186 | defend, and hold each Contributor harmless for any liability 187 | incurred by, or claims asserted against, such Contributor by reason 188 | of your accepting any such warranty or additional liability. 189 | 190 | END OF TERMS AND CONDITIONS 191 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # PSM Ansible Role 2 | This Ansible Role will deploy and install CyberArk Privileged Session Manager including the pre-requisites, application, hardening and connect to an existing Vault environment. 3 | 4 | ## Requirements 5 | ------------ 6 | 7 | - Windows 2016 installed on the remote host 8 | - WinRM open on port 5986 (**not 5985**) on the remote host 9 | - Pywinrm is installed on the workstation running the playbook 10 | - The workstation running the playbook must have network connectivity to the remote host 11 | - The remote host must have Network connectivity to the CyberArk vault and the repository server 12 | - 443 port outbound 13 | - 1858 port outbound 14 | - Administrator access to the remote host 15 | - PSM CD image 16 | 17 | 18 | ### Flow Variables 19 | Variable | Required | Default | Comments 20 | :--------------------------------|:-------------|:------------------------------------------|:--------- 21 | psm_prerequisites | no | false | Install PSM pre requisites 22 | psm_install | no | false | Install PSM 23 | psm_postinstall | no | false | PSM post install role 24 | psm_hardening | no | false | Apply PSM hardening 25 | psm_registration | no | false | Connect PSM to the Vault 26 | psm_clean | no | false | N/A 27 | platform | no | aws | Deployed platform (aws/azure) 28 | 29 | ### Deployment Variables 30 | Variable | Required | Default | Comments 31 | :--------------------------------|:-------------|:-----------------------------------------------------|:--------- 32 | vault_ip | yes | None | Vault IP to perform registration 33 | vault_port | no | **1858** | Vault port 34 | vault_username | no | **administrator** | Vault username to perform registration 35 | vault_password | yes | None | Vault password to perform registration 36 | secure_vault_password | no | None | Secure Vault password to perform registration 37 | dr_vault_ip | no | None | Vault DR IP address to perform registration 38 | accept_eula | yes | **No** | Accepting EULA condition (Yes/No) 39 | psm_zip_file_path | yes | None | CyberArk PSM installation Zip file package path 40 | psm_installation_drive | no | **C:** | Destination installation drive 41 | psm_out_of_domain | no | false | Flag to determine if server is out of domain 42 | 43 | ## Dependencies 44 | None 45 | 46 | ## Usage 47 | The role consists of a number of different tasks which can be enabled or disabled for the particular 48 | run. 49 | 50 | `psm_prerequisites` 51 | 52 | This task will run the PSM pre-requisites steps. 53 | 54 | `psm_install` 55 | 56 | This task will deploy the PSM to required folder and validate successful deployment. 57 | 58 | `psm_postinstall` 59 | 60 | This task will run the PSM post installation steps. 61 | 62 | `psm_hardening` 63 | 64 | This task will run the PSM hardening process. 65 | 66 | `psm_registration` 67 | 68 | This task will perform registration with active Vault. 69 | 70 | `psm_validateparameters` 71 | 72 | This task will validate which PSM steps have already occurred on the server to prevent repetition. 73 | 74 | `psm_clean` 75 | 76 | This task will clean the configuration (inf) files from the installation, delete the 77 | PSM installation logs from the Temp folder and delete the cred files. 78 | 79 | 80 | ## Example Playbook 81 | Below is an example of how you can incorporate this role into an Ansible playbook 82 | to call the PSM role with several parameters: 83 | 84 | ``` 85 | --- 86 | - ansible.builtin.include_role: 87 | name: psm 88 | vars: 89 | - psm_prerequisites: true 90 | - psm_install: true 91 | - psm_postinstall: true 92 | - psm_hardening: true 93 | - ps_clean: true 94 | ``` 95 | 96 | ## Running the playbook: 97 | For an example of how to incorporate this role into a complete playbook, please see the 98 | **[pas-orchestrator](https://github.com/cyberark/pas-orchestrator)** example. 99 | 100 | ## License 101 | Apache License, Version 2.0 102 | -------------------------------------------------------------------------------- /defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for psm 3 | psm_prerequisites: false 4 | psm_install: false 5 | psm_postinstall: false 6 | psm_hardening: false 7 | psm_registration: false 8 | psm_clean: false 9 | psm_extract: false 10 | psm_official: true 11 | psm_exists: false 12 | psm_hardened: false 13 | psm_registered: false 14 | platform: "aws" 15 | 16 | psm_service_name: "CyberArk Privileged Session Manager" 17 | 18 | psm_base_bin_drive: "C:" 19 | psm_extract_folder: "{{ psm_base_bin_drive }}\\Cyberark\\packages" 20 | psm_artifact_name: "psm.zip" 21 | psm_component_folder: "Privileged Session Manager" 22 | psm_installationautomation_folder: "{{ psm_extract_folder }}\\{{ psm_component_folder }}\\InstallationAutomation" 23 | psm_registrationtool_location: "{{ psm_extract_folder }}\\{{ psm_component_folder }}\\RegistrationTool" 24 | 25 | psm_installation_drive: "C:" 26 | psm_installation_path: "{{ psm_installation_drive }}\\Program Files (x86)\\CyberArk" 27 | psm_registrationtool_folder: "{{ psm_installationautomation_folder }}\\Registration" 28 | 29 | psm_out_of_domain: false 30 | psm_restart: true 31 | 32 | accept_eula: "No" 33 | 34 | psm_prerequisites_log: "{{ psm_installationautomation_folder }}\\psm_pre_req_result.txt" 35 | psm_install_log: "{{ psm_installationautomation_folder }}\\psm_installation_result.txt" 36 | psm_postinstall_log: "{{ psm_installationautomation_folder }}\\psm_post_install_result.txt" 37 | psm_hardening_log: "{{ psm_installationautomation_folder }}\\psm_hardening_result.txt" 38 | psm_registration_log: "{{ psm_installationautomation_folder }}\\psm_registration_result.txt" 39 | 40 | vault_username: "administrator" 41 | vault_port: 1858 42 | log_path_dest: "{{ playbook_dir | dirname }}/logs/psm" 43 | -------------------------------------------------------------------------------- /files/Reset-TSGracePeriod.ps1: -------------------------------------------------------------------------------- 1 | ## This Script is intended to be used for Querying remaining time and resetting Terminal Server (RDS) Grace Licensing Period to Default 120 Days. 2 | ## Developed by Prakash Kumar (prakash82x@gmail.com) May 28th 2016 3 | ## www.adminthing.blogspot.com 4 | ## Disclaimer: Please test this script in your test environment before executing on any production server. 5 | ## Author will not be responsible for any misuse/damage caused by using it. 6 | 7 | try 8 | { 9 | Clear-Host 10 | $ErrorActionPreference = "SilentlyContinue" 11 | 12 | ## Display current Status of remaining days from Grace period. 13 | try 14 | { 15 | $GracePeriod = (Invoke-WmiMethod -PATH (gwmi -namespace root\cimv2\terminalservices -class win32_terminalservicesetting).__PATH -name GetGracePeriodDays).daysleft 16 | } 17 | catch 18 | { 19 | # RDS does not exist on instance, continue without error 20 | exit 0 21 | } 22 | Write-Host -fore Green ====================================================== 23 | Write-Host -fore Green 'Terminal Server (RDS) grace period Days remaining are' : $GracePeriod 24 | Write-Host -fore Green ====================================================== 25 | Write-Host 26 | 27 | # White space is not allowed before string terminator, do not indent 28 | $definition = @" 29 | using System; 30 | using System.Runtime.InteropServices; 31 | namespace Win32Api 32 | { 33 | public class NtDll 34 | { 35 | [DllImport("ntdll.dll", EntryPoint="RtlAdjustPrivilege")] 36 | public static extern int RtlAdjustPrivilege(ulong Privilege, bool Enable, bool CurrentThread, ref bool Enabled); 37 | } 38 | } 39 | "@ 40 | 41 | Add-Type -TypeDefinition $definition -PassThru 42 | 43 | $bEnabled = $false 44 | 45 | ## Enable SeTakeOwnershipPrivilege 46 | $res = [Win32Api.NtDll]::RtlAdjustPrivilege(9, $true, $false, [ref]$bEnabled) 47 | 48 | ## Take Ownership on the Key 49 | $key = [Microsoft.Win32.Registry]::LocalMachine.OpenSubKey("SYSTEM\CurrentControlSet\Control\Terminal Server\RCM\GracePeriod", [Microsoft.Win32.RegistryKeyPermissionCheck]::ReadWriteSubTree,[System.Security.AccessControl.RegistryRights]::takeownership) 50 | $acl = $key.GetAccessControl() 51 | $acl.SetOwner([System.Security.Principal.NTAccount]"Administrators") 52 | $key.SetAccessControl($acl) 53 | 54 | ## Assign Full Controll permissions to Administrators on the key. 55 | $rule = New-Object System.Security.AccessControl.RegistryAccessRule ("Administrators","FullControl","Allow") 56 | $acl.SetAccessRule($rule) 57 | $key.SetAccessControl($acl) 58 | 59 | ## Finally Delete the key which resets the Grace Period counter to 120 Days. 60 | Remove-Item 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\RCM\GracePeriod' 61 | 62 | Write-host 63 | Write-host -ForegroundColor Red 'Resetting, Please Wait....' 64 | Start-Sleep -Seconds 10 65 | Write-host -ForegroundColor Red ================================================================= 66 | Write-host -ForegroundColor Red Grace period was reset. Shutdown the machine and create image 67 | Write-host -ForegroundColor Red ATTENTION: Grace period will start on next machine boot 68 | Write-host -ForegroundColor Red ================================================================= 69 | 70 | 71 | ## Cleanup of Variables 72 | Remove-Variable * -ErrorAction SilentlyContinue 73 | } 74 | catch 75 | { 76 | Write-Host -ForegroundColor Red "An Error has occured on Reset RDS Grace Period" 77 | exit 1 78 | } 79 | 80 | exit 0 81 | # SIG # Begin signature block 82 | # MIIgTQYJKoZIhvcNAQcCoIIgPjCCIDoCAQExDzANBglghkgBZQMEAgEFADB5Bgor 83 | # BgEEAYI3AgEEoGswaTA0BgorBgEEAYI3AgEeMCYCAwEAAAQQH8w7YFlLCE63JNLG 84 | # KX7zUQIBAAIBAAIBAAIBAAIBADAxMA0GCWCGSAFlAwQCAQUABCC/Ul8Q7s13h6D2 85 | # pNupd9YMxjSRGP2Ap91InwRkT7dDsqCCDl8wggboMIIE0KADAgECAhB3vQ4Ft1kL 86 | # th1HYVMeP3XtMA0GCSqGSIb3DQEBCwUAMFMxCzAJBgNVBAYTAkJFMRkwFwYDVQQK 87 | # ExBHbG9iYWxTaWduIG52LXNhMSkwJwYDVQQDEyBHbG9iYWxTaWduIENvZGUgU2ln 88 | # bmluZyBSb290IFI0NTAeFw0yMDA3MjgwMDAwMDBaFw0zMDA3MjgwMDAwMDBaMFwx 89 | # CzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTIwMAYDVQQD 90 | # EylHbG9iYWxTaWduIEdDQyBSNDUgRVYgQ29kZVNpZ25pbmcgQ0EgMjAyMDCCAiIw 91 | # DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMsg75ceuQEyQ6BbqYoj/SBerjgS 92 | # i8os1P9B2BpV1BlTt/2jF+d6OVzA984Ro/ml7QH6tbqT76+T3PjisxlMg7BKRFAE 93 | # eIQQaqTWlpCOgfh8qy+1o1cz0lh7lA5tD6WRJiqzg09ysYp7ZJLQ8LRVX5YLEeWa 94 | # tSyyEc8lG31RK5gfSaNf+BOeNbgDAtqkEy+FSu/EL3AOwdTMMxLsvUCV0xHK5s2z 95 | # BZzIU+tS13hMUQGSgt4T8weOdLqEgJ/SpBUO6K/r94n233Hw0b6nskEzIHXMsdXt 96 | # HQcZxOsmd/KrbReTSam35sOQnMa47MzJe5pexcUkk2NvfhCLYc+YVaMkoog28vmf 97 | # vpMusgafJsAMAVYS4bKKnw4e3JiLLs/a4ok0ph8moKiueG3soYgVPMLq7rfYrWGl 98 | # r3A2onmO3A1zwPHkLKuU7FgGOTZI1jta6CLOdA6vLPEV2tG0leis1Ult5a/dm2tj 99 | # IF2OfjuyQ9hiOpTlzbSYszcZJBJyc6sEsAnchebUIgTvQCodLm3HadNutwFsDeCX 100 | # pxbmJouI9wNEhl9iZ0y1pzeoVdwDNoxuz202JvEOj7A9ccDhMqeC5LYyAjIwfLWT 101 | # yCH9PIjmaWP47nXJi8Kr77o6/elev7YR8b7wPcoyPm593g9+m5XEEofnGrhO7izB 102 | # 36Fl6CSDySrC/blTAgMBAAGjggGtMIIBqTAOBgNVHQ8BAf8EBAMCAYYwEwYDVR0l 103 | # BAwwCgYIKwYBBQUHAwMwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUJZ3Q 104 | # /FkJhmPF7POxEztXHAOSNhEwHwYDVR0jBBgwFoAUHwC/RoAK/Hg5t6W0Q9lWULvO 105 | # ljswgZMGCCsGAQUFBwEBBIGGMIGDMDkGCCsGAQUFBzABhi1odHRwOi8vb2NzcC5n 106 | # bG9iYWxzaWduLmNvbS9jb2Rlc2lnbmluZ3Jvb3RyNDUwRgYIKwYBBQUHMAKGOmh0 107 | # dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5jb20vY2FjZXJ0L2NvZGVzaWduaW5ncm9v 108 | # dHI0NS5jcnQwQQYDVR0fBDowODA2oDSgMoYwaHR0cDovL2NybC5nbG9iYWxzaWdu 109 | # LmNvbS9jb2Rlc2lnbmluZ3Jvb3RyNDUuY3JsMFUGA1UdIAROMEwwQQYJKwYBBAGg 110 | # MgECMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29tL3Jl 111 | # cG9zaXRvcnkvMAcGBWeBDAEDMA0GCSqGSIb3DQEBCwUAA4ICAQAldaAJyTm6t6E5 112 | # iS8Yn6vW6x1L6JR8DQdomxyd73G2F2prAk+zP4ZFh8xlm0zjWAYCImbVYQLFY4/U 113 | # ovG2XiULd5bpzXFAM4gp7O7zom28TbU+BkvJczPKCBQtPUzosLp1pnQtpFg6bBNJ 114 | # +KUVChSWhbFqaDQlQq+WVvQQ+iR98StywRbha+vmqZjHPlr00Bid/XSXhndGKj0j 115 | # fShziq7vKxuav2xTpxSePIdxwF6OyPvTKpIz6ldNXgdeysEYrIEtGiH6bs+XYXvf 116 | # cXo6ymP31TBENzL+u0OF3Lr8psozGSt3bdvLBfB+X3Uuora/Nao2Y8nOZNm9/Lws 117 | # 80lWAMgSK8YnuzevV+/Ezx4pxPTiLc4qYc9X7fUKQOL1GNYe6ZAvytOHX5OKSBoR 118 | # HeU3hZ8uZmKaXoFOlaxVV0PcU4slfjxhD4oLuvU/pteO9wRWXiG7n9dqcYC/lt5y 119 | # A9jYIivzJxZPOOhRQAyuku++PX33gMZMNleElaeEFUgwDlInCI2Oor0ixxnJpsoO 120 | # qHo222q6YV8RJJWk4o5o7hmpSZle0LQ0vdb5QMcQlzFSOTUpEYck08T7qWPLd0jV 121 | # +mL8JOAEek7Q5G7ezp44UCb0IXFl1wkl1MkHAHq4x/N36MXU4lXQ0x72f1LiSY25 122 | # EXIMiEQmM2YBRN/kMw4h3mKJSAfa9TCCB28wggVXoAMCAQICDHBNxPwWOpXgXVV8 123 | # DDANBgkqhkiG9w0BAQsFADBcMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFs 124 | # U2lnbiBudi1zYTEyMDAGA1UEAxMpR2xvYmFsU2lnbiBHQ0MgUjQ1IEVWIENvZGVT 125 | # aWduaW5nIENBIDIwMjAwHhcNMjIwMjE1MTMzODM1WhcNMjUwMjE1MTMzODM1WjCB 126 | # 1DEdMBsGA1UEDwwUUHJpdmF0ZSBPcmdhbml6YXRpb24xEjAQBgNVBAUTCTUxMjI5 127 | # MTY0MjETMBEGCysGAQQBgjc8AgEDEwJJTDELMAkGA1UEBhMCSUwxEDAOBgNVBAgT 128 | # B0NlbnRyYWwxFDASBgNVBAcTC1BldGFoIFRpa3ZhMRMwEQYDVQQJEwo5IEhhcHNh 129 | # Z290MR8wHQYDVQQKExZDeWJlckFyayBTb2Z0d2FyZSBMdGQuMR8wHQYDVQQDExZD 130 | # eWJlckFyayBTb2Z0d2FyZSBMdGQuMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC 131 | # CgKCAgEA8rPX6yAVM64+/qMQEttWp7FdAvq9UfgxBrW+R0NtuXhKnjV05zmIL6zi 132 | # AS0TlNrQqu5ypmuagOWzYKDtIcWEDm6AuSK+QeZprW69c0XYRdIf8X/xNUawXLGe 133 | # 5LG6ngs2uHGtch9lt2GLMRWILnKviS6l6F06HOAow+aIDcNGOukddypveFrqMEbP 134 | # 7YKMekkB6c2/whdHzDQiW6V0K82Xp9XUexrbdnFpKWXLfQwkzjcG1xmSiHQUpkSH 135 | # 4w2AzBzcs+Nidoon5FEIFXGS2b1CcCA8+Po5Dg7//vn2thirXtOqaC+fjP1pUG7m 136 | # vrZQMg3lTHQA/LTL78R3UzzNb4I9dc8yualcYK155hRU3vZJ3/UtktAvDPC/ewoW 137 | # thebG77NuKU8YI6l2lMg7jMFZ1//brICD0RGqhmPMK9MrB3elSuMLaO566Ihdrlp 138 | # zmj4BRDCfPuH0QfwkrejsikGEMo0lErfHSjL3NaiE0PPoC4NW7nc6Wh4Va4e3VFF 139 | # Z9zdnoTsCKJqk4s13MxBbjdLIkCcfknMSxAloOF9h6IhzWOylSROAy/TZfGL5kzQ 140 | # qxzcIhdXLWHHWdbz4DD3qxYc6g1G3ZwgFPWf7VbKQU3FsAxgiJvmKPVeOfIN4iYT 141 | # V4toilRR8KX/IaA1NMrN9EiA//ZhN3HONS/s6AxjjHJTR29GOQkCAwEAAaOCAbYw 142 | # ggGyMA4GA1UdDwEB/wQEAwIHgDCBnwYIKwYBBQUHAQEEgZIwgY8wTAYIKwYBBQUH 143 | # MAKGQGh0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5jb20vY2FjZXJ0L2dzZ2NjcjQ1 144 | # ZXZjb2Rlc2lnbmNhMjAyMC5jcnQwPwYIKwYBBQUHMAGGM2h0dHA6Ly9vY3NwLmds 145 | # b2JhbHNpZ24uY29tL2dzZ2NjcjQ1ZXZjb2Rlc2lnbmNhMjAyMDBVBgNVHSAETjBM 146 | # MEEGCSsGAQQBoDIBAjA0MDIGCCsGAQUFBwIBFiZodHRwczovL3d3dy5nbG9iYWxz 147 | # aWduLmNvbS9yZXBvc2l0b3J5LzAHBgVngQwBAzAJBgNVHRMEAjAAMEcGA1UdHwRA 148 | # MD4wPKA6oDiGNmh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5jb20vZ3NnY2NyNDVldmNv 149 | # ZGVzaWduY2EyMDIwLmNybDATBgNVHSUEDDAKBggrBgEFBQcDAzAfBgNVHSMEGDAW 150 | # gBQlndD8WQmGY8Xs87ETO1ccA5I2ETAdBgNVHQ4EFgQU0Vg7IAYAK18fI9dI1YKi 151 | # WA0D1bEwDQYJKoZIhvcNAQELBQADggIBAFOdA15mFwRIM54PIL/BDZq9RU9IO+YO 152 | # lAoAYTJHbiTY9ZqvA1isS6EtdYKJgdP/MyZoW7RZmcY5IDXvXFj70TWWvfdqW/Qc 153 | # MMHtSqhiRb4L92LtR4lS+hWM2fptECpl9BKH28LBZemdKS0jryBEqyAmuEoFJNDk 154 | # wxzQVKPksvapvmSYwPiBCtzPyHTRo5HnLBXpK/LUBJu8epAgKz6LoJjnrTIF4U8R 155 | # owrtUC0I6f4uj+sKYE0iV3/TzwsTJsp7MQShoILPr1/75fQjU/7Pl2fbM++uAFBC 156 | # sHQHYvar9KLslFPX4g+cDdtOHz5vId8QYZnhCduVgzUGvELmXXR1FYV7oJNnh3eY 157 | # Xc5gm7vSNKlZB8l7Ls6h8icBV2zQbojDiH0JOD//ph62qvnMp8ev9mvhvLXRCIxc 158 | # aU7CYI0gNVvg9LPi5j1/tswqBc9XAfHUG9ZYVxYCgvynEmnJ5TuEh6GesGRPbNIL 159 | # l418MFn4EPQUqxB51SMihIcyqu6+3qOlco8Dsy1y0gC0Hcx+unDZPsN8k+rhueN2 160 | # HXrPkAJ2bsEJd7adPy423FKbA7bRCOc6dWOFH1OGANfEG0Rjw9RfcsI84OkKpQ7R 161 | # XldpKIcWuaYMlfYzsl+P8dJru+KgA8Vh7GTVb5USzFGeMyOMtyr1/L2bIyRVSiLL 162 | # 8goMl4DTDOWeMYIRRDCCEUACAQEwbDBcMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQ 163 | # R2xvYmFsU2lnbiBudi1zYTEyMDAGA1UEAxMpR2xvYmFsU2lnbiBHQ0MgUjQ1IEVW 164 | # IENvZGVTaWduaW5nIENBIDIwMjACDHBNxPwWOpXgXVV8DDANBglghkgBZQMEAgEF 165 | # AKB8MBAGCisGAQQBgjcCAQwxAjAAMBkGCSqGSIb3DQEJAzEMBgorBgEEAYI3AgEE 166 | # MBwGCisGAQQBgjcCAQsxDjAMBgorBgEEAYI3AgEVMC8GCSqGSIb3DQEJBDEiBCAN 167 | # xdjxEaM10uL0ZE9ik+oe6GM4pmevcL5JurEVX1Zv7jANBgkqhkiG9w0BAQEFAASC 168 | # AgCIWEPy1ogSaTAkNgXQrZEQTwbJukY1fOHivSM0T0eZylcfPjT0r5l2m3Dci/Ag 169 | # 7KbqJBOUIAq72sI4w7vgmuX5gpHzPJ37rMR57dugqUnKIrASB0sLYytEs69nwfuC 170 | # D0/UDSDA+lvlSsZB1E4Y7tbc0B0AT2MBh69eFIDF/fnVVc87ag3IKpUle4UUbl3n 171 | # c1949K4FeL4x7dCWRZL8/J6OmAhF8hOR1z3RI2hM/IPaaj7/hT002J5WUScqML88 172 | # iW6WgTCr1GvuvddR/l3SniABl1iB2k3a36wErr6tbZEn5Ol2/xiNQB2A3Sr9Io9H 173 | # 6bsZHNHrOEx7bWQub35HlF1j7G9FgUfhazfh27h5fKZ6wgwY0bZAhi+R3GdB+szz 174 | # i6tAAcfAjRRDAnTq8xLM6ACLSXTl93USeY1ewweExJJZFCevvMc3glFEsDNB9bXA 175 | # LNOyohaVnDnBJwx7+JgKuoLmXtB1eQIxwpuElF/Z624fRV/zD2e9ZNRnMMV4O+Wf 176 | # s0n/EDgujkf4Esg8Fa5x2rGDi9rJZSN787HCQxfWHYxZIBG+5w/fkUu1MK8FGr0j 177 | # NP9gEnDZ57FKScZUjC04dJ6Cp5+KWtO8N13lvMgIhLSoOYGLkUXQbvcVh7ThNnjA 178 | # mRolbcOgUoWlFGgmmrvstflJOp42vct5/7XRzSIez4C8z6GCDiswgg4nBgorBgEE 179 | # AYI3AwMBMYIOFzCCDhMGCSqGSIb3DQEHAqCCDgQwgg4AAgEDMQ0wCwYJYIZIAWUD 180 | # BAIBMIH+BgsqhkiG9w0BCRABBKCB7gSB6zCB6AIBAQYLYIZIAYb4RQEHFwMwITAJ 181 | # BgUrDgMCGgUABBShdvTv+dZ1slS4OcsyBpcmFicF7wIUKsEbNDqG3HwEco+ojIIl 182 | # ZtW9EBAYDzIwMjIwNTAxMTE1MzM2WjADAgEeoIGGpIGDMIGAMQswCQYDVQQGEwJV 183 | # UzEdMBsGA1UEChMUU3ltYW50ZWMgQ29ycG9yYXRpb24xHzAdBgNVBAsTFlN5bWFu 184 | # dGVjIFRydXN0IE5ldHdvcmsxMTAvBgNVBAMTKFN5bWFudGVjIFNIQTI1NiBUaW1l 185 | # U3RhbXBpbmcgU2lnbmVyIC0gRzOgggqLMIIFODCCBCCgAwIBAgIQewWx1EloUUT3 186 | # yYnSnBmdEjANBgkqhkiG9w0BAQsFADCBvTELMAkGA1UEBhMCVVMxFzAVBgNVBAoT 187 | # DlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3Jr 188 | # MTowOAYDVQQLEzEoYykgMjAwOCBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3Jp 189 | # emVkIHVzZSBvbmx5MTgwNgYDVQQDEy9WZXJpU2lnbiBVbml2ZXJzYWwgUm9vdCBD 190 | # ZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0xNjAxMTIwMDAwMDBaFw0zMTAxMTEy 191 | # MzU5NTlaMHcxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRTeW1hbnRlYyBDb3Jwb3Jh 192 | # dGlvbjEfMB0GA1UECxMWU3ltYW50ZWMgVHJ1c3QgTmV0d29yazEoMCYGA1UEAxMf 193 | # U3ltYW50ZWMgU0hBMjU2IFRpbWVTdGFtcGluZyBDQTCCASIwDQYJKoZIhvcNAQEB 194 | # BQADggEPADCCAQoCggEBALtZnVlVT52Mcl0agaLrVfOwAa08cawyjwVrhponADKX 195 | # ak3JZBRLKbvC2Sm5Luxjs+HPPwtWkPhiG37rpgfi3n9ebUA41JEG50F8eRzLy60b 196 | # v9iVkfPw7mz4rZY5Ln/BJ7h4OcWEpe3tr4eOzo3HberSmLU6Hx45ncP0mqj0hOHE 197 | # 0XxxxgYptD/kgw0mw3sIPk35CrczSf/KO9T1sptL4YiZGvXA6TMU1t/HgNuR7v68 198 | # kldyd/TNqMz+CfWTN76ViGrF3PSxS9TO6AmRX7WEeTWKeKwZMo8jwTJBG1kOqT6x 199 | # zPnWK++32OTVHW0ROpL2k8mc40juu1MO1DaXhnjFoTcCAwEAAaOCAXcwggFzMA4G 200 | # A1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEAMGYGA1UdIARfMF0wWwYL 201 | # YIZIAYb4RQEHFwMwTDAjBggrBgEFBQcCARYXaHR0cHM6Ly9kLnN5bWNiLmNvbS9j 202 | # cHMwJQYIKwYBBQUHAgIwGRoXaHR0cHM6Ly9kLnN5bWNiLmNvbS9ycGEwLgYIKwYB 203 | # BQUHAQEEIjAgMB4GCCsGAQUFBzABhhJodHRwOi8vcy5zeW1jZC5jb20wNgYDVR0f 204 | # BC8wLTAroCmgJ4YlaHR0cDovL3Muc3ltY2IuY29tL3VuaXZlcnNhbC1yb290LmNy 205 | # bDATBgNVHSUEDDAKBggrBgEFBQcDCDAoBgNVHREEITAfpB0wGzEZMBcGA1UEAxMQ 206 | # VGltZVN0YW1wLTIwNDgtMzAdBgNVHQ4EFgQUr2PWyqNOhXLgp7xB8ymiOH+AdWIw 207 | # HwYDVR0jBBgwFoAUtnf6aUhHn1MS1cLqBzJ2B9GXBxkwDQYJKoZIhvcNAQELBQAD 208 | # ggEBAHXqsC3VNBlcMkX+DuHUT6Z4wW/X6t3cT/OhyIGI96ePFeZAKa3mXfSi2VZk 209 | # hHEwKt0eYRdmIFYGmBmNXXHy+Je8Cf0ckUfJ4uiNA/vMkC/WCmxOM+zWtJPITJBj 210 | # SDlAIcTd1m6JmDy1mJfoqQa3CcmPU1dBkC/hHk1O3MoQeGxCbvC2xfhhXFL1TvZr 211 | # jfdKer7zzf0D19n2A6gP41P3CnXsxnUuqmaFBJm3+AZX4cYO9uiv2uybGB+queM6 212 | # AL/OipTLAduexzi7D1Kr0eOUA2AKTaD+J20UMvw/l0Dhv5mJ2+Q5FL3a5NPD6ita 213 | # s5VYVQR9x5rsIwONhSrS/66pYYEwggVLMIIEM6ADAgECAhB71OWvuswHP6EBIwQi 214 | # QU0SMA0GCSqGSIb3DQEBCwUAMHcxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRTeW1h 215 | # bnRlYyBDb3Jwb3JhdGlvbjEfMB0GA1UECxMWU3ltYW50ZWMgVHJ1c3QgTmV0d29y 216 | # azEoMCYGA1UEAxMfU3ltYW50ZWMgU0hBMjU2IFRpbWVTdGFtcGluZyBDQTAeFw0x 217 | # NzEyMjMwMDAwMDBaFw0yOTAzMjIyMzU5NTlaMIGAMQswCQYDVQQGEwJVUzEdMBsG 218 | # A1UEChMUU3ltYW50ZWMgQ29ycG9yYXRpb24xHzAdBgNVBAsTFlN5bWFudGVjIFRy 219 | # dXN0IE5ldHdvcmsxMTAvBgNVBAMTKFN5bWFudGVjIFNIQTI1NiBUaW1lU3RhbXBp 220 | # bmcgU2lnbmVyIC0gRzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv 221 | # Doqq+Ny/aXtUF3FHCb2NPIH4dBV3Z5Cc/d5OAp5LdvblNj5l1SQgbTD53R2D6T8n 222 | # SjNObRaK5I1AjSKqvqcLG9IHtjy1GiQo+BtyUT3ICYgmCDr5+kMjdUdwDLNfW48I 223 | # HXJIV2VNrwI8QPf03TI4kz/lLKbzWSPLgN4TTfkQyaoKGGxVYVfR8QIsxLWr8mwj 224 | # 0p8NDxlsrYViaf1OhcGKUjGrW9jJdFLjV2wiv1V/b8oGqz9KtyJ2ZezsNvKWlYEm 225 | # LP27mKoBONOvJUCbCVPwKVeFWF7qhUhBIYfl3rTTJrJ7QFNYeY5SMQZNlANFxM48 226 | # A+y3API6IsW0b+XvsIqbAgMBAAGjggHHMIIBwzAMBgNVHRMBAf8EAjAAMGYGA1Ud 227 | # IARfMF0wWwYLYIZIAYb4RQEHFwMwTDAjBggrBgEFBQcCARYXaHR0cHM6Ly9kLnN5 228 | # bWNiLmNvbS9jcHMwJQYIKwYBBQUHAgIwGRoXaHR0cHM6Ly9kLnN5bWNiLmNvbS9y 229 | # cGEwQAYDVR0fBDkwNzA1oDOgMYYvaHR0cDovL3RzLWNybC53cy5zeW1hbnRlYy5j 230 | # b20vc2hhMjU2LXRzcy1jYS5jcmwwFgYDVR0lAQH/BAwwCgYIKwYBBQUHAwgwDgYD 231 | # VR0PAQH/BAQDAgeAMHcGCCsGAQUFBwEBBGswaTAqBggrBgEFBQcwAYYeaHR0cDov 232 | # L3RzLW9jc3Aud3Muc3ltYW50ZWMuY29tMDsGCCsGAQUFBzAChi9odHRwOi8vdHMt 233 | # YWlhLndzLnN5bWFudGVjLmNvbS9zaGEyNTYtdHNzLWNhLmNlcjAoBgNVHREEITAf 234 | # pB0wGzEZMBcGA1UEAxMQVGltZVN0YW1wLTIwNDgtNjAdBgNVHQ4EFgQUpRMBqZ+F 235 | # zBtuFh5fOzGqeTYAex0wHwYDVR0jBBgwFoAUr2PWyqNOhXLgp7xB8ymiOH+AdWIw 236 | # DQYJKoZIhvcNAQELBQADggEBAEaer/C4ol+imUjPqCdLIc2yuaZycGMv41UpezlG 237 | # Tud+ZQZYi7xXipINCNgQujYk+gp7+zvTYr9KlBXmgtuKVG3/KP5nz3E/5jMJ2aJZ 238 | # EPQeSv5lzN7Ua+NSKXUASiulzMub6KlN97QXWZJBw7c/hub2wH9EPEZcF1rjpDvV 239 | # aSbVIX3hgGd+Yqy3Ti4VmuWcI69bEepxqUH5DXk4qaENz7Sx2j6aescixXTN30cJ 240 | # hsT8kSWyG5bphQjo3ep0YG5gpVZ6DchEWNzm+UgUnuW/3gC9d7GYFHIUJN/HESwf 241 | # AD/DSxTGZxzMHgajkF9cVIs+4zNbgg/Ft4YCTnGf6WZFP3YxggJaMIICVgIBATCB 242 | # izB3MQswCQYDVQQGEwJVUzEdMBsGA1UEChMUU3ltYW50ZWMgQ29ycG9yYXRpb24x 243 | # HzAdBgNVBAsTFlN5bWFudGVjIFRydXN0IE5ldHdvcmsxKDAmBgNVBAMTH1N5bWFu 244 | # dGVjIFNIQTI1NiBUaW1lU3RhbXBpbmcgQ0ECEHvU5a+6zAc/oQEjBCJBTRIwCwYJ 245 | # YIZIAWUDBAIBoIGkMBoGCSqGSIb3DQEJAzENBgsqhkiG9w0BCRABBDAcBgkqhkiG 246 | # 9w0BCQUxDxcNMjIwNTAxMTE1MzM2WjAvBgkqhkiG9w0BCQQxIgQgB1GF1Ou1HWDB 247 | # 5UE8KQZiYDWthAZXLXyvuZw1hHB+njIwNwYLKoZIhvcNAQkQAi8xKDAmMCQwIgQg 248 | # xHTOdgB9AjlODaXk3nwUxoD54oIBPP72U+9dtx/fYfgwCwYJKoZIhvcNAQEBBIIB 249 | # ABzn/jeSNgA9QGEl9jJzkKNlCYge4Qo9V/XkN31eh2cZfUk0hYuQK5G0Mzl4yTbm 250 | # gpLASNrIHDmz3osog9t+thRdxSwDxM6EwWNZTDChALbPsvxILdlFvZpOukx5K413 251 | # I3ZNQ0zqjgGnvATHrtreWAs1K+XNZ7VMJeoyEfZH/VhmqjxwTj9SFMLpgadELUMv 252 | # zI9WtS1rL8qUrvARhcT9us7DtIBCR6VaAG1kIvQ/EmRjLdJl43yxfWTJoxvLBmsA 253 | # vYJTfBnkpU5gXehuZHkVxuoMJWDhtDtPg8pK9dfLDP41qdcnPNY/3yb46a2HXHWc 254 | # mwn/ULLcxtz9dGAKRM/stbw= 255 | # SIG # End signature block 256 | -------------------------------------------------------------------------------- /files/add_admin_to_psmmaster.ps1: -------------------------------------------------------------------------------- 1 | 2 | [CmdletBinding()] 3 | Param( 4 | [Parameter(Mandatory=$true)] 5 | [string]$username, 6 | [Parameter(Mandatory=$true)] 7 | [string]$password, 8 | [Parameter(Mandatory=$true)] 9 | [string]$pvwaIp, 10 | [Parameter(Mandatory=$false)] 11 | [string]$authenticationType = 'Cyberark' 12 | 13 | ) 14 | 15 | $logonUrl = 'https://{0}/PasswordVault/API/auth/{1}/Logon' -f $pvwaIp, $authenticationType 16 | 17 | 18 | ### ignore certificates 19 | add-type @" 20 | using System.Net; 21 | using System.Security.Cryptography.X509Certificates; 22 | public class TrustAllCertsPolicy : ICertificatePolicy { 23 | public bool CheckValidationResult( 24 | ServicePoint srvPoint, X509Certificate certificate, 25 | WebRequest request, int certificateProblem) { 26 | return true; 27 | } 28 | } 29 | "@ 30 | [System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy 31 | 32 | [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 33 | $restLogonBody = @{ 34 | "username" = $username 35 | "password" = $password 36 | } | ConvertTo-Json 37 | 38 | 39 | $sessionToken = '' 40 | 41 | ## Logon to PVWA 42 | try 43 | { 44 | $sessionToken = Invoke-RestMethod -Method Post -Uri $logonUrl -Body $restLogonBody -ContentType "application/json" 45 | } 46 | catch 47 | { 48 | Write-host ("Exception on connecting to PVWA: {0}" -f $PSItem) 49 | return -1 50 | } 51 | 52 | $headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]" 53 | $headers.Add("Authorization", $sessionToken) 54 | Write-Host ("Logon preformed successfully") 55 | 56 | ## Get vault group 57 | 58 | $getFilter = [uri]::EscapeDataString("groupType eq Vault") 59 | $usersUrl = 'https://{0}/PasswordVault/api/UserGroups?filter={1}&search=PSMMaster' -f $pvwaIp, $getFilter 60 | 61 | $response = '' 62 | try 63 | { 64 | $response = Invoke-RestMethod -Method Get -Uri $usersUrl -ContentType 'application/json' -Headers $headers 65 | } 66 | catch 67 | { 68 | Write-Host ("Exceptionoccured during GetVaultGroup: {0}" -f $PSItem) 69 | return -1 70 | } 71 | if($response.count -le 0) 72 | { 73 | Write-Host("No group PSMMaster exist on pvwa {0}" -f $pvwaIp) 74 | return -1 75 | } 76 | 77 | $restBody = @{ 78 | "memberId" = $username 79 | } | ConvertTo-Json 80 | 81 | ## Add user to the Group 82 | try { 83 | $userStatus = Invoke-RestMethod -Method Post -ContentType 'application/json' -Headers $headers -Body $restBody ` 84 | -Uri ('https://{0}/PasswordVault/api/UserGroups/{1}/Members/' -f $pvwaIp, $response.value[0].id) 85 | } 86 | catch [System.Net.WebException] 87 | { 88 | write-host("user already exists on group, continue...") 89 | } 90 | catch 91 | { 92 | write-host("Unknown error occured pvwa REST Adding user group") 93 | return -1 94 | } 95 | 96 | ## Logout from PVWA 97 | $logoffUrl = 'https://{0}/PasswordVault/API/auth/Logoff' -f $pvwaIp 98 | $response = Invoke-RestMethod -Method Post -Uri $logoffUrl -ContentType "application/json" -Headers $headers 99 | Write-Host ("successfully Logged out") 100 | write-host('###### Finished successfully adding user to group #######') -------------------------------------------------------------------------------- /files/aws/AWS.EC2.Windows.CloudWatch.json: -------------------------------------------------------------------------------- 1 | { 2 | "IsEnabled":false, 3 | "EngineConfiguration":{ 4 | "PollInterval":"00:00:05", 5 | "Components":[ 6 | { 7 | "Id":"CfnInitLog", 8 | "FullName":"AWS.EC2.Windows.CloudWatch.CustomLog.CustomLogInputComponent,AWS.EC2.Windows.CloudWatch", 9 | "Parameters":{ 10 | "LogDirectoryPath":"C:\\cfn\\log", 11 | "TimestampFormat":"yyyy-MM-dd HH:mm:ss,fff", 12 | "Encoding":"ASCII", 13 | "Filter":"cfn-init.log", 14 | "CultureName":"en-US", 15 | "TimeZoneKind":"Local" 16 | } 17 | }, 18 | { 19 | "Id":"CloudWatchCfnInitLog", 20 | "FullName":"AWS.EC2.Windows.CloudWatch.CloudWatchLogsOutput,AWS.EC2.Windows.CloudWatch", 21 | "Parameters":{ 22 | "AccessKey":"", 23 | "SecretKey":"", 24 | "Region":"AWS_REGION_PH", 25 | "LogGroup":"LOG_GROUP_PH", 26 | "LogStream":"PSM_CFN_LOG_PH" 27 | } 28 | }, 29 | { 30 | "Id":"PSMConflog", 31 | "FullName":"AWS.EC2.Windows.CloudWatch.CustomLog.CustomLogInputComponent,AWS.EC2.Windows.CloudWatch", 32 | "Parameters":{ 33 | "LogDirectoryPath":"C:\\CyberArk\\Deployment\\Logs", 34 | "TimestampFormat":"yyyy-MM-dd HH:mm:ss", 35 | "Encoding":"ASCII", 36 | "Filter":"PSMConfiguration.log", 37 | "CultureName":"en-US", 38 | "TimeZoneKind":"Local" 39 | } 40 | }, 41 | { 42 | "Id":"CloudWatchPSMConflog", 43 | "FullName":"AWS.EC2.Windows.CloudWatch.CloudWatchLogsOutput,AWS.EC2.Windows.CloudWatch", 44 | "Parameters":{ 45 | "AccessKey":"", 46 | "SecretKey":"", 47 | "Region":"AWS_REGION_PH", 48 | "LogGroup":"LOG_GROUP_PH", 49 | "LogStream":"PSM_CONF_LOG_PH" 50 | } 51 | }, 52 | { 53 | "Id":"PSMRegistration", 54 | "FullName":"AWS.EC2.Windows.CloudWatch.CustomLog.CustomLogInputComponent,AWS.EC2.Windows.CloudWatch", 55 | "Parameters":{ 56 | "LogDirectoryPath":"C:\\CyberArk\\Deployment\\Logs", 57 | "TimestampFormat":"yyyy-MM-dd HH:mm:ss,fff", 58 | "Encoding":"ASCII", 59 | "Filter":"PSMRegistration.log", 60 | "CultureName":"en-US", 61 | "TimeZoneKind":"Local" 62 | } 63 | }, 64 | { 65 | "Id":"CloudWatchPSMRegistration", 66 | "FullName":"AWS.EC2.Windows.CloudWatch.CloudWatchLogsOutput,AWS.EC2.Windows.CloudWatch", 67 | "Parameters":{ 68 | "AccessKey":"", 69 | "SecretKey":"", 70 | "Region":"AWS_REGION_PH", 71 | "LogGroup":"LOG_GROUP_PH", 72 | "LogStream":"PSMREGISTRATION_LOG_PH" 73 | } 74 | } 75 | ], 76 | "Flows":{ 77 | "Flows":[ 78 | "CfnInitLog,CloudWatchCfnInitLog", 79 | "PSMConflog,CloudWatchPSMConflog", 80 | "PSMRegistration,CloudWatchPSMRegistration" 81 | ] 82 | } 83 | } 84 | } 85 | -------------------------------------------------------------------------------- /files/aws/CloudWatch.ps1: -------------------------------------------------------------------------------- 1 | 2 | [CmdletBinding()] 3 | Param( 4 | [Parameter(Mandatory=$true)][string]$Region, 5 | [Parameter(Mandatory=$true)][string]$LogGroup, 6 | [Parameter(Mandatory=$true)][string]$PSMCfnInitLogStream, 7 | [Parameter(Mandatory=$true)][string]$PSMConfiguration, 8 | [Parameter(Mandatory=$true)][string]$PSMRegistration 9 | ) 10 | 11 | ((Get-Content -Path "C:\Program Files\Amazon\SSM\Plugins\awsCloudWatch\AWS.EC2.Windows.CloudWatch.json" -Raw)` 12 | -Replace 'false','true' ` 13 | -Replace 'AWS_REGION_PH',$Region ` 14 | -Replace 'LOG_GROUP_PH',$LogGroup ` 15 | -Replace 'PSM_CFN_LOG_PH',$PSMCfnInitLogStream ` 16 | -Replace 'PSM_CONF_LOG_PH',$PSMConfiguration ` 17 | -Replace 'PSMREGISTRATION_LOG_PH',$PSMRegistration)| Out-File ` 18 | -FilePath "C:\Program Files\Amazon\SSM\Plugins\awsCloudWatch\AWS.EC2.Windows.CloudWatch.json" -Force -Encoding ASCII 19 | # SIG # Begin signature block 20 | # MIIgTQYJKoZIhvcNAQcCoIIgPjCCIDoCAQExDzANBglghkgBZQMEAgEFADB5Bgor 21 | # BgEEAYI3AgEEoGswaTA0BgorBgEEAYI3AgEeMCYCAwEAAAQQH8w7YFlLCE63JNLG 22 | # KX7zUQIBAAIBAAIBAAIBAAIBADAxMA0GCWCGSAFlAwQCAQUABCCP9/zc3NUw9BOJ 23 | # HEX26c1GWPl1iU3ZTM2zYxce7KD20qCCDl8wggboMIIE0KADAgECAhB3vQ4Ft1kL 24 | # th1HYVMeP3XtMA0GCSqGSIb3DQEBCwUAMFMxCzAJBgNVBAYTAkJFMRkwFwYDVQQK 25 | # ExBHbG9iYWxTaWduIG52LXNhMSkwJwYDVQQDEyBHbG9iYWxTaWduIENvZGUgU2ln 26 | # bmluZyBSb290IFI0NTAeFw0yMDA3MjgwMDAwMDBaFw0zMDA3MjgwMDAwMDBaMFwx 27 | # CzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTIwMAYDVQQD 28 | # EylHbG9iYWxTaWduIEdDQyBSNDUgRVYgQ29kZVNpZ25pbmcgQ0EgMjAyMDCCAiIw 29 | # DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMsg75ceuQEyQ6BbqYoj/SBerjgS 30 | # i8os1P9B2BpV1BlTt/2jF+d6OVzA984Ro/ml7QH6tbqT76+T3PjisxlMg7BKRFAE 31 | # eIQQaqTWlpCOgfh8qy+1o1cz0lh7lA5tD6WRJiqzg09ysYp7ZJLQ8LRVX5YLEeWa 32 | # tSyyEc8lG31RK5gfSaNf+BOeNbgDAtqkEy+FSu/EL3AOwdTMMxLsvUCV0xHK5s2z 33 | # BZzIU+tS13hMUQGSgt4T8weOdLqEgJ/SpBUO6K/r94n233Hw0b6nskEzIHXMsdXt 34 | # HQcZxOsmd/KrbReTSam35sOQnMa47MzJe5pexcUkk2NvfhCLYc+YVaMkoog28vmf 35 | # vpMusgafJsAMAVYS4bKKnw4e3JiLLs/a4ok0ph8moKiueG3soYgVPMLq7rfYrWGl 36 | # r3A2onmO3A1zwPHkLKuU7FgGOTZI1jta6CLOdA6vLPEV2tG0leis1Ult5a/dm2tj 37 | # IF2OfjuyQ9hiOpTlzbSYszcZJBJyc6sEsAnchebUIgTvQCodLm3HadNutwFsDeCX 38 | # pxbmJouI9wNEhl9iZ0y1pzeoVdwDNoxuz202JvEOj7A9ccDhMqeC5LYyAjIwfLWT 39 | # yCH9PIjmaWP47nXJi8Kr77o6/elev7YR8b7wPcoyPm593g9+m5XEEofnGrhO7izB 40 | # 36Fl6CSDySrC/blTAgMBAAGjggGtMIIBqTAOBgNVHQ8BAf8EBAMCAYYwEwYDVR0l 41 | # BAwwCgYIKwYBBQUHAwMwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUJZ3Q 42 | # /FkJhmPF7POxEztXHAOSNhEwHwYDVR0jBBgwFoAUHwC/RoAK/Hg5t6W0Q9lWULvO 43 | # ljswgZMGCCsGAQUFBwEBBIGGMIGDMDkGCCsGAQUFBzABhi1odHRwOi8vb2NzcC5n 44 | # bG9iYWxzaWduLmNvbS9jb2Rlc2lnbmluZ3Jvb3RyNDUwRgYIKwYBBQUHMAKGOmh0 45 | # dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5jb20vY2FjZXJ0L2NvZGVzaWduaW5ncm9v 46 | # dHI0NS5jcnQwQQYDVR0fBDowODA2oDSgMoYwaHR0cDovL2NybC5nbG9iYWxzaWdu 47 | # LmNvbS9jb2Rlc2lnbmluZ3Jvb3RyNDUuY3JsMFUGA1UdIAROMEwwQQYJKwYBBAGg 48 | # MgECMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29tL3Jl 49 | # cG9zaXRvcnkvMAcGBWeBDAEDMA0GCSqGSIb3DQEBCwUAA4ICAQAldaAJyTm6t6E5 50 | # iS8Yn6vW6x1L6JR8DQdomxyd73G2F2prAk+zP4ZFh8xlm0zjWAYCImbVYQLFY4/U 51 | # ovG2XiULd5bpzXFAM4gp7O7zom28TbU+BkvJczPKCBQtPUzosLp1pnQtpFg6bBNJ 52 | # +KUVChSWhbFqaDQlQq+WVvQQ+iR98StywRbha+vmqZjHPlr00Bid/XSXhndGKj0j 53 | # fShziq7vKxuav2xTpxSePIdxwF6OyPvTKpIz6ldNXgdeysEYrIEtGiH6bs+XYXvf 54 | # cXo6ymP31TBENzL+u0OF3Lr8psozGSt3bdvLBfB+X3Uuora/Nao2Y8nOZNm9/Lws 55 | # 80lWAMgSK8YnuzevV+/Ezx4pxPTiLc4qYc9X7fUKQOL1GNYe6ZAvytOHX5OKSBoR 56 | # HeU3hZ8uZmKaXoFOlaxVV0PcU4slfjxhD4oLuvU/pteO9wRWXiG7n9dqcYC/lt5y 57 | # A9jYIivzJxZPOOhRQAyuku++PX33gMZMNleElaeEFUgwDlInCI2Oor0ixxnJpsoO 58 | # qHo222q6YV8RJJWk4o5o7hmpSZle0LQ0vdb5QMcQlzFSOTUpEYck08T7qWPLd0jV 59 | # +mL8JOAEek7Q5G7ezp44UCb0IXFl1wkl1MkHAHq4x/N36MXU4lXQ0x72f1LiSY25 60 | # EXIMiEQmM2YBRN/kMw4h3mKJSAfa9TCCB28wggVXoAMCAQICDHBNxPwWOpXgXVV8 61 | # DDANBgkqhkiG9w0BAQsFADBcMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFs 62 | # U2lnbiBudi1zYTEyMDAGA1UEAxMpR2xvYmFsU2lnbiBHQ0MgUjQ1IEVWIENvZGVT 63 | # aWduaW5nIENBIDIwMjAwHhcNMjIwMjE1MTMzODM1WhcNMjUwMjE1MTMzODM1WjCB 64 | # 1DEdMBsGA1UEDwwUUHJpdmF0ZSBPcmdhbml6YXRpb24xEjAQBgNVBAUTCTUxMjI5 65 | # MTY0MjETMBEGCysGAQQBgjc8AgEDEwJJTDELMAkGA1UEBhMCSUwxEDAOBgNVBAgT 66 | # B0NlbnRyYWwxFDASBgNVBAcTC1BldGFoIFRpa3ZhMRMwEQYDVQQJEwo5IEhhcHNh 67 | # Z290MR8wHQYDVQQKExZDeWJlckFyayBTb2Z0d2FyZSBMdGQuMR8wHQYDVQQDExZD 68 | # eWJlckFyayBTb2Z0d2FyZSBMdGQuMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC 69 | # CgKCAgEA8rPX6yAVM64+/qMQEttWp7FdAvq9UfgxBrW+R0NtuXhKnjV05zmIL6zi 70 | # AS0TlNrQqu5ypmuagOWzYKDtIcWEDm6AuSK+QeZprW69c0XYRdIf8X/xNUawXLGe 71 | # 5LG6ngs2uHGtch9lt2GLMRWILnKviS6l6F06HOAow+aIDcNGOukddypveFrqMEbP 72 | # 7YKMekkB6c2/whdHzDQiW6V0K82Xp9XUexrbdnFpKWXLfQwkzjcG1xmSiHQUpkSH 73 | # 4w2AzBzcs+Nidoon5FEIFXGS2b1CcCA8+Po5Dg7//vn2thirXtOqaC+fjP1pUG7m 74 | # vrZQMg3lTHQA/LTL78R3UzzNb4I9dc8yualcYK155hRU3vZJ3/UtktAvDPC/ewoW 75 | # thebG77NuKU8YI6l2lMg7jMFZ1//brICD0RGqhmPMK9MrB3elSuMLaO566Ihdrlp 76 | # zmj4BRDCfPuH0QfwkrejsikGEMo0lErfHSjL3NaiE0PPoC4NW7nc6Wh4Va4e3VFF 77 | # Z9zdnoTsCKJqk4s13MxBbjdLIkCcfknMSxAloOF9h6IhzWOylSROAy/TZfGL5kzQ 78 | # qxzcIhdXLWHHWdbz4DD3qxYc6g1G3ZwgFPWf7VbKQU3FsAxgiJvmKPVeOfIN4iYT 79 | # V4toilRR8KX/IaA1NMrN9EiA//ZhN3HONS/s6AxjjHJTR29GOQkCAwEAAaOCAbYw 80 | # ggGyMA4GA1UdDwEB/wQEAwIHgDCBnwYIKwYBBQUHAQEEgZIwgY8wTAYIKwYBBQUH 81 | # MAKGQGh0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5jb20vY2FjZXJ0L2dzZ2NjcjQ1 82 | # ZXZjb2Rlc2lnbmNhMjAyMC5jcnQwPwYIKwYBBQUHMAGGM2h0dHA6Ly9vY3NwLmds 83 | # b2JhbHNpZ24uY29tL2dzZ2NjcjQ1ZXZjb2Rlc2lnbmNhMjAyMDBVBgNVHSAETjBM 84 | # MEEGCSsGAQQBoDIBAjA0MDIGCCsGAQUFBwIBFiZodHRwczovL3d3dy5nbG9iYWxz 85 | # aWduLmNvbS9yZXBvc2l0b3J5LzAHBgVngQwBAzAJBgNVHRMEAjAAMEcGA1UdHwRA 86 | # MD4wPKA6oDiGNmh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5jb20vZ3NnY2NyNDVldmNv 87 | # ZGVzaWduY2EyMDIwLmNybDATBgNVHSUEDDAKBggrBgEFBQcDAzAfBgNVHSMEGDAW 88 | # gBQlndD8WQmGY8Xs87ETO1ccA5I2ETAdBgNVHQ4EFgQU0Vg7IAYAK18fI9dI1YKi 89 | # WA0D1bEwDQYJKoZIhvcNAQELBQADggIBAFOdA15mFwRIM54PIL/BDZq9RU9IO+YO 90 | # lAoAYTJHbiTY9ZqvA1isS6EtdYKJgdP/MyZoW7RZmcY5IDXvXFj70TWWvfdqW/Qc 91 | # MMHtSqhiRb4L92LtR4lS+hWM2fptECpl9BKH28LBZemdKS0jryBEqyAmuEoFJNDk 92 | # wxzQVKPksvapvmSYwPiBCtzPyHTRo5HnLBXpK/LUBJu8epAgKz6LoJjnrTIF4U8R 93 | # owrtUC0I6f4uj+sKYE0iV3/TzwsTJsp7MQShoILPr1/75fQjU/7Pl2fbM++uAFBC 94 | # sHQHYvar9KLslFPX4g+cDdtOHz5vId8QYZnhCduVgzUGvELmXXR1FYV7oJNnh3eY 95 | # Xc5gm7vSNKlZB8l7Ls6h8icBV2zQbojDiH0JOD//ph62qvnMp8ev9mvhvLXRCIxc 96 | # aU7CYI0gNVvg9LPi5j1/tswqBc9XAfHUG9ZYVxYCgvynEmnJ5TuEh6GesGRPbNIL 97 | # l418MFn4EPQUqxB51SMihIcyqu6+3qOlco8Dsy1y0gC0Hcx+unDZPsN8k+rhueN2 98 | # HXrPkAJ2bsEJd7adPy423FKbA7bRCOc6dWOFH1OGANfEG0Rjw9RfcsI84OkKpQ7R 99 | # XldpKIcWuaYMlfYzsl+P8dJru+KgA8Vh7GTVb5USzFGeMyOMtyr1/L2bIyRVSiLL 100 | # 8goMl4DTDOWeMYIRRDCCEUACAQEwbDBcMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQ 101 | # R2xvYmFsU2lnbiBudi1zYTEyMDAGA1UEAxMpR2xvYmFsU2lnbiBHQ0MgUjQ1IEVW 102 | # IENvZGVTaWduaW5nIENBIDIwMjACDHBNxPwWOpXgXVV8DDANBglghkgBZQMEAgEF 103 | # AKB8MBAGCisGAQQBgjcCAQwxAjAAMBkGCSqGSIb3DQEJAzEMBgorBgEEAYI3AgEE 104 | # MBwGCisGAQQBgjcCAQsxDjAMBgorBgEEAYI3AgEVMC8GCSqGSIb3DQEJBDEiBCAs 105 | # r24HLbv26YBUzGXaVJER10EZyYV0xheDbQhyd4u0TTANBgkqhkiG9w0BAQEFAASC 106 | # AgBiSaYVEjzwT7c6yJp8Lb1tTMeTo/09rcgCXWsqSy4GIl7/Ld+nYC6G+t3ir8pk 107 | # pnc8/32/fmsJuPf+JgedtuX4c+ernzDHUSd343hRYRqLo4uuUsVFE7NCDAshhGD7 108 | # Q124HpliW6hCxhuzdZG1G81E2o14h8bRJV8U7O2DLwGAnCLN6jn684OYnYBz9Gij 109 | # lupedfrx8wn/z72+/lycVAgj7fQgUG95702zVJzvppNd6uLxZkbYlEQCMZp5IM2R 110 | # dVthAeszMXgLfPlfjDFtyAIwNxDAhTKC60IezYJaxk3vn679RGwGTqQoc8iFu/qN 111 | # OyvZb0E4g388WdrEs/0B5FXwyGhTEWJ5Ym+4AZpNiUEV7Mp4YUrOWxPOu0bxnHw/ 112 | # Vv3xf80PKPvVr4iAH+CFxIhA20kG2diYBfZErvKKNZxAGpAVR6kUuA3twusQ7QEk 113 | # zHNXIV7C/cK5//KkrTvPfAi0jS3Rk4QYqTdwI1U3L8EWO1kxMTltk9HnCG/igfXV 114 | # 0fSGfkWCVE0FnhuVauNCMEAFS6tMaugasB2xZ82Lizp78W2ZyVsXlNrlNMYfSu2Z 115 | # zhJwuPq6fwsAgbPAIueadtgEC/B6AL/tPu02xgMgpfoggLn+mIz4WN4+cr5u4TVM 116 | # hKM4zuvWiULyO8m8Qe4cHOBYsOE5j3xt7hxk5N5jINc0Z6GCDiswgg4nBgorBgEE 117 | # AYI3AwMBMYIOFzCCDhMGCSqGSIb3DQEHAqCCDgQwgg4AAgEDMQ0wCwYJYIZIAWUD 118 | # BAIBMIH+BgsqhkiG9w0BCRABBKCB7gSB6zCB6AIBAQYLYIZIAYb4RQEHFwMwITAJ 119 | # BgUrDgMCGgUABBS29RjZ+cgBjcywCMPn73sjBMbG6gIUSMb/JjcsqUsofF0qRRMk 120 | # 1BSAwJoYDzIwMjIwNTAxMTE1MzQzWjADAgEeoIGGpIGDMIGAMQswCQYDVQQGEwJV 121 | # UzEdMBsGA1UEChMUU3ltYW50ZWMgQ29ycG9yYXRpb24xHzAdBgNVBAsTFlN5bWFu 122 | # dGVjIFRydXN0IE5ldHdvcmsxMTAvBgNVBAMTKFN5bWFudGVjIFNIQTI1NiBUaW1l 123 | # U3RhbXBpbmcgU2lnbmVyIC0gRzOgggqLMIIFODCCBCCgAwIBAgIQewWx1EloUUT3 124 | # yYnSnBmdEjANBgkqhkiG9w0BAQsFADCBvTELMAkGA1UEBhMCVVMxFzAVBgNVBAoT 125 | # DlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3Jr 126 | # MTowOAYDVQQLEzEoYykgMjAwOCBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3Jp 127 | # emVkIHVzZSBvbmx5MTgwNgYDVQQDEy9WZXJpU2lnbiBVbml2ZXJzYWwgUm9vdCBD 128 | # ZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0xNjAxMTIwMDAwMDBaFw0zMTAxMTEy 129 | # MzU5NTlaMHcxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRTeW1hbnRlYyBDb3Jwb3Jh 130 | # dGlvbjEfMB0GA1UECxMWU3ltYW50ZWMgVHJ1c3QgTmV0d29yazEoMCYGA1UEAxMf 131 | # U3ltYW50ZWMgU0hBMjU2IFRpbWVTdGFtcGluZyBDQTCCASIwDQYJKoZIhvcNAQEB 132 | # BQADggEPADCCAQoCggEBALtZnVlVT52Mcl0agaLrVfOwAa08cawyjwVrhponADKX 133 | # ak3JZBRLKbvC2Sm5Luxjs+HPPwtWkPhiG37rpgfi3n9ebUA41JEG50F8eRzLy60b 134 | # v9iVkfPw7mz4rZY5Ln/BJ7h4OcWEpe3tr4eOzo3HberSmLU6Hx45ncP0mqj0hOHE 135 | # 0XxxxgYptD/kgw0mw3sIPk35CrczSf/KO9T1sptL4YiZGvXA6TMU1t/HgNuR7v68 136 | # kldyd/TNqMz+CfWTN76ViGrF3PSxS9TO6AmRX7WEeTWKeKwZMo8jwTJBG1kOqT6x 137 | # zPnWK++32OTVHW0ROpL2k8mc40juu1MO1DaXhnjFoTcCAwEAAaOCAXcwggFzMA4G 138 | # A1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEAMGYGA1UdIARfMF0wWwYL 139 | # YIZIAYb4RQEHFwMwTDAjBggrBgEFBQcCARYXaHR0cHM6Ly9kLnN5bWNiLmNvbS9j 140 | # cHMwJQYIKwYBBQUHAgIwGRoXaHR0cHM6Ly9kLnN5bWNiLmNvbS9ycGEwLgYIKwYB 141 | # BQUHAQEEIjAgMB4GCCsGAQUFBzABhhJodHRwOi8vcy5zeW1jZC5jb20wNgYDVR0f 142 | # BC8wLTAroCmgJ4YlaHR0cDovL3Muc3ltY2IuY29tL3VuaXZlcnNhbC1yb290LmNy 143 | # bDATBgNVHSUEDDAKBggrBgEFBQcDCDAoBgNVHREEITAfpB0wGzEZMBcGA1UEAxMQ 144 | # VGltZVN0YW1wLTIwNDgtMzAdBgNVHQ4EFgQUr2PWyqNOhXLgp7xB8ymiOH+AdWIw 145 | # HwYDVR0jBBgwFoAUtnf6aUhHn1MS1cLqBzJ2B9GXBxkwDQYJKoZIhvcNAQELBQAD 146 | # ggEBAHXqsC3VNBlcMkX+DuHUT6Z4wW/X6t3cT/OhyIGI96ePFeZAKa3mXfSi2VZk 147 | # hHEwKt0eYRdmIFYGmBmNXXHy+Je8Cf0ckUfJ4uiNA/vMkC/WCmxOM+zWtJPITJBj 148 | # SDlAIcTd1m6JmDy1mJfoqQa3CcmPU1dBkC/hHk1O3MoQeGxCbvC2xfhhXFL1TvZr 149 | # jfdKer7zzf0D19n2A6gP41P3CnXsxnUuqmaFBJm3+AZX4cYO9uiv2uybGB+queM6 150 | # AL/OipTLAduexzi7D1Kr0eOUA2AKTaD+J20UMvw/l0Dhv5mJ2+Q5FL3a5NPD6ita 151 | # s5VYVQR9x5rsIwONhSrS/66pYYEwggVLMIIEM6ADAgECAhB71OWvuswHP6EBIwQi 152 | # QU0SMA0GCSqGSIb3DQEBCwUAMHcxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRTeW1h 153 | # bnRlYyBDb3Jwb3JhdGlvbjEfMB0GA1UECxMWU3ltYW50ZWMgVHJ1c3QgTmV0d29y 154 | # azEoMCYGA1UEAxMfU3ltYW50ZWMgU0hBMjU2IFRpbWVTdGFtcGluZyBDQTAeFw0x 155 | # NzEyMjMwMDAwMDBaFw0yOTAzMjIyMzU5NTlaMIGAMQswCQYDVQQGEwJVUzEdMBsG 156 | # A1UEChMUU3ltYW50ZWMgQ29ycG9yYXRpb24xHzAdBgNVBAsTFlN5bWFudGVjIFRy 157 | # dXN0IE5ldHdvcmsxMTAvBgNVBAMTKFN5bWFudGVjIFNIQTI1NiBUaW1lU3RhbXBp 158 | # bmcgU2lnbmVyIC0gRzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv 159 | # Doqq+Ny/aXtUF3FHCb2NPIH4dBV3Z5Cc/d5OAp5LdvblNj5l1SQgbTD53R2D6T8n 160 | # SjNObRaK5I1AjSKqvqcLG9IHtjy1GiQo+BtyUT3ICYgmCDr5+kMjdUdwDLNfW48I 161 | # HXJIV2VNrwI8QPf03TI4kz/lLKbzWSPLgN4TTfkQyaoKGGxVYVfR8QIsxLWr8mwj 162 | # 0p8NDxlsrYViaf1OhcGKUjGrW9jJdFLjV2wiv1V/b8oGqz9KtyJ2ZezsNvKWlYEm 163 | # LP27mKoBONOvJUCbCVPwKVeFWF7qhUhBIYfl3rTTJrJ7QFNYeY5SMQZNlANFxM48 164 | # A+y3API6IsW0b+XvsIqbAgMBAAGjggHHMIIBwzAMBgNVHRMBAf8EAjAAMGYGA1Ud 165 | # IARfMF0wWwYLYIZIAYb4RQEHFwMwTDAjBggrBgEFBQcCARYXaHR0cHM6Ly9kLnN5 166 | # bWNiLmNvbS9jcHMwJQYIKwYBBQUHAgIwGRoXaHR0cHM6Ly9kLnN5bWNiLmNvbS9y 167 | # cGEwQAYDVR0fBDkwNzA1oDOgMYYvaHR0cDovL3RzLWNybC53cy5zeW1hbnRlYy5j 168 | # b20vc2hhMjU2LXRzcy1jYS5jcmwwFgYDVR0lAQH/BAwwCgYIKwYBBQUHAwgwDgYD 169 | # VR0PAQH/BAQDAgeAMHcGCCsGAQUFBwEBBGswaTAqBggrBgEFBQcwAYYeaHR0cDov 170 | # L3RzLW9jc3Aud3Muc3ltYW50ZWMuY29tMDsGCCsGAQUFBzAChi9odHRwOi8vdHMt 171 | # YWlhLndzLnN5bWFudGVjLmNvbS9zaGEyNTYtdHNzLWNhLmNlcjAoBgNVHREEITAf 172 | # pB0wGzEZMBcGA1UEAxMQVGltZVN0YW1wLTIwNDgtNjAdBgNVHQ4EFgQUpRMBqZ+F 173 | # zBtuFh5fOzGqeTYAex0wHwYDVR0jBBgwFoAUr2PWyqNOhXLgp7xB8ymiOH+AdWIw 174 | # DQYJKoZIhvcNAQELBQADggEBAEaer/C4ol+imUjPqCdLIc2yuaZycGMv41UpezlG 175 | # Tud+ZQZYi7xXipINCNgQujYk+gp7+zvTYr9KlBXmgtuKVG3/KP5nz3E/5jMJ2aJZ 176 | # EPQeSv5lzN7Ua+NSKXUASiulzMub6KlN97QXWZJBw7c/hub2wH9EPEZcF1rjpDvV 177 | # aSbVIX3hgGd+Yqy3Ti4VmuWcI69bEepxqUH5DXk4qaENz7Sx2j6aescixXTN30cJ 178 | # hsT8kSWyG5bphQjo3ep0YG5gpVZ6DchEWNzm+UgUnuW/3gC9d7GYFHIUJN/HESwf 179 | # AD/DSxTGZxzMHgajkF9cVIs+4zNbgg/Ft4YCTnGf6WZFP3YxggJaMIICVgIBATCB 180 | # izB3MQswCQYDVQQGEwJVUzEdMBsGA1UEChMUU3ltYW50ZWMgQ29ycG9yYXRpb24x 181 | # HzAdBgNVBAsTFlN5bWFudGVjIFRydXN0IE5ldHdvcmsxKDAmBgNVBAMTH1N5bWFu 182 | # dGVjIFNIQTI1NiBUaW1lU3RhbXBpbmcgQ0ECEHvU5a+6zAc/oQEjBCJBTRIwCwYJ 183 | # YIZIAWUDBAIBoIGkMBoGCSqGSIb3DQEJAzENBgsqhkiG9w0BCRABBDAcBgkqhkiG 184 | # 9w0BCQUxDxcNMjIwNTAxMTE1MzQzWjAvBgkqhkiG9w0BCQQxIgQg4/8QiPX/0ou0 185 | # qaVw3f3+RBVR7qlFhE/HMB5c7EeDzJEwNwYLKoZIhvcNAQkQAi8xKDAmMCQwIgQg 186 | # xHTOdgB9AjlODaXk3nwUxoD54oIBPP72U+9dtx/fYfgwCwYJKoZIhvcNAQEBBIIB 187 | # AK2Ow3LnmlXkcsJJLb4XtkITZ5MtsR1wRFvjFdaUzYDFXwlliO12vXWkgGoP7Cwb 188 | # lkgQZsrAMs4XqamwHYw+itrIaLa3OWDwrpn9U1p/P5+lxwnSzf7JYLwAPGz3OS6/ 189 | # KqZWpBWoZLaPjLptncBgXTLR31OTpzQtvrsi3dkt1VGIZfn1BdVtUF5zzcojEZ9S 190 | # oDMc2CoHB/Po7FB7tQo2IPfdDcUEiV9gnCiSn5LZjGDPo6e3HozkOWjlQ0UObdo+ 191 | # ZQngofVrF6SbPT9vvqPe9Gu+MS46ImK1swuE9dh6KIBV40QaU/8J0hvIPO38w8KD 192 | # jaIIpgCAupPMYz3fXnerDpY= 193 | # SIG # End signature block 194 | -------------------------------------------------------------------------------- /files/aws/Common.ps1: -------------------------------------------------------------------------------- 1 | function WriteLog{ 2 | [CmdletBinding()] 3 | param( 4 | $LogFile, 5 | $LogLevel, 6 | $Log 7 | ) 8 | 9 | if (!(Test-Path $LogFile)) { 10 | $NewLogFile = New-Item $LogFile -Force -ItemType File 11 | } 12 | 13 | $FormattedDate = Get-Date -Format "yyyy-MM-dd HH:mm:ss" 14 | "$($FormattedDate) [$($LogLevel)] $($Log)" | Out-File -FilePath $LogFile -Append -Encoding ASCII 15 | 16 | if ($LogLevel.StartsWith("USER")) { 17 | Write-Host "$Log" 18 | } 19 | } 20 | # SIG # Begin signature block 21 | # MIIgTQYJKoZIhvcNAQcCoIIgPjCCIDoCAQExDzANBglghkgBZQMEAgEFADB5Bgor 22 | # BgEEAYI3AgEEoGswaTA0BgorBgEEAYI3AgEeMCYCAwEAAAQQH8w7YFlLCE63JNLG 23 | # KX7zUQIBAAIBAAIBAAIBAAIBADAxMA0GCWCGSAFlAwQCAQUABCBEBXA5wdISjmca 24 | # O1kRSNdTWccmZ4CRrMJv2JDekhzYIKCCDl8wggboMIIE0KADAgECAhB3vQ4Ft1kL 25 | # th1HYVMeP3XtMA0GCSqGSIb3DQEBCwUAMFMxCzAJBgNVBAYTAkJFMRkwFwYDVQQK 26 | # ExBHbG9iYWxTaWduIG52LXNhMSkwJwYDVQQDEyBHbG9iYWxTaWduIENvZGUgU2ln 27 | # bmluZyBSb290IFI0NTAeFw0yMDA3MjgwMDAwMDBaFw0zMDA3MjgwMDAwMDBaMFwx 28 | # CzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTIwMAYDVQQD 29 | # EylHbG9iYWxTaWduIEdDQyBSNDUgRVYgQ29kZVNpZ25pbmcgQ0EgMjAyMDCCAiIw 30 | # DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMsg75ceuQEyQ6BbqYoj/SBerjgS 31 | # i8os1P9B2BpV1BlTt/2jF+d6OVzA984Ro/ml7QH6tbqT76+T3PjisxlMg7BKRFAE 32 | # eIQQaqTWlpCOgfh8qy+1o1cz0lh7lA5tD6WRJiqzg09ysYp7ZJLQ8LRVX5YLEeWa 33 | # tSyyEc8lG31RK5gfSaNf+BOeNbgDAtqkEy+FSu/EL3AOwdTMMxLsvUCV0xHK5s2z 34 | # BZzIU+tS13hMUQGSgt4T8weOdLqEgJ/SpBUO6K/r94n233Hw0b6nskEzIHXMsdXt 35 | # HQcZxOsmd/KrbReTSam35sOQnMa47MzJe5pexcUkk2NvfhCLYc+YVaMkoog28vmf 36 | # vpMusgafJsAMAVYS4bKKnw4e3JiLLs/a4ok0ph8moKiueG3soYgVPMLq7rfYrWGl 37 | # r3A2onmO3A1zwPHkLKuU7FgGOTZI1jta6CLOdA6vLPEV2tG0leis1Ult5a/dm2tj 38 | # IF2OfjuyQ9hiOpTlzbSYszcZJBJyc6sEsAnchebUIgTvQCodLm3HadNutwFsDeCX 39 | # pxbmJouI9wNEhl9iZ0y1pzeoVdwDNoxuz202JvEOj7A9ccDhMqeC5LYyAjIwfLWT 40 | # yCH9PIjmaWP47nXJi8Kr77o6/elev7YR8b7wPcoyPm593g9+m5XEEofnGrhO7izB 41 | # 36Fl6CSDySrC/blTAgMBAAGjggGtMIIBqTAOBgNVHQ8BAf8EBAMCAYYwEwYDVR0l 42 | # BAwwCgYIKwYBBQUHAwMwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUJZ3Q 43 | # /FkJhmPF7POxEztXHAOSNhEwHwYDVR0jBBgwFoAUHwC/RoAK/Hg5t6W0Q9lWULvO 44 | # ljswgZMGCCsGAQUFBwEBBIGGMIGDMDkGCCsGAQUFBzABhi1odHRwOi8vb2NzcC5n 45 | # bG9iYWxzaWduLmNvbS9jb2Rlc2lnbmluZ3Jvb3RyNDUwRgYIKwYBBQUHMAKGOmh0 46 | # dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5jb20vY2FjZXJ0L2NvZGVzaWduaW5ncm9v 47 | # dHI0NS5jcnQwQQYDVR0fBDowODA2oDSgMoYwaHR0cDovL2NybC5nbG9iYWxzaWdu 48 | # LmNvbS9jb2Rlc2lnbmluZ3Jvb3RyNDUuY3JsMFUGA1UdIAROMEwwQQYJKwYBBAGg 49 | # MgECMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29tL3Jl 50 | # cG9zaXRvcnkvMAcGBWeBDAEDMA0GCSqGSIb3DQEBCwUAA4ICAQAldaAJyTm6t6E5 51 | # iS8Yn6vW6x1L6JR8DQdomxyd73G2F2prAk+zP4ZFh8xlm0zjWAYCImbVYQLFY4/U 52 | # ovG2XiULd5bpzXFAM4gp7O7zom28TbU+BkvJczPKCBQtPUzosLp1pnQtpFg6bBNJ 53 | # +KUVChSWhbFqaDQlQq+WVvQQ+iR98StywRbha+vmqZjHPlr00Bid/XSXhndGKj0j 54 | # fShziq7vKxuav2xTpxSePIdxwF6OyPvTKpIz6ldNXgdeysEYrIEtGiH6bs+XYXvf 55 | # cXo6ymP31TBENzL+u0OF3Lr8psozGSt3bdvLBfB+X3Uuora/Nao2Y8nOZNm9/Lws 56 | # 80lWAMgSK8YnuzevV+/Ezx4pxPTiLc4qYc9X7fUKQOL1GNYe6ZAvytOHX5OKSBoR 57 | # HeU3hZ8uZmKaXoFOlaxVV0PcU4slfjxhD4oLuvU/pteO9wRWXiG7n9dqcYC/lt5y 58 | # A9jYIivzJxZPOOhRQAyuku++PX33gMZMNleElaeEFUgwDlInCI2Oor0ixxnJpsoO 59 | # qHo222q6YV8RJJWk4o5o7hmpSZle0LQ0vdb5QMcQlzFSOTUpEYck08T7qWPLd0jV 60 | # +mL8JOAEek7Q5G7ezp44UCb0IXFl1wkl1MkHAHq4x/N36MXU4lXQ0x72f1LiSY25 61 | # EXIMiEQmM2YBRN/kMw4h3mKJSAfa9TCCB28wggVXoAMCAQICDHBNxPwWOpXgXVV8 62 | # DDANBgkqhkiG9w0BAQsFADBcMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFs 63 | # U2lnbiBudi1zYTEyMDAGA1UEAxMpR2xvYmFsU2lnbiBHQ0MgUjQ1IEVWIENvZGVT 64 | # aWduaW5nIENBIDIwMjAwHhcNMjIwMjE1MTMzODM1WhcNMjUwMjE1MTMzODM1WjCB 65 | # 1DEdMBsGA1UEDwwUUHJpdmF0ZSBPcmdhbml6YXRpb24xEjAQBgNVBAUTCTUxMjI5 66 | # MTY0MjETMBEGCysGAQQBgjc8AgEDEwJJTDELMAkGA1UEBhMCSUwxEDAOBgNVBAgT 67 | # B0NlbnRyYWwxFDASBgNVBAcTC1BldGFoIFRpa3ZhMRMwEQYDVQQJEwo5IEhhcHNh 68 | # Z290MR8wHQYDVQQKExZDeWJlckFyayBTb2Z0d2FyZSBMdGQuMR8wHQYDVQQDExZD 69 | # eWJlckFyayBTb2Z0d2FyZSBMdGQuMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC 70 | # CgKCAgEA8rPX6yAVM64+/qMQEttWp7FdAvq9UfgxBrW+R0NtuXhKnjV05zmIL6zi 71 | # AS0TlNrQqu5ypmuagOWzYKDtIcWEDm6AuSK+QeZprW69c0XYRdIf8X/xNUawXLGe 72 | # 5LG6ngs2uHGtch9lt2GLMRWILnKviS6l6F06HOAow+aIDcNGOukddypveFrqMEbP 73 | # 7YKMekkB6c2/whdHzDQiW6V0K82Xp9XUexrbdnFpKWXLfQwkzjcG1xmSiHQUpkSH 74 | # 4w2AzBzcs+Nidoon5FEIFXGS2b1CcCA8+Po5Dg7//vn2thirXtOqaC+fjP1pUG7m 75 | # vrZQMg3lTHQA/LTL78R3UzzNb4I9dc8yualcYK155hRU3vZJ3/UtktAvDPC/ewoW 76 | # thebG77NuKU8YI6l2lMg7jMFZ1//brICD0RGqhmPMK9MrB3elSuMLaO566Ihdrlp 77 | # zmj4BRDCfPuH0QfwkrejsikGEMo0lErfHSjL3NaiE0PPoC4NW7nc6Wh4Va4e3VFF 78 | # Z9zdnoTsCKJqk4s13MxBbjdLIkCcfknMSxAloOF9h6IhzWOylSROAy/TZfGL5kzQ 79 | # qxzcIhdXLWHHWdbz4DD3qxYc6g1G3ZwgFPWf7VbKQU3FsAxgiJvmKPVeOfIN4iYT 80 | # V4toilRR8KX/IaA1NMrN9EiA//ZhN3HONS/s6AxjjHJTR29GOQkCAwEAAaOCAbYw 81 | # ggGyMA4GA1UdDwEB/wQEAwIHgDCBnwYIKwYBBQUHAQEEgZIwgY8wTAYIKwYBBQUH 82 | # MAKGQGh0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5jb20vY2FjZXJ0L2dzZ2NjcjQ1 83 | # ZXZjb2Rlc2lnbmNhMjAyMC5jcnQwPwYIKwYBBQUHMAGGM2h0dHA6Ly9vY3NwLmds 84 | # b2JhbHNpZ24uY29tL2dzZ2NjcjQ1ZXZjb2Rlc2lnbmNhMjAyMDBVBgNVHSAETjBM 85 | # MEEGCSsGAQQBoDIBAjA0MDIGCCsGAQUFBwIBFiZodHRwczovL3d3dy5nbG9iYWxz 86 | # aWduLmNvbS9yZXBvc2l0b3J5LzAHBgVngQwBAzAJBgNVHRMEAjAAMEcGA1UdHwRA 87 | # MD4wPKA6oDiGNmh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5jb20vZ3NnY2NyNDVldmNv 88 | # ZGVzaWduY2EyMDIwLmNybDATBgNVHSUEDDAKBggrBgEFBQcDAzAfBgNVHSMEGDAW 89 | # gBQlndD8WQmGY8Xs87ETO1ccA5I2ETAdBgNVHQ4EFgQU0Vg7IAYAK18fI9dI1YKi 90 | # WA0D1bEwDQYJKoZIhvcNAQELBQADggIBAFOdA15mFwRIM54PIL/BDZq9RU9IO+YO 91 | # lAoAYTJHbiTY9ZqvA1isS6EtdYKJgdP/MyZoW7RZmcY5IDXvXFj70TWWvfdqW/Qc 92 | # MMHtSqhiRb4L92LtR4lS+hWM2fptECpl9BKH28LBZemdKS0jryBEqyAmuEoFJNDk 93 | # wxzQVKPksvapvmSYwPiBCtzPyHTRo5HnLBXpK/LUBJu8epAgKz6LoJjnrTIF4U8R 94 | # owrtUC0I6f4uj+sKYE0iV3/TzwsTJsp7MQShoILPr1/75fQjU/7Pl2fbM++uAFBC 95 | # sHQHYvar9KLslFPX4g+cDdtOHz5vId8QYZnhCduVgzUGvELmXXR1FYV7oJNnh3eY 96 | # Xc5gm7vSNKlZB8l7Ls6h8icBV2zQbojDiH0JOD//ph62qvnMp8ev9mvhvLXRCIxc 97 | # aU7CYI0gNVvg9LPi5j1/tswqBc9XAfHUG9ZYVxYCgvynEmnJ5TuEh6GesGRPbNIL 98 | # l418MFn4EPQUqxB51SMihIcyqu6+3qOlco8Dsy1y0gC0Hcx+unDZPsN8k+rhueN2 99 | # HXrPkAJ2bsEJd7adPy423FKbA7bRCOc6dWOFH1OGANfEG0Rjw9RfcsI84OkKpQ7R 100 | # XldpKIcWuaYMlfYzsl+P8dJru+KgA8Vh7GTVb5USzFGeMyOMtyr1/L2bIyRVSiLL 101 | # 8goMl4DTDOWeMYIRRDCCEUACAQEwbDBcMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQ 102 | # R2xvYmFsU2lnbiBudi1zYTEyMDAGA1UEAxMpR2xvYmFsU2lnbiBHQ0MgUjQ1IEVW 103 | # IENvZGVTaWduaW5nIENBIDIwMjACDHBNxPwWOpXgXVV8DDANBglghkgBZQMEAgEF 104 | # AKB8MBAGCisGAQQBgjcCAQwxAjAAMBkGCSqGSIb3DQEJAzEMBgorBgEEAYI3AgEE 105 | # MBwGCisGAQQBgjcCAQsxDjAMBgorBgEEAYI3AgEVMC8GCSqGSIb3DQEJBDEiBCD1 106 | # pDlpm1HMgl+w0u/GmgdPaf0pTZSgBdeaZxQI4FqvFzANBgkqhkiG9w0BAQEFAASC 107 | # AgDknxCa9dKnRuoV85wyk091IkClLCoxr9BhElEL4D57KVXY0b1/RDpivnst6xiE 108 | # OEABoyohrv9PGHRAMwSQUk49ALxOaPywJKkx1mrVZdqPvnPaoC4VSmsJz0Lq7Msq 109 | # Mj9Y57Yz2Qotof1oyvuB6RMgpo5w/poOYbQ2pNLWiGUO0T4Fd8R7UFFbTe60lKfV 110 | # ohmQM5ZZNh3Mf1BO3vgx2p+N2tWfrlGBubmMYOJFCXhD537Qc4WFVQ68CEdOEdkw 111 | # 4KBGdog1EmQ0OJ50QD2wsfeG9mjim1HRpDIyRvPrD9iXnFBem8EnMLJFc3d9LTQZ 112 | # 3E08U0uegMO517Raoxr/hFyoakrsbo/A5nvpj2b2wy7biBUXjp+3nHfelBveU2Gy 113 | # RgF/jnwaGg9lgNaJOyTRLb/RZjPKruv5WzqeC+UWjHoXmA9DkR03KnuZjk65NXKN 114 | # 1zTqc3owjI8Ih76tTUFE1VniLx7wB42bUpg24MtzX+lv2gJYqUSVVjdJsqr2UH4G 115 | # y9mopDQTr/TJ5CWjVtowxOxBxzsmU5y8YNN96PpOHq+cgbCrqzVXrXR0mcMw+dm8 116 | # C7YIrLxl0xJhp19iKu0i5iico3Ddmnj6kz80RPxbOQbpzIT8Yz0wUxf3/kSxEJza 117 | # UOjGgkua2O1hq6+CJs+yqtr48/PepXU6c7fol0JHuT5DoqGCDiswgg4nBgorBgEE 118 | # AYI3AwMBMYIOFzCCDhMGCSqGSIb3DQEHAqCCDgQwgg4AAgEDMQ0wCwYJYIZIAWUD 119 | # BAIBMIH+BgsqhkiG9w0BCRABBKCB7gSB6zCB6AIBAQYLYIZIAYb4RQEHFwMwITAJ 120 | # BgUrDgMCGgUABBQ+qheh3vpQflAng7XQaRjX9YJUBAIUHDDM+KcYrJoRgu/VN0TA 121 | # CaW0TBoYDzIwMjIwNTAxMTE1MzU0WjADAgEeoIGGpIGDMIGAMQswCQYDVQQGEwJV 122 | # UzEdMBsGA1UEChMUU3ltYW50ZWMgQ29ycG9yYXRpb24xHzAdBgNVBAsTFlN5bWFu 123 | # dGVjIFRydXN0IE5ldHdvcmsxMTAvBgNVBAMTKFN5bWFudGVjIFNIQTI1NiBUaW1l 124 | # U3RhbXBpbmcgU2lnbmVyIC0gRzOgggqLMIIFODCCBCCgAwIBAgIQewWx1EloUUT3 125 | # yYnSnBmdEjANBgkqhkiG9w0BAQsFADCBvTELMAkGA1UEBhMCVVMxFzAVBgNVBAoT 126 | # DlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3Jr 127 | # MTowOAYDVQQLEzEoYykgMjAwOCBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3Jp 128 | # emVkIHVzZSBvbmx5MTgwNgYDVQQDEy9WZXJpU2lnbiBVbml2ZXJzYWwgUm9vdCBD 129 | # ZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0xNjAxMTIwMDAwMDBaFw0zMTAxMTEy 130 | # MzU5NTlaMHcxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRTeW1hbnRlYyBDb3Jwb3Jh 131 | # dGlvbjEfMB0GA1UECxMWU3ltYW50ZWMgVHJ1c3QgTmV0d29yazEoMCYGA1UEAxMf 132 | # U3ltYW50ZWMgU0hBMjU2IFRpbWVTdGFtcGluZyBDQTCCASIwDQYJKoZIhvcNAQEB 133 | # BQADggEPADCCAQoCggEBALtZnVlVT52Mcl0agaLrVfOwAa08cawyjwVrhponADKX 134 | # ak3JZBRLKbvC2Sm5Luxjs+HPPwtWkPhiG37rpgfi3n9ebUA41JEG50F8eRzLy60b 135 | # v9iVkfPw7mz4rZY5Ln/BJ7h4OcWEpe3tr4eOzo3HberSmLU6Hx45ncP0mqj0hOHE 136 | # 0XxxxgYptD/kgw0mw3sIPk35CrczSf/KO9T1sptL4YiZGvXA6TMU1t/HgNuR7v68 137 | # kldyd/TNqMz+CfWTN76ViGrF3PSxS9TO6AmRX7WEeTWKeKwZMo8jwTJBG1kOqT6x 138 | # zPnWK++32OTVHW0ROpL2k8mc40juu1MO1DaXhnjFoTcCAwEAAaOCAXcwggFzMA4G 139 | # A1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEAMGYGA1UdIARfMF0wWwYL 140 | # YIZIAYb4RQEHFwMwTDAjBggrBgEFBQcCARYXaHR0cHM6Ly9kLnN5bWNiLmNvbS9j 141 | # cHMwJQYIKwYBBQUHAgIwGRoXaHR0cHM6Ly9kLnN5bWNiLmNvbS9ycGEwLgYIKwYB 142 | # BQUHAQEEIjAgMB4GCCsGAQUFBzABhhJodHRwOi8vcy5zeW1jZC5jb20wNgYDVR0f 143 | # BC8wLTAroCmgJ4YlaHR0cDovL3Muc3ltY2IuY29tL3VuaXZlcnNhbC1yb290LmNy 144 | # bDATBgNVHSUEDDAKBggrBgEFBQcDCDAoBgNVHREEITAfpB0wGzEZMBcGA1UEAxMQ 145 | # VGltZVN0YW1wLTIwNDgtMzAdBgNVHQ4EFgQUr2PWyqNOhXLgp7xB8ymiOH+AdWIw 146 | # HwYDVR0jBBgwFoAUtnf6aUhHn1MS1cLqBzJ2B9GXBxkwDQYJKoZIhvcNAQELBQAD 147 | # ggEBAHXqsC3VNBlcMkX+DuHUT6Z4wW/X6t3cT/OhyIGI96ePFeZAKa3mXfSi2VZk 148 | # hHEwKt0eYRdmIFYGmBmNXXHy+Je8Cf0ckUfJ4uiNA/vMkC/WCmxOM+zWtJPITJBj 149 | # SDlAIcTd1m6JmDy1mJfoqQa3CcmPU1dBkC/hHk1O3MoQeGxCbvC2xfhhXFL1TvZr 150 | # jfdKer7zzf0D19n2A6gP41P3CnXsxnUuqmaFBJm3+AZX4cYO9uiv2uybGB+queM6 151 | # AL/OipTLAduexzi7D1Kr0eOUA2AKTaD+J20UMvw/l0Dhv5mJ2+Q5FL3a5NPD6ita 152 | # s5VYVQR9x5rsIwONhSrS/66pYYEwggVLMIIEM6ADAgECAhB71OWvuswHP6EBIwQi 153 | # QU0SMA0GCSqGSIb3DQEBCwUAMHcxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRTeW1h 154 | # bnRlYyBDb3Jwb3JhdGlvbjEfMB0GA1UECxMWU3ltYW50ZWMgVHJ1c3QgTmV0d29y 155 | # azEoMCYGA1UEAxMfU3ltYW50ZWMgU0hBMjU2IFRpbWVTdGFtcGluZyBDQTAeFw0x 156 | # NzEyMjMwMDAwMDBaFw0yOTAzMjIyMzU5NTlaMIGAMQswCQYDVQQGEwJVUzEdMBsG 157 | # A1UEChMUU3ltYW50ZWMgQ29ycG9yYXRpb24xHzAdBgNVBAsTFlN5bWFudGVjIFRy 158 | # dXN0IE5ldHdvcmsxMTAvBgNVBAMTKFN5bWFudGVjIFNIQTI1NiBUaW1lU3RhbXBp 159 | # bmcgU2lnbmVyIC0gRzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv 160 | # Doqq+Ny/aXtUF3FHCb2NPIH4dBV3Z5Cc/d5OAp5LdvblNj5l1SQgbTD53R2D6T8n 161 | # SjNObRaK5I1AjSKqvqcLG9IHtjy1GiQo+BtyUT3ICYgmCDr5+kMjdUdwDLNfW48I 162 | # HXJIV2VNrwI8QPf03TI4kz/lLKbzWSPLgN4TTfkQyaoKGGxVYVfR8QIsxLWr8mwj 163 | # 0p8NDxlsrYViaf1OhcGKUjGrW9jJdFLjV2wiv1V/b8oGqz9KtyJ2ZezsNvKWlYEm 164 | # LP27mKoBONOvJUCbCVPwKVeFWF7qhUhBIYfl3rTTJrJ7QFNYeY5SMQZNlANFxM48 165 | # A+y3API6IsW0b+XvsIqbAgMBAAGjggHHMIIBwzAMBgNVHRMBAf8EAjAAMGYGA1Ud 166 | # IARfMF0wWwYLYIZIAYb4RQEHFwMwTDAjBggrBgEFBQcCARYXaHR0cHM6Ly9kLnN5 167 | # bWNiLmNvbS9jcHMwJQYIKwYBBQUHAgIwGRoXaHR0cHM6Ly9kLnN5bWNiLmNvbS9y 168 | # cGEwQAYDVR0fBDkwNzA1oDOgMYYvaHR0cDovL3RzLWNybC53cy5zeW1hbnRlYy5j 169 | # b20vc2hhMjU2LXRzcy1jYS5jcmwwFgYDVR0lAQH/BAwwCgYIKwYBBQUHAwgwDgYD 170 | # VR0PAQH/BAQDAgeAMHcGCCsGAQUFBwEBBGswaTAqBggrBgEFBQcwAYYeaHR0cDov 171 | # L3RzLW9jc3Aud3Muc3ltYW50ZWMuY29tMDsGCCsGAQUFBzAChi9odHRwOi8vdHMt 172 | # YWlhLndzLnN5bWFudGVjLmNvbS9zaGEyNTYtdHNzLWNhLmNlcjAoBgNVHREEITAf 173 | # pB0wGzEZMBcGA1UEAxMQVGltZVN0YW1wLTIwNDgtNjAdBgNVHQ4EFgQUpRMBqZ+F 174 | # zBtuFh5fOzGqeTYAex0wHwYDVR0jBBgwFoAUr2PWyqNOhXLgp7xB8ymiOH+AdWIw 175 | # DQYJKoZIhvcNAQELBQADggEBAEaer/C4ol+imUjPqCdLIc2yuaZycGMv41UpezlG 176 | # Tud+ZQZYi7xXipINCNgQujYk+gp7+zvTYr9KlBXmgtuKVG3/KP5nz3E/5jMJ2aJZ 177 | # EPQeSv5lzN7Ua+NSKXUASiulzMub6KlN97QXWZJBw7c/hub2wH9EPEZcF1rjpDvV 178 | # aSbVIX3hgGd+Yqy3Ti4VmuWcI69bEepxqUH5DXk4qaENz7Sx2j6aescixXTN30cJ 179 | # hsT8kSWyG5bphQjo3ep0YG5gpVZ6DchEWNzm+UgUnuW/3gC9d7GYFHIUJN/HESwf 180 | # AD/DSxTGZxzMHgajkF9cVIs+4zNbgg/Ft4YCTnGf6WZFP3YxggJaMIICVgIBATCB 181 | # izB3MQswCQYDVQQGEwJVUzEdMBsGA1UEChMUU3ltYW50ZWMgQ29ycG9yYXRpb24x 182 | # HzAdBgNVBAsTFlN5bWFudGVjIFRydXN0IE5ldHdvcmsxKDAmBgNVBAMTH1N5bWFu 183 | # dGVjIFNIQTI1NiBUaW1lU3RhbXBpbmcgQ0ECEHvU5a+6zAc/oQEjBCJBTRIwCwYJ 184 | # YIZIAWUDBAIBoIGkMBoGCSqGSIb3DQEJAzENBgsqhkiG9w0BCRABBDAcBgkqhkiG 185 | # 9w0BCQUxDxcNMjIwNTAxMTE1MzU0WjAvBgkqhkiG9w0BCQQxIgQgyWfF5kak6eNO 186 | # IFGuaTbpcdAPF8G7+yZHrGGIAAZSSOwwNwYLKoZIhvcNAQkQAi8xKDAmMCQwIgQg 187 | # xHTOdgB9AjlODaXk3nwUxoD54oIBPP72U+9dtx/fYfgwCwYJKoZIhvcNAQEBBIIB 188 | # AC9MsJRHE2rPwbbUwEobZ5+0MHn0E7hLpgZYccYO5Q4Giqih4nHdsqV7+7Bn7tnz 189 | # RhNjB5kHAy0yUD4CUft4JdalN/Fp/C1+cfuzITc6KeLxgHeANdnY/d6azMsasuX/ 190 | # PKXkfHZ87lqtywHYMkw49JB7b2yYfkhgB1gVLzYhjgmTLRMa5PZ7egcP0Eo5TeRE 191 | # 8X96nDU2Pp/cvbJy0CzA7Xzl42jYKu7eKd7qLEBgqgOKRPfGElnkWbgP2mVUc1DF 192 | # LVsXHxCVyj6k1HTf5ugpcn9M4lfmiSdnd3pb/OLCDw+PMide1vvV9599Qcv8HhBU 193 | # P371X4EUtwX9xqqkDJwI/6s= 194 | # SIG # End signature block 195 | -------------------------------------------------------------------------------- /files/aws/PSMConfiguration.ps1: -------------------------------------------------------------------------------- 1 | [CmdletBinding()] 2 | Param( 3 | [Parameter(Mandatory=$true)][string]$VaultIpAddress, 4 | [Parameter(Mandatory=$true)][string]$VaultAdminUser, 5 | [Parameter(Mandatory=$true)][string]$VaultPort 6 | ) 7 | 8 | . "$PSScriptRoot\Common.ps1" 9 | 10 | $LogFile = "C:\CyberArk\Deployment\Logs\PSMConfiguration.log" 11 | 12 | try{ 13 | WriteLog -LogFile $LogFile -LogLevel "INFO" -Log "Get content of PSMRegisterComponentConfig.xml" 14 | $ScriptPath = $PSScriptRoot 15 | $FilePath = "C:\CyberArk\PSM\InstallationAutomation\Registration\RegistrationConfig.xml" 16 | $xml = [xml](Get-Content $filePath) 17 | 18 | WriteLog -LogFile $LogFile -LogLevel "INFO" -Log "Get vault IP" 19 | $step1 = $xml.SelectSingleNode("//Parameter[@Name = 'vaultip']") 20 | $step1.Value = $VaultIpAddress 21 | WriteLog -LogFile $LogFile -LogLevel "INFO" -Log "Get vault port" 22 | $step2 = $xml.SelectSingleNode("//Parameter[@Name = 'vaultport']") 23 | $step2.Value = $VaultPort 24 | WriteLog -LogFile $LogFile -LogLevel "INFO" -Log "Get vault user" 25 | $step3 = $xml.SelectSingleNode("//Parameter[@Name = 'vaultusername']") 26 | $step3.Value = $VaultAdminUser 27 | WriteLog -LogFile $LogFile -LogLevel "INFO" -Log "Accept eula" 28 | $step4 = $xml.SelectSingleNode("//Parameter[@Name = 'accepteula']") 29 | $step4.Value = "Yes" 30 | 31 | WriteLog -LogFile $LogFile -LogLevel "INFO" -Log "Save xml" 32 | $xml.Save($filePath) 33 | } 34 | catch{ 35 | WriteLog -LogFile $LogFile -LogLevel "ERROR" -Log $_.Exception.Message 36 | exit 1 37 | } 38 | # SIG # Begin signature block 39 | # MIIgTgYJKoZIhvcNAQcCoIIgPzCCIDsCAQExDzANBglghkgBZQMEAgEFADB5Bgor 40 | # BgEEAYI3AgEEoGswaTA0BgorBgEEAYI3AgEeMCYCAwEAAAQQH8w7YFlLCE63JNLG 41 | # KX7zUQIBAAIBAAIBAAIBAAIBADAxMA0GCWCGSAFlAwQCAQUABCCVYUFqZjAhEh6Y 42 | # o3lkS03HDSfigmg50bIXRNQzVWvzpqCCDl8wggboMIIE0KADAgECAhB3vQ4Ft1kL 43 | # th1HYVMeP3XtMA0GCSqGSIb3DQEBCwUAMFMxCzAJBgNVBAYTAkJFMRkwFwYDVQQK 44 | # ExBHbG9iYWxTaWduIG52LXNhMSkwJwYDVQQDEyBHbG9iYWxTaWduIENvZGUgU2ln 45 | # bmluZyBSb290IFI0NTAeFw0yMDA3MjgwMDAwMDBaFw0zMDA3MjgwMDAwMDBaMFwx 46 | # CzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTIwMAYDVQQD 47 | # EylHbG9iYWxTaWduIEdDQyBSNDUgRVYgQ29kZVNpZ25pbmcgQ0EgMjAyMDCCAiIw 48 | # DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMsg75ceuQEyQ6BbqYoj/SBerjgS 49 | # i8os1P9B2BpV1BlTt/2jF+d6OVzA984Ro/ml7QH6tbqT76+T3PjisxlMg7BKRFAE 50 | # eIQQaqTWlpCOgfh8qy+1o1cz0lh7lA5tD6WRJiqzg09ysYp7ZJLQ8LRVX5YLEeWa 51 | # tSyyEc8lG31RK5gfSaNf+BOeNbgDAtqkEy+FSu/EL3AOwdTMMxLsvUCV0xHK5s2z 52 | # BZzIU+tS13hMUQGSgt4T8weOdLqEgJ/SpBUO6K/r94n233Hw0b6nskEzIHXMsdXt 53 | # HQcZxOsmd/KrbReTSam35sOQnMa47MzJe5pexcUkk2NvfhCLYc+YVaMkoog28vmf 54 | # vpMusgafJsAMAVYS4bKKnw4e3JiLLs/a4ok0ph8moKiueG3soYgVPMLq7rfYrWGl 55 | # r3A2onmO3A1zwPHkLKuU7FgGOTZI1jta6CLOdA6vLPEV2tG0leis1Ult5a/dm2tj 56 | # IF2OfjuyQ9hiOpTlzbSYszcZJBJyc6sEsAnchebUIgTvQCodLm3HadNutwFsDeCX 57 | # pxbmJouI9wNEhl9iZ0y1pzeoVdwDNoxuz202JvEOj7A9ccDhMqeC5LYyAjIwfLWT 58 | # yCH9PIjmaWP47nXJi8Kr77o6/elev7YR8b7wPcoyPm593g9+m5XEEofnGrhO7izB 59 | # 36Fl6CSDySrC/blTAgMBAAGjggGtMIIBqTAOBgNVHQ8BAf8EBAMCAYYwEwYDVR0l 60 | # BAwwCgYIKwYBBQUHAwMwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUJZ3Q 61 | # /FkJhmPF7POxEztXHAOSNhEwHwYDVR0jBBgwFoAUHwC/RoAK/Hg5t6W0Q9lWULvO 62 | # ljswgZMGCCsGAQUFBwEBBIGGMIGDMDkGCCsGAQUFBzABhi1odHRwOi8vb2NzcC5n 63 | # bG9iYWxzaWduLmNvbS9jb2Rlc2lnbmluZ3Jvb3RyNDUwRgYIKwYBBQUHMAKGOmh0 64 | # dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5jb20vY2FjZXJ0L2NvZGVzaWduaW5ncm9v 65 | # dHI0NS5jcnQwQQYDVR0fBDowODA2oDSgMoYwaHR0cDovL2NybC5nbG9iYWxzaWdu 66 | # LmNvbS9jb2Rlc2lnbmluZ3Jvb3RyNDUuY3JsMFUGA1UdIAROMEwwQQYJKwYBBAGg 67 | # MgECMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29tL3Jl 68 | # cG9zaXRvcnkvMAcGBWeBDAEDMA0GCSqGSIb3DQEBCwUAA4ICAQAldaAJyTm6t6E5 69 | # iS8Yn6vW6x1L6JR8DQdomxyd73G2F2prAk+zP4ZFh8xlm0zjWAYCImbVYQLFY4/U 70 | # ovG2XiULd5bpzXFAM4gp7O7zom28TbU+BkvJczPKCBQtPUzosLp1pnQtpFg6bBNJ 71 | # +KUVChSWhbFqaDQlQq+WVvQQ+iR98StywRbha+vmqZjHPlr00Bid/XSXhndGKj0j 72 | # fShziq7vKxuav2xTpxSePIdxwF6OyPvTKpIz6ldNXgdeysEYrIEtGiH6bs+XYXvf 73 | # cXo6ymP31TBENzL+u0OF3Lr8psozGSt3bdvLBfB+X3Uuora/Nao2Y8nOZNm9/Lws 74 | # 80lWAMgSK8YnuzevV+/Ezx4pxPTiLc4qYc9X7fUKQOL1GNYe6ZAvytOHX5OKSBoR 75 | # HeU3hZ8uZmKaXoFOlaxVV0PcU4slfjxhD4oLuvU/pteO9wRWXiG7n9dqcYC/lt5y 76 | # A9jYIivzJxZPOOhRQAyuku++PX33gMZMNleElaeEFUgwDlInCI2Oor0ixxnJpsoO 77 | # qHo222q6YV8RJJWk4o5o7hmpSZle0LQ0vdb5QMcQlzFSOTUpEYck08T7qWPLd0jV 78 | # +mL8JOAEek7Q5G7ezp44UCb0IXFl1wkl1MkHAHq4x/N36MXU4lXQ0x72f1LiSY25 79 | # EXIMiEQmM2YBRN/kMw4h3mKJSAfa9TCCB28wggVXoAMCAQICDHBNxPwWOpXgXVV8 80 | # DDANBgkqhkiG9w0BAQsFADBcMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFs 81 | # U2lnbiBudi1zYTEyMDAGA1UEAxMpR2xvYmFsU2lnbiBHQ0MgUjQ1IEVWIENvZGVT 82 | # aWduaW5nIENBIDIwMjAwHhcNMjIwMjE1MTMzODM1WhcNMjUwMjE1MTMzODM1WjCB 83 | # 1DEdMBsGA1UEDwwUUHJpdmF0ZSBPcmdhbml6YXRpb24xEjAQBgNVBAUTCTUxMjI5 84 | # MTY0MjETMBEGCysGAQQBgjc8AgEDEwJJTDELMAkGA1UEBhMCSUwxEDAOBgNVBAgT 85 | # B0NlbnRyYWwxFDASBgNVBAcTC1BldGFoIFRpa3ZhMRMwEQYDVQQJEwo5IEhhcHNh 86 | # Z290MR8wHQYDVQQKExZDeWJlckFyayBTb2Z0d2FyZSBMdGQuMR8wHQYDVQQDExZD 87 | # eWJlckFyayBTb2Z0d2FyZSBMdGQuMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC 88 | # CgKCAgEA8rPX6yAVM64+/qMQEttWp7FdAvq9UfgxBrW+R0NtuXhKnjV05zmIL6zi 89 | # AS0TlNrQqu5ypmuagOWzYKDtIcWEDm6AuSK+QeZprW69c0XYRdIf8X/xNUawXLGe 90 | # 5LG6ngs2uHGtch9lt2GLMRWILnKviS6l6F06HOAow+aIDcNGOukddypveFrqMEbP 91 | # 7YKMekkB6c2/whdHzDQiW6V0K82Xp9XUexrbdnFpKWXLfQwkzjcG1xmSiHQUpkSH 92 | # 4w2AzBzcs+Nidoon5FEIFXGS2b1CcCA8+Po5Dg7//vn2thirXtOqaC+fjP1pUG7m 93 | # vrZQMg3lTHQA/LTL78R3UzzNb4I9dc8yualcYK155hRU3vZJ3/UtktAvDPC/ewoW 94 | # thebG77NuKU8YI6l2lMg7jMFZ1//brICD0RGqhmPMK9MrB3elSuMLaO566Ihdrlp 95 | # zmj4BRDCfPuH0QfwkrejsikGEMo0lErfHSjL3NaiE0PPoC4NW7nc6Wh4Va4e3VFF 96 | # Z9zdnoTsCKJqk4s13MxBbjdLIkCcfknMSxAloOF9h6IhzWOylSROAy/TZfGL5kzQ 97 | # qxzcIhdXLWHHWdbz4DD3qxYc6g1G3ZwgFPWf7VbKQU3FsAxgiJvmKPVeOfIN4iYT 98 | # V4toilRR8KX/IaA1NMrN9EiA//ZhN3HONS/s6AxjjHJTR29GOQkCAwEAAaOCAbYw 99 | # ggGyMA4GA1UdDwEB/wQEAwIHgDCBnwYIKwYBBQUHAQEEgZIwgY8wTAYIKwYBBQUH 100 | # MAKGQGh0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5jb20vY2FjZXJ0L2dzZ2NjcjQ1 101 | # ZXZjb2Rlc2lnbmNhMjAyMC5jcnQwPwYIKwYBBQUHMAGGM2h0dHA6Ly9vY3NwLmds 102 | # b2JhbHNpZ24uY29tL2dzZ2NjcjQ1ZXZjb2Rlc2lnbmNhMjAyMDBVBgNVHSAETjBM 103 | # MEEGCSsGAQQBoDIBAjA0MDIGCCsGAQUFBwIBFiZodHRwczovL3d3dy5nbG9iYWxz 104 | # aWduLmNvbS9yZXBvc2l0b3J5LzAHBgVngQwBAzAJBgNVHRMEAjAAMEcGA1UdHwRA 105 | # MD4wPKA6oDiGNmh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5jb20vZ3NnY2NyNDVldmNv 106 | # ZGVzaWduY2EyMDIwLmNybDATBgNVHSUEDDAKBggrBgEFBQcDAzAfBgNVHSMEGDAW 107 | # gBQlndD8WQmGY8Xs87ETO1ccA5I2ETAdBgNVHQ4EFgQU0Vg7IAYAK18fI9dI1YKi 108 | # WA0D1bEwDQYJKoZIhvcNAQELBQADggIBAFOdA15mFwRIM54PIL/BDZq9RU9IO+YO 109 | # lAoAYTJHbiTY9ZqvA1isS6EtdYKJgdP/MyZoW7RZmcY5IDXvXFj70TWWvfdqW/Qc 110 | # MMHtSqhiRb4L92LtR4lS+hWM2fptECpl9BKH28LBZemdKS0jryBEqyAmuEoFJNDk 111 | # wxzQVKPksvapvmSYwPiBCtzPyHTRo5HnLBXpK/LUBJu8epAgKz6LoJjnrTIF4U8R 112 | # owrtUC0I6f4uj+sKYE0iV3/TzwsTJsp7MQShoILPr1/75fQjU/7Pl2fbM++uAFBC 113 | # sHQHYvar9KLslFPX4g+cDdtOHz5vId8QYZnhCduVgzUGvELmXXR1FYV7oJNnh3eY 114 | # Xc5gm7vSNKlZB8l7Ls6h8icBV2zQbojDiH0JOD//ph62qvnMp8ev9mvhvLXRCIxc 115 | # aU7CYI0gNVvg9LPi5j1/tswqBc9XAfHUG9ZYVxYCgvynEmnJ5TuEh6GesGRPbNIL 116 | # l418MFn4EPQUqxB51SMihIcyqu6+3qOlco8Dsy1y0gC0Hcx+unDZPsN8k+rhueN2 117 | # HXrPkAJ2bsEJd7adPy423FKbA7bRCOc6dWOFH1OGANfEG0Rjw9RfcsI84OkKpQ7R 118 | # XldpKIcWuaYMlfYzsl+P8dJru+KgA8Vh7GTVb5USzFGeMyOMtyr1/L2bIyRVSiLL 119 | # 8goMl4DTDOWeMYIRRTCCEUECAQEwbDBcMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQ 120 | # R2xvYmFsU2lnbiBudi1zYTEyMDAGA1UEAxMpR2xvYmFsU2lnbiBHQ0MgUjQ1IEVW 121 | # IENvZGVTaWduaW5nIENBIDIwMjACDHBNxPwWOpXgXVV8DDANBglghkgBZQMEAgEF 122 | # AKB8MBAGCisGAQQBgjcCAQwxAjAAMBkGCSqGSIb3DQEJAzEMBgorBgEEAYI3AgEE 123 | # MBwGCisGAQQBgjcCAQsxDjAMBgorBgEEAYI3AgEVMC8GCSqGSIb3DQEJBDEiBCDy 124 | # FfNk4UyOaBikaSYBCfYKoWRabg9k/pLTNTdu3VABYjANBgkqhkiG9w0BAQEFAASC 125 | # AgAJ/pSwNeknmb++HZl2m+RStCCBQ2xO9i49YixS8djaXYnmK+y/b9FtwiHDDgEY 126 | # 0FCWMTRRecLTsefotUJU3X+wGlnkXMlypnzt0Yopqx5xjq4D8wDgkI+Yle9bJAEQ 127 | # Al0EIr3PrDoe9wpo3m68C5I48UGKuMdjOgUaCIdeoqTQom89l+0wmHAIhTsB70AL 128 | # cGChVKdsmzqzDsD0gM6vIdN8dn/Rv/3oMeHOfEZg83B6kby7w3Tj9VPQE6+DyGq9 129 | # zm20x5j4bNTAOTb+p0UZaFz36gzGxO2Hs/ySLooUaD0SoVJk432v3QfpMJxz2WzK 130 | # RIHa3E2ODdil06mSXtkDXl2EK4fpI9JKQyOdfT+v/RKJ8ekkiD5OYrsm+8j1j4py 131 | # x1qWkhCohnvnasjqSPOWr/GDtIbZekyeZBBb+9IBLwCtM/MLAAjz3n5OZckrPQEU 132 | # Co5DQjfOCqtvXODVeoYSPZwZWccYMTa7t5jp/qvgmBwMV8PpUsd8Zm6bhoJcEh3t 133 | # 74bgnC3RtJBTah8wI9AXPJXTeBpGArprR2crvHZH1krykQS2VRv0Me/tWBSxo2++ 134 | # c/I/ZSe7xQnhGA/4Q8zul43OI+h8h5S+nk9fJ3acUTdEh6ykySWiM2nw6oNcR2St 135 | # wzSXIuJmIzK23HLCdik9qbzxkb7tll0zbgzMVC3rkvtk0aGCDiwwgg4oBgorBgEE 136 | # AYI3AwMBMYIOGDCCDhQGCSqGSIb3DQEHAqCCDgUwgg4BAgEDMQ0wCwYJYIZIAWUD 137 | # BAIBMIH/BgsqhkiG9w0BCRABBKCB7wSB7DCB6QIBAQYLYIZIAYb4RQEHFwMwITAJ 138 | # BgUrDgMCGgUABBQM240gClmkHAC9KZ0vsxCPoj8ZFwIVAIFV4QOKlukRzEcy864+ 139 | # sZMwQ8ApGA8yMDIyMDUwMTExNTM0OVowAwIBHqCBhqSBgzCBgDELMAkGA1UEBhMC 140 | # VVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8wHQYDVQQLExZTeW1h 141 | # bnRlYyBUcnVzdCBOZXR3b3JrMTEwLwYDVQQDEyhTeW1hbnRlYyBTSEEyNTYgVGlt 142 | # ZVN0YW1waW5nIFNpZ25lciAtIEczoIIKizCCBTgwggQgoAMCAQICEHsFsdRJaFFE 143 | # 98mJ0pwZnRIwDQYJKoZIhvcNAQELBQAwgb0xCzAJBgNVBAYTAlVTMRcwFQYDVQQK 144 | # Ew5WZXJpU2lnbiwgSW5jLjEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1c3QgTmV0d29y 145 | # azE6MDgGA1UECxMxKGMpIDIwMDggVmVyaVNpZ24sIEluYy4gLSBGb3IgYXV0aG9y 146 | # aXplZCB1c2Ugb25seTE4MDYGA1UEAxMvVmVyaVNpZ24gVW5pdmVyc2FsIFJvb3Qg 147 | # Q2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTYwMTEyMDAwMDAwWhcNMzEwMTEx 148 | # MjM1OTU5WjB3MQswCQYDVQQGEwJVUzEdMBsGA1UEChMUU3ltYW50ZWMgQ29ycG9y 149 | # YXRpb24xHzAdBgNVBAsTFlN5bWFudGVjIFRydXN0IE5ldHdvcmsxKDAmBgNVBAMT 150 | # H1N5bWFudGVjIFNIQTI1NiBUaW1lU3RhbXBpbmcgQ0EwggEiMA0GCSqGSIb3DQEB 151 | # AQUAA4IBDwAwggEKAoIBAQC7WZ1ZVU+djHJdGoGi61XzsAGtPHGsMo8Fa4aaJwAy 152 | # l2pNyWQUSym7wtkpuS7sY7Phzz8LVpD4Yht+66YH4t5/Xm1AONSRBudBfHkcy8ut 153 | # G7/YlZHz8O5s+K2WOS5/wSe4eDnFhKXt7a+Hjs6Nx23q0pi1Oh8eOZ3D9Jqo9ITh 154 | # xNF8ccYGKbQ/5IMNJsN7CD5N+Qq3M0n/yjvU9bKbS+GImRr1wOkzFNbfx4Dbke7+ 155 | # vJJXcnf0zajM/gn1kze+lYhqxdz0sUvUzugJkV+1hHk1inisGTKPI8EyQRtZDqk+ 156 | # scz51ivvt9jk1R1tETqS9pPJnONI7rtTDtQ2l4Z4xaE3AgMBAAGjggF3MIIBczAO 157 | # BgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBADBmBgNVHSAEXzBdMFsG 158 | # C2CGSAGG+EUBBxcDMEwwIwYIKwYBBQUHAgEWF2h0dHBzOi8vZC5zeW1jYi5jb20v 159 | # Y3BzMCUGCCsGAQUFBwICMBkaF2h0dHBzOi8vZC5zeW1jYi5jb20vcnBhMC4GCCsG 160 | # AQUFBwEBBCIwIDAeBggrBgEFBQcwAYYSaHR0cDovL3Muc3ltY2QuY29tMDYGA1Ud 161 | # HwQvMC0wK6ApoCeGJWh0dHA6Ly9zLnN5bWNiLmNvbS91bml2ZXJzYWwtcm9vdC5j 162 | # cmwwEwYDVR0lBAwwCgYIKwYBBQUHAwgwKAYDVR0RBCEwH6QdMBsxGTAXBgNVBAMT 163 | # EFRpbWVTdGFtcC0yMDQ4LTMwHQYDVR0OBBYEFK9j1sqjToVy4Ke8QfMpojh/gHVi 164 | # MB8GA1UdIwQYMBaAFLZ3+mlIR59TEtXC6gcydgfRlwcZMA0GCSqGSIb3DQEBCwUA 165 | # A4IBAQB16rAt1TQZXDJF/g7h1E+meMFv1+rd3E/zociBiPenjxXmQCmt5l30otlW 166 | # ZIRxMCrdHmEXZiBWBpgZjV1x8viXvAn9HJFHyeLojQP7zJAv1gpsTjPs1rSTyEyQ 167 | # Y0g5QCHE3dZuiZg8tZiX6KkGtwnJj1NXQZAv4R5NTtzKEHhsQm7wtsX4YVxS9U72 168 | # a433Snq+8839A9fZ9gOoD+NT9wp17MZ1LqpmhQSZt/gGV+HGDvbor9rsmxgfqrnj 169 | # OgC/zoqUywHbnsc4uw9Sq9HjlANgCk2g/idtFDL8P5dA4b+ZidvkORS92uTTw+or 170 | # WrOVWFUEfcea7CMDjYUq0v+uqWGBMIIFSzCCBDOgAwIBAgIQe9Tlr7rMBz+hASME 171 | # IkFNEjANBgkqhkiG9w0BAQsFADB3MQswCQYDVQQGEwJVUzEdMBsGA1UEChMUU3lt 172 | # YW50ZWMgQ29ycG9yYXRpb24xHzAdBgNVBAsTFlN5bWFudGVjIFRydXN0IE5ldHdv 173 | # cmsxKDAmBgNVBAMTH1N5bWFudGVjIFNIQTI1NiBUaW1lU3RhbXBpbmcgQ0EwHhcN 174 | # MTcxMjIzMDAwMDAwWhcNMjkwMzIyMjM1OTU5WjCBgDELMAkGA1UEBhMCVVMxHTAb 175 | # BgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8wHQYDVQQLExZTeW1hbnRlYyBU 176 | # cnVzdCBOZXR3b3JrMTEwLwYDVQQDEyhTeW1hbnRlYyBTSEEyNTYgVGltZVN0YW1w 177 | # aW5nIFNpZ25lciAtIEczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA 178 | # rw6Kqvjcv2l7VBdxRwm9jTyB+HQVd2eQnP3eTgKeS3b25TY+ZdUkIG0w+d0dg+k/ 179 | # J0ozTm0WiuSNQI0iqr6nCxvSB7Y8tRokKPgbclE9yAmIJgg6+fpDI3VHcAyzX1uP 180 | # CB1ySFdlTa8CPED39N0yOJM/5Sym81kjy4DeE035EMmqChhsVWFX0fECLMS1q/Js 181 | # I9KfDQ8ZbK2FYmn9ToXBilIxq1vYyXRS41dsIr9Vf2/KBqs/SrcidmXs7DbylpWB 182 | # Jiz9u5iqATjTryVAmwlT8ClXhVhe6oVIQSGH5d600yaye0BTWHmOUjEGTZQDRcTO 183 | # PAPstwDyOiLFtG/l77CKmwIDAQABo4IBxzCCAcMwDAYDVR0TAQH/BAIwADBmBgNV 184 | # HSAEXzBdMFsGC2CGSAGG+EUBBxcDMEwwIwYIKwYBBQUHAgEWF2h0dHBzOi8vZC5z 185 | # eW1jYi5jb20vY3BzMCUGCCsGAQUFBwICMBkaF2h0dHBzOi8vZC5zeW1jYi5jb20v 186 | # cnBhMEAGA1UdHwQ5MDcwNaAzoDGGL2h0dHA6Ly90cy1jcmwud3Muc3ltYW50ZWMu 187 | # Y29tL3NoYTI1Ni10c3MtY2EuY3JsMBYGA1UdJQEB/wQMMAoGCCsGAQUFBwMIMA4G 188 | # A1UdDwEB/wQEAwIHgDB3BggrBgEFBQcBAQRrMGkwKgYIKwYBBQUHMAGGHmh0dHA6 189 | # Ly90cy1vY3NwLndzLnN5bWFudGVjLmNvbTA7BggrBgEFBQcwAoYvaHR0cDovL3Rz 190 | # LWFpYS53cy5zeW1hbnRlYy5jb20vc2hhMjU2LXRzcy1jYS5jZXIwKAYDVR0RBCEw 191 | # H6QdMBsxGTAXBgNVBAMTEFRpbWVTdGFtcC0yMDQ4LTYwHQYDVR0OBBYEFKUTAamf 192 | # hcwbbhYeXzsxqnk2AHsdMB8GA1UdIwQYMBaAFK9j1sqjToVy4Ke8QfMpojh/gHVi 193 | # MA0GCSqGSIb3DQEBCwUAA4IBAQBGnq/wuKJfoplIz6gnSyHNsrmmcnBjL+NVKXs5 194 | # Rk7nfmUGWIu8V4qSDQjYELo2JPoKe/s702K/SpQV5oLbilRt/yj+Z89xP+YzCdmi 195 | # WRD0Hkr+Zcze1GvjUil1AEorpczLm+ipTfe0F1mSQcO3P4bm9sB/RDxGXBda46Q7 196 | # 1Wkm1SF94YBnfmKst04uFZrlnCOvWxHqcalB+Q15OKmhDc+0sdo+mnrHIsV0zd9H 197 | # CYbE/JElshuW6YUI6N3qdGBuYKVWeg3IRFjc5vlIFJ7lv94AvXexmBRyFCTfxxEs 198 | # HwA/w0sUxmcczB4Go5BfXFSLPuMzW4IPxbeGAk5xn+lmRT92MYICWjCCAlYCAQEw 199 | # gYswdzELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9u 200 | # MR8wHQYDVQQLExZTeW1hbnRlYyBUcnVzdCBOZXR3b3JrMSgwJgYDVQQDEx9TeW1h 201 | # bnRlYyBTSEEyNTYgVGltZVN0YW1waW5nIENBAhB71OWvuswHP6EBIwQiQU0SMAsG 202 | # CWCGSAFlAwQCAaCBpDAaBgkqhkiG9w0BCQMxDQYLKoZIhvcNAQkQAQQwHAYJKoZI 203 | # hvcNAQkFMQ8XDTIyMDUwMTExNTM0OVowLwYJKoZIhvcNAQkEMSIEIClP8D1Ey8I+ 204 | # Es7ZsBcwRGmkbcgKGSg1Aae57TIhDCxhMDcGCyqGSIb3DQEJEAIvMSgwJjAkMCIE 205 | # IMR0znYAfQI5Tg2l5N58FMaA+eKCATz+9lPvXbcf32H4MAsGCSqGSIb3DQEBAQSC 206 | # AQAcjzPd0jw6ZZTSsg3mS5tvN7Gq3PvOECesX7ahGGE+Df5dJGdl1j4RSdRt4uQX 207 | # Z/w+Alx+h+4b8KTYVDEbDkW+OJzBSf4s9fpEhdCucAnNdbZbJGrx+itC8M66/I7B 208 | # YMiGuew2ivXUwMSg7JHJDiySFRoWNgCmCvPx/KMTS/SvvtRdEb3k/svH0Fx/troX 209 | # pezih3GS2OYNbTkaeuADgFPr1igA0200Hur526x1vZ95D+OX9g8pGUIkf6HNZxA3 210 | # XkuNxunagcglpzoH8SAauQjIr2vgrVEcs8d1kgZA/aEJxFggynqtEvy9tuVmlxLj 211 | # /Q6qvQv222yWv7Qd5OKqGW0e 212 | # SIG # End signature block 213 | -------------------------------------------------------------------------------- /files/aws/PSMRegistration.ps1: -------------------------------------------------------------------------------- 1 | [CmdletBinding()] 2 | Param( 3 | [Parameter(Mandatory=$true)][string]$VaultAdminUser, 4 | [Parameter(Mandatory=$true)][string]$SSMAdminPassParameterID 5 | ) 6 | 7 | . "$PSScriptRoot\Common.ps1" 8 | 9 | $LogFile = "C:\CyberArk\Deployment\Logs\PSMRegistration.log" 10 | 11 | try{ 12 | WriteLog -LogFile $LogFile -LogLevel "INFO" -Log "Getting Admin password from ssm" 13 | $AdminPassword = (Get-SSMParameterValue -Name "$SSMAdminPassParameterID" -WithDecryption $true).Parameters.Value 14 | $ScriptPath = $PSScriptRoot 15 | WriteLog -LogFile $LogFile -LogLevel "INFO" -Log "Setting path location for registration" 16 | Set-Location "C:\Cyberark\PSM\InstallationAutomation" 17 | WriteLog -LogFile $LogFile -LogLevel "INFO" -Log "Convert Admin password to secure string for registration PS" 18 | $secStrObj = ConvertTo-SecureString $AdminPassword -AsPlainText -Force 19 | # $Action = .\Execute-Stage.ps1 "Registration\RegistrationConfig.xml" -displayJson -pwd $AdminPassword 20 | $Action = .\Execute-Stage.ps1 "Registration\RegistrationConfig.xml" -displayJson -spwdObj $secStrObj 21 | $Action | Out-File -FilePath "psm_registration_log.log" 22 | $Result = Get-Content "psm_registration_log.log" -Raw | ConvertFrom-Json 23 | if ($Result.isSucceeded -eq 0) { 24 | exit 0 25 | } else { 26 | exit 1 27 | } 28 | } 29 | catch{ 30 | WriteLog -LogFile $LogFile -LogLevel "ERROR" -Log $_.Exception.Message 31 | exit 1 32 | } 33 | 34 | # SIG # Begin signature block 35 | # MIIgTQYJKoZIhvcNAQcCoIIgPjCCIDoCAQExDzANBglghkgBZQMEAgEFADB5Bgor 36 | # BgEEAYI3AgEEoGswaTA0BgorBgEEAYI3AgEeMCYCAwEAAAQQH8w7YFlLCE63JNLG 37 | # KX7zUQIBAAIBAAIBAAIBAAIBADAxMA0GCWCGSAFlAwQCAQUABCDmYVWZydpUQMbI 38 | # U5SISG2gzzzbxMDEw1kt26hk9HeCcaCCDl8wggboMIIE0KADAgECAhB3vQ4Ft1kL 39 | # th1HYVMeP3XtMA0GCSqGSIb3DQEBCwUAMFMxCzAJBgNVBAYTAkJFMRkwFwYDVQQK 40 | # ExBHbG9iYWxTaWduIG52LXNhMSkwJwYDVQQDEyBHbG9iYWxTaWduIENvZGUgU2ln 41 | # bmluZyBSb290IFI0NTAeFw0yMDA3MjgwMDAwMDBaFw0zMDA3MjgwMDAwMDBaMFwx 42 | # CzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTIwMAYDVQQD 43 | # EylHbG9iYWxTaWduIEdDQyBSNDUgRVYgQ29kZVNpZ25pbmcgQ0EgMjAyMDCCAiIw 44 | # DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMsg75ceuQEyQ6BbqYoj/SBerjgS 45 | # i8os1P9B2BpV1BlTt/2jF+d6OVzA984Ro/ml7QH6tbqT76+T3PjisxlMg7BKRFAE 46 | # eIQQaqTWlpCOgfh8qy+1o1cz0lh7lA5tD6WRJiqzg09ysYp7ZJLQ8LRVX5YLEeWa 47 | # tSyyEc8lG31RK5gfSaNf+BOeNbgDAtqkEy+FSu/EL3AOwdTMMxLsvUCV0xHK5s2z 48 | # BZzIU+tS13hMUQGSgt4T8weOdLqEgJ/SpBUO6K/r94n233Hw0b6nskEzIHXMsdXt 49 | # HQcZxOsmd/KrbReTSam35sOQnMa47MzJe5pexcUkk2NvfhCLYc+YVaMkoog28vmf 50 | # vpMusgafJsAMAVYS4bKKnw4e3JiLLs/a4ok0ph8moKiueG3soYgVPMLq7rfYrWGl 51 | # r3A2onmO3A1zwPHkLKuU7FgGOTZI1jta6CLOdA6vLPEV2tG0leis1Ult5a/dm2tj 52 | # IF2OfjuyQ9hiOpTlzbSYszcZJBJyc6sEsAnchebUIgTvQCodLm3HadNutwFsDeCX 53 | # pxbmJouI9wNEhl9iZ0y1pzeoVdwDNoxuz202JvEOj7A9ccDhMqeC5LYyAjIwfLWT 54 | # yCH9PIjmaWP47nXJi8Kr77o6/elev7YR8b7wPcoyPm593g9+m5XEEofnGrhO7izB 55 | # 36Fl6CSDySrC/blTAgMBAAGjggGtMIIBqTAOBgNVHQ8BAf8EBAMCAYYwEwYDVR0l 56 | # BAwwCgYIKwYBBQUHAwMwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUJZ3Q 57 | # /FkJhmPF7POxEztXHAOSNhEwHwYDVR0jBBgwFoAUHwC/RoAK/Hg5t6W0Q9lWULvO 58 | # ljswgZMGCCsGAQUFBwEBBIGGMIGDMDkGCCsGAQUFBzABhi1odHRwOi8vb2NzcC5n 59 | # bG9iYWxzaWduLmNvbS9jb2Rlc2lnbmluZ3Jvb3RyNDUwRgYIKwYBBQUHMAKGOmh0 60 | # dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5jb20vY2FjZXJ0L2NvZGVzaWduaW5ncm9v 61 | # dHI0NS5jcnQwQQYDVR0fBDowODA2oDSgMoYwaHR0cDovL2NybC5nbG9iYWxzaWdu 62 | # LmNvbS9jb2Rlc2lnbmluZ3Jvb3RyNDUuY3JsMFUGA1UdIAROMEwwQQYJKwYBBAGg 63 | # MgECMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29tL3Jl 64 | # cG9zaXRvcnkvMAcGBWeBDAEDMA0GCSqGSIb3DQEBCwUAA4ICAQAldaAJyTm6t6E5 65 | # iS8Yn6vW6x1L6JR8DQdomxyd73G2F2prAk+zP4ZFh8xlm0zjWAYCImbVYQLFY4/U 66 | # ovG2XiULd5bpzXFAM4gp7O7zom28TbU+BkvJczPKCBQtPUzosLp1pnQtpFg6bBNJ 67 | # +KUVChSWhbFqaDQlQq+WVvQQ+iR98StywRbha+vmqZjHPlr00Bid/XSXhndGKj0j 68 | # fShziq7vKxuav2xTpxSePIdxwF6OyPvTKpIz6ldNXgdeysEYrIEtGiH6bs+XYXvf 69 | # cXo6ymP31TBENzL+u0OF3Lr8psozGSt3bdvLBfB+X3Uuora/Nao2Y8nOZNm9/Lws 70 | # 80lWAMgSK8YnuzevV+/Ezx4pxPTiLc4qYc9X7fUKQOL1GNYe6ZAvytOHX5OKSBoR 71 | # HeU3hZ8uZmKaXoFOlaxVV0PcU4slfjxhD4oLuvU/pteO9wRWXiG7n9dqcYC/lt5y 72 | # A9jYIivzJxZPOOhRQAyuku++PX33gMZMNleElaeEFUgwDlInCI2Oor0ixxnJpsoO 73 | # qHo222q6YV8RJJWk4o5o7hmpSZle0LQ0vdb5QMcQlzFSOTUpEYck08T7qWPLd0jV 74 | # +mL8JOAEek7Q5G7ezp44UCb0IXFl1wkl1MkHAHq4x/N36MXU4lXQ0x72f1LiSY25 75 | # EXIMiEQmM2YBRN/kMw4h3mKJSAfa9TCCB28wggVXoAMCAQICDHBNxPwWOpXgXVV8 76 | # DDANBgkqhkiG9w0BAQsFADBcMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFs 77 | # U2lnbiBudi1zYTEyMDAGA1UEAxMpR2xvYmFsU2lnbiBHQ0MgUjQ1IEVWIENvZGVT 78 | # aWduaW5nIENBIDIwMjAwHhcNMjIwMjE1MTMzODM1WhcNMjUwMjE1MTMzODM1WjCB 79 | # 1DEdMBsGA1UEDwwUUHJpdmF0ZSBPcmdhbml6YXRpb24xEjAQBgNVBAUTCTUxMjI5 80 | # MTY0MjETMBEGCysGAQQBgjc8AgEDEwJJTDELMAkGA1UEBhMCSUwxEDAOBgNVBAgT 81 | # B0NlbnRyYWwxFDASBgNVBAcTC1BldGFoIFRpa3ZhMRMwEQYDVQQJEwo5IEhhcHNh 82 | # Z290MR8wHQYDVQQKExZDeWJlckFyayBTb2Z0d2FyZSBMdGQuMR8wHQYDVQQDExZD 83 | # eWJlckFyayBTb2Z0d2FyZSBMdGQuMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC 84 | # CgKCAgEA8rPX6yAVM64+/qMQEttWp7FdAvq9UfgxBrW+R0NtuXhKnjV05zmIL6zi 85 | # AS0TlNrQqu5ypmuagOWzYKDtIcWEDm6AuSK+QeZprW69c0XYRdIf8X/xNUawXLGe 86 | # 5LG6ngs2uHGtch9lt2GLMRWILnKviS6l6F06HOAow+aIDcNGOukddypveFrqMEbP 87 | # 7YKMekkB6c2/whdHzDQiW6V0K82Xp9XUexrbdnFpKWXLfQwkzjcG1xmSiHQUpkSH 88 | # 4w2AzBzcs+Nidoon5FEIFXGS2b1CcCA8+Po5Dg7//vn2thirXtOqaC+fjP1pUG7m 89 | # vrZQMg3lTHQA/LTL78R3UzzNb4I9dc8yualcYK155hRU3vZJ3/UtktAvDPC/ewoW 90 | # thebG77NuKU8YI6l2lMg7jMFZ1//brICD0RGqhmPMK9MrB3elSuMLaO566Ihdrlp 91 | # zmj4BRDCfPuH0QfwkrejsikGEMo0lErfHSjL3NaiE0PPoC4NW7nc6Wh4Va4e3VFF 92 | # Z9zdnoTsCKJqk4s13MxBbjdLIkCcfknMSxAloOF9h6IhzWOylSROAy/TZfGL5kzQ 93 | # qxzcIhdXLWHHWdbz4DD3qxYc6g1G3ZwgFPWf7VbKQU3FsAxgiJvmKPVeOfIN4iYT 94 | # V4toilRR8KX/IaA1NMrN9EiA//ZhN3HONS/s6AxjjHJTR29GOQkCAwEAAaOCAbYw 95 | # ggGyMA4GA1UdDwEB/wQEAwIHgDCBnwYIKwYBBQUHAQEEgZIwgY8wTAYIKwYBBQUH 96 | # MAKGQGh0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5jb20vY2FjZXJ0L2dzZ2NjcjQ1 97 | # ZXZjb2Rlc2lnbmNhMjAyMC5jcnQwPwYIKwYBBQUHMAGGM2h0dHA6Ly9vY3NwLmds 98 | # b2JhbHNpZ24uY29tL2dzZ2NjcjQ1ZXZjb2Rlc2lnbmNhMjAyMDBVBgNVHSAETjBM 99 | # MEEGCSsGAQQBoDIBAjA0MDIGCCsGAQUFBwIBFiZodHRwczovL3d3dy5nbG9iYWxz 100 | # aWduLmNvbS9yZXBvc2l0b3J5LzAHBgVngQwBAzAJBgNVHRMEAjAAMEcGA1UdHwRA 101 | # MD4wPKA6oDiGNmh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5jb20vZ3NnY2NyNDVldmNv 102 | # ZGVzaWduY2EyMDIwLmNybDATBgNVHSUEDDAKBggrBgEFBQcDAzAfBgNVHSMEGDAW 103 | # gBQlndD8WQmGY8Xs87ETO1ccA5I2ETAdBgNVHQ4EFgQU0Vg7IAYAK18fI9dI1YKi 104 | # WA0D1bEwDQYJKoZIhvcNAQELBQADggIBAFOdA15mFwRIM54PIL/BDZq9RU9IO+YO 105 | # lAoAYTJHbiTY9ZqvA1isS6EtdYKJgdP/MyZoW7RZmcY5IDXvXFj70TWWvfdqW/Qc 106 | # MMHtSqhiRb4L92LtR4lS+hWM2fptECpl9BKH28LBZemdKS0jryBEqyAmuEoFJNDk 107 | # wxzQVKPksvapvmSYwPiBCtzPyHTRo5HnLBXpK/LUBJu8epAgKz6LoJjnrTIF4U8R 108 | # owrtUC0I6f4uj+sKYE0iV3/TzwsTJsp7MQShoILPr1/75fQjU/7Pl2fbM++uAFBC 109 | # sHQHYvar9KLslFPX4g+cDdtOHz5vId8QYZnhCduVgzUGvELmXXR1FYV7oJNnh3eY 110 | # Xc5gm7vSNKlZB8l7Ls6h8icBV2zQbojDiH0JOD//ph62qvnMp8ev9mvhvLXRCIxc 111 | # aU7CYI0gNVvg9LPi5j1/tswqBc9XAfHUG9ZYVxYCgvynEmnJ5TuEh6GesGRPbNIL 112 | # l418MFn4EPQUqxB51SMihIcyqu6+3qOlco8Dsy1y0gC0Hcx+unDZPsN8k+rhueN2 113 | # HXrPkAJ2bsEJd7adPy423FKbA7bRCOc6dWOFH1OGANfEG0Rjw9RfcsI84OkKpQ7R 114 | # XldpKIcWuaYMlfYzsl+P8dJru+KgA8Vh7GTVb5USzFGeMyOMtyr1/L2bIyRVSiLL 115 | # 8goMl4DTDOWeMYIRRDCCEUACAQEwbDBcMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQ 116 | # R2xvYmFsU2lnbiBudi1zYTEyMDAGA1UEAxMpR2xvYmFsU2lnbiBHQ0MgUjQ1IEVW 117 | # IENvZGVTaWduaW5nIENBIDIwMjACDHBNxPwWOpXgXVV8DDANBglghkgBZQMEAgEF 118 | # AKB8MBAGCisGAQQBgjcCAQwxAjAAMBkGCSqGSIb3DQEJAzEMBgorBgEEAYI3AgEE 119 | # MBwGCisGAQQBgjcCAQsxDjAMBgorBgEEAYI3AgEVMC8GCSqGSIb3DQEJBDEiBCAf 120 | # iUFE+YOQ1f2ZpVKZwQ7FVfLAW/pwR0ZHrvRv4qYXwjANBgkqhkiG9w0BAQEFAASC 121 | # AgBaujzA0IxZbTdh7I67WnzrqiHiQ6+wbHKWlULCJNjYDH/pwXUq9F816FKPS5w3 122 | # Iwbjg5YSetmLk1c6yPTJylyQDR2LJr2yUifoeWj11z8PhUIGTbYVpfYRognrWMwu 123 | # ZGKPfTERSg1Yg6HEQOMSApV/dH5W8gD6ClYNqWTkv92rNPMbtLK/4muYi/MIf+XH 124 | # EZsGqMKFQAPfTGlDj9uGZhBqG75aGXdvbUVLLmsHKisq/cqfQ2p7Qf3DUTpXVa8+ 125 | # 1900sVuVxW/rjAYpmQv3VHQYYrAkAfQYut4DZ2it12vGnQkvJcWB4fagJZp/Q2MJ 126 | # hOYSbdptlrTNcDdiwZ2GIbIlXGn94/iyDrnTqzM3jKYtqlzMfBWrFmeTRTpP4Qhn 127 | # pdxWMrhHKJNlOoLeA12s2NARSmf+/mSo/oaHpsTdCE7vRzB1NcEG+otiTMUD/H6e 128 | # 60RRx2XwFyd8+v7a5RCLncwlR18O7LgfAY7f1rio/FUCrhDUjt7HUAQJTwSW2C/b 129 | # kppWMlMqu2BvJzxQGp9h0b+hAI8C5ExSGxiWkFrz4HZmv/txhO00HydzV7PvDNPf 130 | # mZEGpUMfygF3B/VLtsPQBWuY0P1mhCgutqjfulwU7DEqwJWcwugHEdzfM9sGawYw 131 | # uEhPQU7SRcywJhFvc8GUgr3j/z0kLQx9xFuyj8xPPPsx9aGCDiswgg4nBgorBgEE 132 | # AYI3AwMBMYIOFzCCDhMGCSqGSIb3DQEHAqCCDgQwgg4AAgEDMQ0wCwYJYIZIAWUD 133 | # BAIBMIH+BgsqhkiG9w0BCRABBKCB7gSB6zCB6AIBAQYLYIZIAYb4RQEHFwMwITAJ 134 | # BgUrDgMCGgUABBRDTBacL1vE8a/C7PToRzczgZZ6UgIUDueMNq0a5RwQZ/4grvjG 135 | # iO2/9iYYDzIwMjIwNTAxMTE1MzQwWjADAgEeoIGGpIGDMIGAMQswCQYDVQQGEwJV 136 | # UzEdMBsGA1UEChMUU3ltYW50ZWMgQ29ycG9yYXRpb24xHzAdBgNVBAsTFlN5bWFu 137 | # dGVjIFRydXN0IE5ldHdvcmsxMTAvBgNVBAMTKFN5bWFudGVjIFNIQTI1NiBUaW1l 138 | # U3RhbXBpbmcgU2lnbmVyIC0gRzOgggqLMIIFODCCBCCgAwIBAgIQewWx1EloUUT3 139 | # yYnSnBmdEjANBgkqhkiG9w0BAQsFADCBvTELMAkGA1UEBhMCVVMxFzAVBgNVBAoT 140 | # DlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3Jr 141 | # MTowOAYDVQQLEzEoYykgMjAwOCBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3Jp 142 | # emVkIHVzZSBvbmx5MTgwNgYDVQQDEy9WZXJpU2lnbiBVbml2ZXJzYWwgUm9vdCBD 143 | # ZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0xNjAxMTIwMDAwMDBaFw0zMTAxMTEy 144 | # MzU5NTlaMHcxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRTeW1hbnRlYyBDb3Jwb3Jh 145 | # dGlvbjEfMB0GA1UECxMWU3ltYW50ZWMgVHJ1c3QgTmV0d29yazEoMCYGA1UEAxMf 146 | # U3ltYW50ZWMgU0hBMjU2IFRpbWVTdGFtcGluZyBDQTCCASIwDQYJKoZIhvcNAQEB 147 | # BQADggEPADCCAQoCggEBALtZnVlVT52Mcl0agaLrVfOwAa08cawyjwVrhponADKX 148 | # ak3JZBRLKbvC2Sm5Luxjs+HPPwtWkPhiG37rpgfi3n9ebUA41JEG50F8eRzLy60b 149 | # v9iVkfPw7mz4rZY5Ln/BJ7h4OcWEpe3tr4eOzo3HberSmLU6Hx45ncP0mqj0hOHE 150 | # 0XxxxgYptD/kgw0mw3sIPk35CrczSf/KO9T1sptL4YiZGvXA6TMU1t/HgNuR7v68 151 | # kldyd/TNqMz+CfWTN76ViGrF3PSxS9TO6AmRX7WEeTWKeKwZMo8jwTJBG1kOqT6x 152 | # zPnWK++32OTVHW0ROpL2k8mc40juu1MO1DaXhnjFoTcCAwEAAaOCAXcwggFzMA4G 153 | # A1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEAMGYGA1UdIARfMF0wWwYL 154 | # YIZIAYb4RQEHFwMwTDAjBggrBgEFBQcCARYXaHR0cHM6Ly9kLnN5bWNiLmNvbS9j 155 | # cHMwJQYIKwYBBQUHAgIwGRoXaHR0cHM6Ly9kLnN5bWNiLmNvbS9ycGEwLgYIKwYB 156 | # BQUHAQEEIjAgMB4GCCsGAQUFBzABhhJodHRwOi8vcy5zeW1jZC5jb20wNgYDVR0f 157 | # BC8wLTAroCmgJ4YlaHR0cDovL3Muc3ltY2IuY29tL3VuaXZlcnNhbC1yb290LmNy 158 | # bDATBgNVHSUEDDAKBggrBgEFBQcDCDAoBgNVHREEITAfpB0wGzEZMBcGA1UEAxMQ 159 | # VGltZVN0YW1wLTIwNDgtMzAdBgNVHQ4EFgQUr2PWyqNOhXLgp7xB8ymiOH+AdWIw 160 | # HwYDVR0jBBgwFoAUtnf6aUhHn1MS1cLqBzJ2B9GXBxkwDQYJKoZIhvcNAQELBQAD 161 | # ggEBAHXqsC3VNBlcMkX+DuHUT6Z4wW/X6t3cT/OhyIGI96ePFeZAKa3mXfSi2VZk 162 | # hHEwKt0eYRdmIFYGmBmNXXHy+Je8Cf0ckUfJ4uiNA/vMkC/WCmxOM+zWtJPITJBj 163 | # SDlAIcTd1m6JmDy1mJfoqQa3CcmPU1dBkC/hHk1O3MoQeGxCbvC2xfhhXFL1TvZr 164 | # jfdKer7zzf0D19n2A6gP41P3CnXsxnUuqmaFBJm3+AZX4cYO9uiv2uybGB+queM6 165 | # AL/OipTLAduexzi7D1Kr0eOUA2AKTaD+J20UMvw/l0Dhv5mJ2+Q5FL3a5NPD6ita 166 | # s5VYVQR9x5rsIwONhSrS/66pYYEwggVLMIIEM6ADAgECAhB71OWvuswHP6EBIwQi 167 | # QU0SMA0GCSqGSIb3DQEBCwUAMHcxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRTeW1h 168 | # bnRlYyBDb3Jwb3JhdGlvbjEfMB0GA1UECxMWU3ltYW50ZWMgVHJ1c3QgTmV0d29y 169 | # azEoMCYGA1UEAxMfU3ltYW50ZWMgU0hBMjU2IFRpbWVTdGFtcGluZyBDQTAeFw0x 170 | # NzEyMjMwMDAwMDBaFw0yOTAzMjIyMzU5NTlaMIGAMQswCQYDVQQGEwJVUzEdMBsG 171 | # A1UEChMUU3ltYW50ZWMgQ29ycG9yYXRpb24xHzAdBgNVBAsTFlN5bWFudGVjIFRy 172 | # dXN0IE5ldHdvcmsxMTAvBgNVBAMTKFN5bWFudGVjIFNIQTI1NiBUaW1lU3RhbXBp 173 | # bmcgU2lnbmVyIC0gRzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv 174 | # Doqq+Ny/aXtUF3FHCb2NPIH4dBV3Z5Cc/d5OAp5LdvblNj5l1SQgbTD53R2D6T8n 175 | # SjNObRaK5I1AjSKqvqcLG9IHtjy1GiQo+BtyUT3ICYgmCDr5+kMjdUdwDLNfW48I 176 | # HXJIV2VNrwI8QPf03TI4kz/lLKbzWSPLgN4TTfkQyaoKGGxVYVfR8QIsxLWr8mwj 177 | # 0p8NDxlsrYViaf1OhcGKUjGrW9jJdFLjV2wiv1V/b8oGqz9KtyJ2ZezsNvKWlYEm 178 | # LP27mKoBONOvJUCbCVPwKVeFWF7qhUhBIYfl3rTTJrJ7QFNYeY5SMQZNlANFxM48 179 | # A+y3API6IsW0b+XvsIqbAgMBAAGjggHHMIIBwzAMBgNVHRMBAf8EAjAAMGYGA1Ud 180 | # IARfMF0wWwYLYIZIAYb4RQEHFwMwTDAjBggrBgEFBQcCARYXaHR0cHM6Ly9kLnN5 181 | # bWNiLmNvbS9jcHMwJQYIKwYBBQUHAgIwGRoXaHR0cHM6Ly9kLnN5bWNiLmNvbS9y 182 | # cGEwQAYDVR0fBDkwNzA1oDOgMYYvaHR0cDovL3RzLWNybC53cy5zeW1hbnRlYy5j 183 | # b20vc2hhMjU2LXRzcy1jYS5jcmwwFgYDVR0lAQH/BAwwCgYIKwYBBQUHAwgwDgYD 184 | # VR0PAQH/BAQDAgeAMHcGCCsGAQUFBwEBBGswaTAqBggrBgEFBQcwAYYeaHR0cDov 185 | # L3RzLW9jc3Aud3Muc3ltYW50ZWMuY29tMDsGCCsGAQUFBzAChi9odHRwOi8vdHMt 186 | # YWlhLndzLnN5bWFudGVjLmNvbS9zaGEyNTYtdHNzLWNhLmNlcjAoBgNVHREEITAf 187 | # pB0wGzEZMBcGA1UEAxMQVGltZVN0YW1wLTIwNDgtNjAdBgNVHQ4EFgQUpRMBqZ+F 188 | # zBtuFh5fOzGqeTYAex0wHwYDVR0jBBgwFoAUr2PWyqNOhXLgp7xB8ymiOH+AdWIw 189 | # DQYJKoZIhvcNAQELBQADggEBAEaer/C4ol+imUjPqCdLIc2yuaZycGMv41UpezlG 190 | # Tud+ZQZYi7xXipINCNgQujYk+gp7+zvTYr9KlBXmgtuKVG3/KP5nz3E/5jMJ2aJZ 191 | # EPQeSv5lzN7Ua+NSKXUASiulzMub6KlN97QXWZJBw7c/hub2wH9EPEZcF1rjpDvV 192 | # aSbVIX3hgGd+Yqy3Ti4VmuWcI69bEepxqUH5DXk4qaENz7Sx2j6aescixXTN30cJ 193 | # hsT8kSWyG5bphQjo3ep0YG5gpVZ6DchEWNzm+UgUnuW/3gC9d7GYFHIUJN/HESwf 194 | # AD/DSxTGZxzMHgajkF9cVIs+4zNbgg/Ft4YCTnGf6WZFP3YxggJaMIICVgIBATCB 195 | # izB3MQswCQYDVQQGEwJVUzEdMBsGA1UEChMUU3ltYW50ZWMgQ29ycG9yYXRpb24x 196 | # HzAdBgNVBAsTFlN5bWFudGVjIFRydXN0IE5ldHdvcmsxKDAmBgNVBAMTH1N5bWFu 197 | # dGVjIFNIQTI1NiBUaW1lU3RhbXBpbmcgQ0ECEHvU5a+6zAc/oQEjBCJBTRIwCwYJ 198 | # YIZIAWUDBAIBoIGkMBoGCSqGSIb3DQEJAzENBgsqhkiG9w0BCRABBDAcBgkqhkiG 199 | # 9w0BCQUxDxcNMjIwNTAxMTE1MzQwWjAvBgkqhkiG9w0BCQQxIgQgjJDwZWMhW51G 200 | # uM4T+2c9IsJcG8iWisP+riHZSm+jGrkwNwYLKoZIhvcNAQkQAi8xKDAmMCQwIgQg 201 | # xHTOdgB9AjlODaXk3nwUxoD54oIBPP72U+9dtx/fYfgwCwYJKoZIhvcNAQEBBIIB 202 | # ABelfibvQw2GdodAGG5zAhFeuWqRTqZ1tfmbzbywGP7gOnwyZDizSM9YdPGMBhOU 203 | # Jmef8I6JdwIj7EszkhZWbQJv2q7Xouc5MOL7It7vD9ugMZjV0va5TZ7LRip8jFHS 204 | # 3atTJbIeXLGut1HymeTrJxb+82RUgmFBmxSbZtr0KzoSw7hdZQvscjlwmwBdotFP 205 | # s/6uhZMg6bMmB3FKKy7uFRn7twgyI5EuWUL0zzk21w57uOKARnJEHl3y1SWcCmLw 206 | # D4iYYUD5a/+aNM4czIiFszHlaW2/JvvYrTCs11z4MhuNddeytyPrL2sYQiZmscIM 207 | # 2Xn88DplurSX1xGuahxHs1k= 208 | # SIG # End signature block 209 | -------------------------------------------------------------------------------- /handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for psm 3 | -------------------------------------------------------------------------------- /meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | galaxy_info: 4 | role_name: psm_ansible 5 | namespace: cyberark 6 | author: 7 | - Nimrod Yakobovitz 8 | - Yogev Chen 9 | - Avishay Bar 10 | - Ziv Lifshits 11 | - Maish Saidel-Keesing 12 | description: Installs CyberArk PSM software 13 | company: CyberArk 14 | license: Apache2 15 | 16 | min_ansible_version: 2.5 17 | 18 | platforms: 19 | - name: Windows 20 | versions: 21 | - 2016 22 | - 2019 23 | 24 | galaxy_tags: 25 | - psm 26 | - cyberark 27 | - security 28 | 29 | dependencies: [] 30 | -------------------------------------------------------------------------------- /tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # tasks file for psm 3 | 4 | - name: Validate input parameters 5 | ansible.builtin.include_tasks: psm_validateparameters.yml 6 | 7 | - name: Extract PSM package 8 | ansible.builtin.include_tasks: psm_extract.yml 9 | when: 10 | - psm_extract 11 | tags: [print_action] 12 | 13 | - name: Running PSM prerequisities 14 | ansible.builtin.include_tasks: psm_prerequisites.yml 15 | when: 16 | - psm_prerequisites 17 | tags: [print_action] 18 | 19 | - name: Running PSM install 20 | ansible.builtin.include_tasks: psm_install.yml 21 | when: 22 | - psm_install 23 | tags: [print_action] 24 | 25 | - name: Running PSM postinstall 26 | ansible.builtin.include_tasks: psm_postinstall.yml 27 | when: 28 | - psm_exists 29 | - psm_postinstall 30 | tags: [print_action] 31 | 32 | - name: Running PSM hardening 33 | ansible.builtin.include_tasks: psm_hardening.yml 34 | when: 35 | - psm_exists 36 | - psm_hardening 37 | tags: [print_action] 38 | 39 | - name: Running PSM registration 40 | ansible.builtin.include_tasks: psm_registration.yml 41 | when: 42 | - psm_registration 43 | - psm_exists 44 | - not psm_registered 45 | tags: [print_action] 46 | 47 | - name: Running PSM clean 48 | ansible.builtin.include_tasks: psm_clean.yml 49 | when: 50 | - psm_clean 51 | tags: [print_action] 52 | -------------------------------------------------------------------------------- /tasks/psm_clean.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # tasks file for psm_clean 3 | 4 | - name: Find all inf and log files in hardening folder 5 | ansible.windows.win_find: 6 | paths: "{{ psm_installation_path }}\\PSM\\Hardening" 7 | patterns: ['*.inf', '*.log'] 8 | register: files_to_delete 9 | 10 | - name: Delete all inf and log files in the hardening folder 11 | ansible.windows.win_file: 12 | path: "{{ item.path }}" 13 | state: absent 14 | with_items: "{{ files_to_delete.files }}" 15 | 16 | - name: Find all Relevant Files in the Windows Temp Folder 17 | ansible.windows.win_find: 18 | paths: C:\Windows\Temp 19 | patterns: ['PSM*.*', 'InstallationAutomation*.*'] 20 | register: files_to_delete 21 | 22 | - name: Delete all Relevant Files in the Windows Temp Folder 23 | ansible.windows.win_file: 24 | path: "{{ item.path }}" 25 | state: absent 26 | with_items: "{{ files_to_delete.files }}" 27 | 28 | - name: Clean cred files 29 | ansible.windows.win_file: 30 | path: "{{ item }}" 31 | state: absent 32 | with_items: 33 | - "{{ psm_installation_path }}\\PSM\\Vault\\psmgw.ini" 34 | - "{{ psm_installation_path }}\\PSM\\Vault\\psmapp.ini" 35 | 36 | - name: Keep installation automation folder 37 | ansible.windows.win_copy: 38 | src: "{{ psm_installationautomation_folder }}" 39 | dest: "{{ psm_base_bin_drive }}\\Cyberark\\PSM" 40 | remote_src: true 41 | 42 | - name: Keep Registration Tool folder 43 | ansible.windows.win_copy: 44 | src: "{{ psm_registrationtool_location }}" 45 | dest: "{{ psm_base_bin_drive }}\\Cyberark\\PSM" 46 | remote_src: true 47 | 48 | - name: Delete the deployment folder 49 | ansible.windows.win_file: 50 | path: "{{ psm_extract_folder }}" 51 | state: absent 52 | 53 | - name: Validate folder Deletion 54 | ansible.windows.win_stat: 55 | path: "{{ psm_extract_folder }}" 56 | register: folder_data 57 | 58 | - name: End play if Deployment folder was not deleted 59 | ansible.builtin.fail: 60 | msg: "Error on folder deletion, stop play..." 61 | when: folder_data.stat.exists 62 | 63 | - name: Copy Reset RDS Grace Period Powershell to the Machine 64 | ansible.windows.win_copy: 65 | src: "files/Reset-TSGracePeriod.ps1" 66 | dest: "%TEMP%\\" 67 | 68 | - name: Reset RDS Grace Period 69 | ansible.windows.win_command: powershell.exe -File Reset-TSGracePeriod.ps1 70 | args: 71 | chdir: "%TEMP%\\" 72 | 73 | - name: Create Deployment Folders 74 | ansible.windows.win_file: 75 | path: "{{ item }}" 76 | state: directory 77 | with_items: 78 | - "C:\\CyberArk" 79 | - "C:\\CyberArk\\Deployment" 80 | - "C:\\CyberArk\\Deployment\\Logs" 81 | 82 | - name: Copy PS1 scripts - AWS 83 | ansible.windows.win_copy: 84 | src: "files/aws/{{ item }}" 85 | dest: C:\CyberArk\Deployment\ 86 | with_items: 87 | - PSMRegistration.ps1 88 | - PSMConfiguration.ps1 89 | - CloudWatch.ps1 90 | - Common.ps1 91 | when: platform == 'aws' 92 | 93 | - name: Copy CloudWatch Json 94 | ansible.windows.win_copy: 95 | src: "files/aws/AWS.EC2.Windows.CloudWatch.json" 96 | dest: "C:\\Program Files\\Amazon\\SSM\\Plugins\\awsCloudWatch\\" 97 | -------------------------------------------------------------------------------- /tasks/psm_extract.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # tasks file for psm_extract 3 | 4 | - name: Create folder 5 | ansible.windows.win_file: 6 | path: "{{ psm_extract_folder }}" 7 | state: directory 8 | 9 | - name: Copy PSM package from local source 10 | ansible.windows.win_copy: 11 | src: "{{ psm_zip_file_path }}" 12 | dest: "{{ psm_extract_folder }}\\{{ psm_artifact_name }}" 13 | register: st 14 | 15 | - name: Check if package exists in path 16 | ansible.builtin.fail: 17 | msg: "{{ psm_zip_file_path }} not exists, failing..." 18 | when: not st.checksum 19 | 20 | - name: Unzip the PSM package 21 | community.windows.win_unzip: 22 | src: "{{ psm_extract_folder }}\\{{ psm_artifact_name }}" 23 | dest: "{{ psm_extract_folder }}" 24 | when: psm_official 25 | 26 | - name: Create component folder 27 | ansible.windows.win_file: 28 | path: "{{ psm_extract_folder }}\\{{ psm_component_folder }}" 29 | state: directory 30 | when: not psm_official 31 | 32 | - name: Unzip the PSM package 33 | community.windows.win_unzip: 34 | src: "{{ psm_extract_folder }}\\{{ psm_artifact_name }}" 35 | dest: "{{ psm_extract_folder }}\\{{ psm_component_folder }}" 36 | when: not psm_official 37 | -------------------------------------------------------------------------------- /tasks/psm_hardening.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # tasks file for psm_hardening 3 | 4 | - name: Check psm_out_of_domain is boolean 5 | ansible.builtin.fail: 6 | msg: "psm_out_of_domain should be true/false, current type is {{ psm_out_of_domain | type_debug }}" 7 | when: psm_out_of_domain | type_debug != 'bool' 8 | 9 | - name: Update PSM out-of-domain parameter 10 | ansible.windows.win_shell: | 11 | try 12 | { 13 | $psm_domain = if('{{ psm_out_of_domain }}' -eq 'true') {"Yes"} else {"No"} 14 | $filePath = "{{ psm_installationautomation_folder }}\\Hardening\\HardeningConfig.xml" 15 | $xml = [xml](Get-Content $filePath) 16 | $step1 = $xml.SelectSingleNode("//Step[@Name = 'OutOfDomainHardening']") 17 | $step1.Enable = $psm_domain 18 | $xml.Save($filePath) 19 | exit 0 20 | } 21 | catch 22 | { 23 | Write-Output "Error occured setting out-of-domain parameter" 24 | exit 1 25 | } 26 | 27 | 28 | - name: Hardening Block 29 | block: 30 | 31 | - name: Run PSM hardening 32 | ansible.windows.win_shell: | 33 | Set-Location "{{ psm_installationautomation_folder }}" 34 | $Action = .\Execute-Stage.ps1 "{{ psm_installationautomation_folder }}\Hardening\HardeningConfig.xml" ` 35 | -silentMode "Silent" -displayJson -delayedrestart 36 | $Action | Out-File -FilePath "{{ psm_hardening_log }}" 37 | $Result = Get-Content "{{ psm_hardening_log }}" -Raw | ConvertFrom-Json 38 | if ($Result.isSucceeded -ne 0) { 39 | exit 1 40 | } else { 41 | exit 0 42 | } 43 | 44 | - name: Get log path for hardening 45 | ansible.windows.win_shell: | 46 | $Result = Get-Content "{{ psm_hardening_log }}" 47 | Write-Output $Result 48 | register: log_result 49 | 50 | - name: Fetch hardening log from path 51 | ansible.builtin.fetch: 52 | src: '{{ item.logPath }}' 53 | dest: '{{ log_path_dest }}/psm_hardening.log' 54 | flat: true 55 | with_items: 56 | - "{{ log_result.stdout | from_json }}" 57 | 58 | - name: Enable AutoAdminLogon 59 | ansible.windows.win_regedit: 60 | path: HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon 61 | name: AutoAdminLogon 62 | data: 1 63 | with_items: 64 | - "{{ log_result.stdout | from_json }}" 65 | when: 66 | - item.restartRequired 67 | - psm_restart 68 | 69 | - name: Set default username for AutoAdminLogon 70 | ansible.windows.win_regedit: 71 | path: HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon 72 | name: DefaultUsername 73 | data: "{{ ansible_user }}" 74 | with_items: 75 | - "{{ log_result.stdout | from_json }}" 76 | when: 77 | - item.restartRequired 78 | - psm_restart 79 | 80 | - name: Set default password for AutoAdminLogon 81 | ansible.windows.win_regedit: 82 | path: HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon 83 | name: DefaultPassword 84 | data: "{{ ansible_password }}" 85 | with_items: 86 | - "{{ log_result.stdout | from_json }}" 87 | when: 88 | - item.restartRequired 89 | - psm_restart 90 | 91 | - name: Reboot when PSM hardening requires reboot 92 | ansible.windows.win_reboot: 93 | reboot_timeout: 300 94 | with_items: 95 | - "{{ log_result.stdout | from_json }}" 96 | when: 97 | - item.restartRequired 98 | - psm_restart 99 | 100 | - name: Remove AutoAdminLogon 101 | ansible.windows.win_regedit: 102 | path: HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon 103 | name: AutoAdminLogon 104 | state: absent 105 | with_items: 106 | - "{{ log_result.stdout | from_json }}" 107 | when: 108 | - item.restartRequired 109 | - psm_restart 110 | 111 | - name: Remove username for AutoAdminLogon 112 | ansible.windows.win_regedit: 113 | path: HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon 114 | name: DefaultUsername 115 | state: absent 116 | with_items: 117 | - "{{ log_result.stdout | from_json }}" 118 | when: 119 | - item.restartRequired 120 | - psm_restart 121 | 122 | - name: Remove password for AutoAdminLogon 123 | ansible.windows.win_regedit: 124 | path: HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon 125 | name: DefaultPassword 126 | state: absent 127 | with_items: 128 | - "{{ log_result.stdout | from_json }}" 129 | when: 130 | - item.restartRequired 131 | - psm_restart 132 | 133 | rescue: 134 | 135 | - name: Get log path for hardening 136 | ansible.windows.win_shell: | 137 | $Result = Get-Content "{{ psm_hardening_log }}" 138 | Write-Output $Result 139 | register: log_result 140 | 141 | - name: Fetch hardening log from path 142 | ansible.builtin.fetch: 143 | src: '{{ item.logPath }}' 144 | dest: '{{ log_path_dest }}/psm_hardening.log' 145 | flat: true 146 | with_items: 147 | - "{{ log_result.stdout | from_json }}" 148 | 149 | - name: Fail when hardening not successful 150 | ansible.builtin.fail: 151 | msg: 'ERROR: Hardening failed. For more info check {{ log_path_dest }}/psm_hardening.log' 152 | 153 | - name: Validate PSM hardening 154 | ansible.windows.win_shell: | 155 | $policyInfPath = "{{ psm_installationautomation_folder }}\\group-policy.inf" 156 | $policyLogPath = "{{ psm_installationautomation_folder }}\\group-policy.log" 157 | secedit /export /cfg "$policyInfPath" /log "$policyLogPath" 158 | if (Test-Path "$policyInfPath") 159 | { 160 | $stringFound = Select-String -Path "$policyInfPath" -Pattern 'PSMShadowUsers' 161 | if ($stringFound -ne $null) 162 | { 163 | exit 0 164 | } 165 | } 166 | exit 1 167 | when: psm_out_of_domain 168 | 169 | - name: Set hardening success as fact 170 | ansible.builtin.set_fact: 171 | psm_hardened: true 172 | -------------------------------------------------------------------------------- /tasks/psm_install.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # tasks file for psm installation 3 | 4 | - name: Set installation folder on xml config file 5 | ansible.windows.win_shell: | 6 | try 7 | { 8 | ### This script set the install directory received from var in the install config file 9 | $filePath = "{{ psm_installationautomation_folder }}\\Installation\\InstallationConfig.xml" 10 | $xml = [xml](Get-Content $filePath) 11 | $step1 = $xml.SelectSingleNode("//Parameter[@Name = 'InstallationDirectory']") 12 | $step1.Value = "{{ psm_installation_path }}" 13 | $step2 = $xml.SelectSingleNode("//Parameter[@Name = 'RecordingDirectory']") 14 | $step2.Value = "{{ psm_installation_path }}\PSM\Recordings" 15 | $xml.Save($filePath) 16 | exit 0 17 | } 18 | catch 19 | { 20 | Write-Output "Error occured during SetAtrributeInXML" 21 | exit 1 22 | } 23 | 24 | - name: Installation Block 25 | block: 26 | 27 | - name: Execute PSM installation 28 | ansible.windows.win_shell: | 29 | Set-Location "{{ psm_installationautomation_folder }}" 30 | $Action = .\Execute-Stage.ps1 "{{ psm_installationautomation_folder }}\Installation\InstallationConfig.xml" ` 31 | -silentMode "Silent" -displayJson -delayedrestart 32 | $Action | Out-File -FilePath "{{ psm_install_log }}" 33 | $Result = Get-Content "{{ psm_install_log }}" -Raw | ConvertFrom-Json 34 | if ($Result.isSucceeded -ne 0) { 35 | exit 1 36 | } else { 37 | exit 0 38 | } 39 | 40 | - name: Get log path for installation 41 | ansible.windows.win_shell: | 42 | $Result = Get-Content "{{ psm_install_log }}" 43 | Write-Output $Result 44 | register: log_result 45 | 46 | - name: Fetch installation log from path 47 | ansible.builtin.fetch: 48 | src: '{{ item.logPath }}' 49 | dest: '{{ log_path_dest }}/psm_install.log' 50 | flat: true 51 | with_items: 52 | - "{{ log_result.stdout | from_json }}" 53 | 54 | - name: Enable AutoAdminLogon 55 | ansible.windows.win_regedit: 56 | path: HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon 57 | name: AutoAdminLogon 58 | data: 1 59 | with_items: 60 | - "{{ log_result.stdout | from_json }}" 61 | when: 62 | - item.restartRequired 63 | - psm_restart 64 | 65 | - name: Set default username for AutoAdminLogon 66 | ansible.windows.win_regedit: 67 | path: HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon 68 | name: DefaultUsername 69 | data: "{{ ansible_user }}" 70 | with_items: 71 | - "{{ log_result.stdout | from_json }}" 72 | when: 73 | - item.restartRequired 74 | - psm_restart 75 | 76 | - name: Set default password for AutoAdminLogon 77 | ansible.windows.win_regedit: 78 | path: HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon 79 | name: DefaultPassword 80 | data: "{{ ansible_password }}" 81 | with_items: 82 | - "{{ log_result.stdout | from_json }}" 83 | when: 84 | - item.restartRequired 85 | - psm_restart 86 | 87 | - name: Reboot when PSM Installation requires reboot 88 | ansible.windows.win_reboot: 89 | reboot_timeout: 300 90 | with_items: 91 | - "{{ log_result.stdout | from_json }}" 92 | when: 93 | - item.restartRequired 94 | - psm_restart 95 | 96 | - name: Remove AutoAdminLogon 97 | ansible.windows.win_regedit: 98 | path: HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon 99 | name: AutoAdminLogon 100 | state: absent 101 | with_items: 102 | - "{{ log_result.stdout | from_json }}" 103 | when: 104 | - item.restartRequired 105 | - psm_restart 106 | 107 | - name: Remove username for AutoAdminLogon 108 | ansible.windows.win_regedit: 109 | path: HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon 110 | name: DefaultUsername 111 | state: absent 112 | with_items: 113 | - "{{ log_result.stdout | from_json }}" 114 | when: 115 | - item.restartRequired 116 | - psm_restart 117 | 118 | - name: Remove password for AutoAdminLogon 119 | ansible.windows.win_regedit: 120 | path: HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon 121 | name: DefaultPassword 122 | state: absent 123 | with_items: 124 | - "{{ log_result.stdout | from_json }}" 125 | when: 126 | - item.restartRequired 127 | - psm_restart 128 | 129 | rescue: 130 | 131 | - name: Get log path for installation 132 | ansible.windows.win_shell: | 133 | $Result = Get-Content "{{ psm_install_log }}" 134 | Write-Output $Result 135 | register: log_result 136 | 137 | - name: Fetch installation log from path 138 | ansible.builtin.fetch: 139 | src: '{{ item.logPath }}' 140 | dest: '{{ log_path_dest }}/psm_install.log' 141 | flat: true 142 | with_items: 143 | - "{{ log_result.stdout | from_json }}" 144 | 145 | - name: Fail when installation not successful 146 | ansible.builtin.fail: 147 | msg: 'ERROR: Installation failed. For more info check {{ log_path_dest }}/psm_install.log' 148 | 149 | - name: Check PSM service status 150 | ansible.windows.win_service: 151 | name: "{{ psm_service_name }}" 152 | register: psm_service_info 153 | 154 | - name: Set installation success as fact 155 | ansible.builtin.set_fact: 156 | psm_exists: "{{ psm_service_info.exists }}" 157 | -------------------------------------------------------------------------------- /tasks/psm_postinstall.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # tasks file for psm postinstall 3 | 4 | - name: Post Installation Block 5 | block: 6 | 7 | - name: Run PSM post installation 8 | ansible.windows.win_shell: | 9 | Set-Location "{{ psm_installationautomation_folder }}" 10 | $Action = .\Execute-Stage.ps1 "{{ psm_installationautomation_folder }}\PostInstallation\PostInstallationConfig.xml" ` 11 | -silentMode "Silent" -displayJson 12 | $Action | Out-File -FilePath "{{ psm_postinstall_log }}" 13 | $Result = Get-Content "{{ psm_postinstall_log }}" -Raw | ConvertFrom-Json 14 | if ($Result.isSucceeded -ne 0) { 15 | exit 1 16 | } else { 17 | exit 0 18 | } 19 | 20 | - name: Get log path for post installation 21 | ansible.windows.win_shell: | 22 | $Result = Get-Content "{{ psm_postinstall_log }}" 23 | Write-Output $Result 24 | register: log_result 25 | 26 | - name: Fetch postinstall log from path 27 | ansible.builtin.fetch: 28 | src: '{{ item.logPath }}' 29 | dest: '{{ log_path_dest }}/psm_postinstall.log' 30 | flat: true 31 | with_items: 32 | - "{{ log_result.stdout | from_json }}" 33 | 34 | - name: Enable AutoAdminLogon 35 | ansible.windows.win_regedit: 36 | path: HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon 37 | name: AutoAdminLogon 38 | data: 1 39 | with_items: 40 | - "{{ log_result.stdout | from_json }}" 41 | when: 42 | - item.restartRequired 43 | - psm_restart 44 | 45 | - name: Set default username for AutoAdminLogon 46 | ansible.windows.win_regedit: 47 | path: HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon 48 | name: DefaultUsername 49 | data: "{{ ansible_user }}" 50 | with_items: 51 | - "{{ log_result.stdout | from_json }}" 52 | when: 53 | - item.restartRequired 54 | - psm_restart 55 | 56 | - name: Set default password for AutoAdminLogon 57 | ansible.windows.win_regedit: 58 | path: HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon 59 | name: DefaultPassword 60 | data: "{{ ansible_password }}" 61 | with_items: 62 | - "{{ log_result.stdout | from_json }}" 63 | when: 64 | - item.restartRequired 65 | - psm_restart 66 | 67 | - name: Reboot when PSM Post Installation requires reboot 68 | ansible.windows.win_reboot: 69 | reboot_timeout: 300 70 | with_items: 71 | - "{{ log_result.stdout | from_json }}" 72 | when: 73 | - item.restartRequired 74 | - psm_restart 75 | 76 | - name: Remove AutoAdminLogon 77 | ansible.windows.win_regedit: 78 | path: HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon 79 | name: AutoAdminLogon 80 | state: absent 81 | with_items: 82 | - "{{ log_result.stdout | from_json }}" 83 | when: 84 | - item.restartRequired 85 | - psm_restart 86 | 87 | - name: Remove username for AutoAdminLogon 88 | ansible.windows.win_regedit: 89 | path: HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon 90 | name: DefaultUsername 91 | state: absent 92 | with_items: 93 | - "{{ log_result.stdout | from_json }}" 94 | when: 95 | - item.restartRequired 96 | - psm_restart 97 | 98 | - name: Remove password for AutoAdminLogon 99 | ansible.windows.win_regedit: 100 | path: HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon 101 | name: DefaultPassword 102 | state: absent 103 | with_items: 104 | - "{{ log_result.stdout | from_json }}" 105 | when: 106 | - item.restartRequired 107 | - psm_restart 108 | 109 | rescue: 110 | 111 | - name: Get log path for post installation 112 | ansible.windows.win_shell: | 113 | $Result = Get-Content "{{ psm_postinstall_log }}" 114 | Write-Output $Result 115 | register: log_result 116 | 117 | - name: Fetch postinstall log from path 118 | ansible.builtin.fetch: 119 | src: '{{ item.logPath }}' 120 | dest: '{{ log_path_dest }}/psm_postinstall.log' 121 | flat: true 122 | with_items: 123 | - "{{ log_result.stdout | from_json }}" 124 | 125 | - name: Fail when post installation not successful 126 | ansible.builtin.fail: 127 | msg: 'ERROR: Post Installation failed. For more info check {{ log_path_dest }}/psm_postinstall.log' 128 | 129 | - name: Validate users exists and password expiration 130 | ansible.windows.win_shell: | 131 | $ErrorActionPreference = "Stop" 132 | 133 | try { 134 | $user = Get-WmiObject -Class Win32_UserAccount -Filter {Name = "PSMConnect"} 135 | if ($user -eq $null) 136 | { 137 | exit 1 138 | } 139 | $user = Get-WmiObject -Class Win32_UserAccount -Filter {Name = "PSMAdminConnect"} 140 | if ($user -eq $null) 141 | { 142 | exit 1 143 | } 144 | 145 | exit 0 146 | } catch { 147 | Write-Output "Error occured: $error" 148 | exit 1 149 | } 150 | -------------------------------------------------------------------------------- /tasks/psm_prerequisites.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # tasks file for psm prerequisities 3 | 4 | - name: Install Chocolatey 5 | chocolatey.chocolatey.win_chocolatey: 6 | name: chocolatey 7 | version: '1.4.0' 8 | 9 | - name: Install .NET Framework 4.8 10 | chocolatey.chocolatey.win_chocolatey: 11 | name: dotnetfx 12 | state: present 13 | version: '4.8.0.20220524' 14 | register: dotnetfx_response 15 | 16 | - name: Reboot host if required 17 | ansible.windows.win_reboot: 18 | reboot_timeout: 300 19 | when: dotnetfx_response.rc == 3010 20 | 21 | - name: Update NLA & UpdateRDSSecurityLayer installation 22 | ansible.windows.win_shell: | 23 | try 24 | { 25 | $filePath = "{{ psm_installationautomation_folder }}\\Prerequisites\\PrerequisitesConfig.xml" 26 | $xml = [xml](Get-Content $filePath) 27 | $step1 = $xml.SelectSingleNode("//Step[@Name = 'DisableNLA']") 28 | $step1.Enable = 'Yes' 29 | $step2 = $xml.SelectSingleNode("//Step[@Name = 'UpdateRDSSecurityLayer']") 30 | $step2.Enable = 'Yes' 31 | $xml.Save($filePath) 32 | exit 0 33 | } 34 | catch 35 | { 36 | Write-Output "Error occured during SetAtrributeInXML" 37 | exit 1 38 | } 39 | 40 | - name: Preinstall Block 41 | block: 42 | 43 | - name: Run PSM prerequisities 44 | ansible.windows.win_shell: | 45 | Set-Location '{{ psm_installationautomation_folder }}' 46 | $Action = .\Execute-Stage.ps1 '{{ psm_installationautomation_folder }}\Prerequisites\PrerequisitesConfig.xml' ` 47 | -silentMode "Silent" -displayJson -delayedrestart 48 | $Action | Out-File -FilePath '{{ psm_prerequisites_log }}' 49 | $Result = Get-Content '{{ psm_prerequisites_log }}' -Raw | ConvertFrom-Json 50 | if ($Result.isSucceeded -ne 0) { 51 | exit 1 52 | } else { 53 | exit 0 54 | } 55 | 56 | - name: Get log path for prerequisities 57 | ansible.windows.win_shell: | 58 | $Result = Get-Content "{{ psm_prerequisites_log }}" 59 | Write-Output $Result 60 | register: log_result 61 | 62 | - name: Enable AutoAdminLogon 63 | ansible.windows.win_regedit: 64 | path: HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon 65 | name: AutoAdminLogon 66 | data: 1 67 | when: 68 | - item.restartRequired 69 | - psm_restart 70 | with_items: 71 | - "{{ log_result.stdout | from_json }}" 72 | 73 | - name: Set default username for AutoAdminLogon 74 | ansible.windows.win_regedit: 75 | path: HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon 76 | name: DefaultUsername 77 | data: "{{ ansible_user }}" 78 | when: 79 | - item.restartRequired 80 | - psm_restart 81 | with_items: 82 | - "{{ log_result.stdout | from_json }}" 83 | 84 | - name: Set default password for AutoAdminLogon 85 | ansible.windows.win_regedit: 86 | path: HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon 87 | name: DefaultPassword 88 | data: "{{ ansible_password }}" 89 | with_items: 90 | - "{{ log_result.stdout | from_json }}" 91 | when: 92 | - item.restartRequired 93 | - psm_restart 94 | 95 | - name: Reboot when PSM Prerequisites requires reboot 96 | ansible.windows.win_reboot: 97 | reboot_timeout: 300 98 | with_items: 99 | - "{{ log_result.stdout | from_json }}" 100 | when: 101 | - item.restartRequired 102 | - psm_restart 103 | 104 | - name: Remove AutoAdminLogon 105 | ansible.windows.win_regedit: 106 | path: HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon 107 | name: AutoAdminLogon 108 | state: absent 109 | with_items: 110 | - "{{ log_result.stdout | from_json }}" 111 | when: 112 | - item.restartRequired 113 | - psm_restart 114 | 115 | - name: Remove username for AutoAdminLogon 116 | ansible.windows.win_regedit: 117 | path: HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon 118 | name: DefaultUsername 119 | state: absent 120 | with_items: 121 | - "{{ log_result.stdout | from_json }}" 122 | when: 123 | - item.restartRequired 124 | - psm_restart 125 | 126 | - name: Remove password for AutoAdminLogon 127 | ansible.windows.win_regedit: 128 | path: HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon 129 | name: DefaultPassword 130 | state: absent 131 | with_items: 132 | - "{{ log_result.stdout | from_json }}" 133 | when: 134 | - item.restartRequired 135 | - psm_restart 136 | 137 | - name: Continue execute PSM prerequisities after restart (if required) 138 | ansible.windows.win_shell: | 139 | Set-Location "{{ psm_installationautomation_folder }}" 140 | $Action = .\Execute-Stage.ps1 "{{ psm_installationautomation_folder }}\Prerequisites\PrerequisitesConfig.xml" ` 141 | -silentMode "Silent" -displayJson 142 | $Action | Out-File -FilePath "{{ psm_prerequisites_log }}" 143 | $Result = Get-Content "{{ psm_prerequisites_log }}" -Raw | ConvertFrom-Json 144 | if ($Result.isSucceeded -ne 0) { 145 | exit 1 146 | } else { 147 | exit 0 148 | } 149 | 150 | - name: Get log path for prerequisities 151 | ansible.windows.win_shell: | 152 | $Result = Get-Content "{{ psm_prerequisites_log }}" 153 | Write-Output $Result 154 | register: log_result 155 | 156 | - name: Fetch prerequisites log from path 157 | ansible.builtin.fetch: 158 | src: '{{ item.logPath }}' 159 | dest: '{{ log_path_dest }}/psm_prerequisites.log' 160 | flat: true 161 | with_items: 162 | - "{{ log_result.stdout | from_json }}" 163 | 164 | - name: Enable AutoAdminLogon 165 | ansible.windows.win_regedit: 166 | path: HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon 167 | name: AutoAdminLogon 168 | data: 1 169 | when: 170 | - item.restartRequired 171 | - psm_restart 172 | with_items: 173 | - "{{ log_result.stdout | from_json }}" 174 | 175 | - name: Set default username for AutoAdminLogon 176 | ansible.windows.win_regedit: 177 | path: HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon 178 | name: DefaultUsername 179 | data: "{{ ansible_user }}" 180 | when: 181 | - item.restartRequired 182 | - psm_restart 183 | with_items: 184 | - "{{ log_result.stdout | from_json }}" 185 | 186 | - name: Set default password for AutoAdminLogon 187 | ansible.windows.win_regedit: 188 | path: HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon 189 | name: DefaultPassword 190 | data: "{{ ansible_password }}" 191 | with_items: 192 | - "{{ log_result.stdout | from_json }}" 193 | when: 194 | - item.restartRequired 195 | - psm_restart 196 | 197 | - name: Reboot when PSM Prerequisites requires reboot 198 | ansible.windows.win_reboot: 199 | reboot_timeout: 300 200 | with_items: 201 | - "{{ log_result.stdout | from_json }}" 202 | when: 203 | - item.restartRequired 204 | - psm_restart 205 | 206 | - name: Remove AutoAdminLogon 207 | ansible.windows.win_regedit: 208 | path: HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon 209 | name: AutoAdminLogon 210 | state: absent 211 | with_items: 212 | - "{{ log_result.stdout | from_json }}" 213 | when: 214 | - item.restartRequired 215 | - psm_restart 216 | 217 | - name: Remove username for AutoAdminLogon 218 | ansible.windows.win_regedit: 219 | path: HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon 220 | name: DefaultUsername 221 | state: absent 222 | with_items: 223 | - "{{ log_result.stdout | from_json }}" 224 | when: 225 | - item.restartRequired 226 | - psm_restart 227 | 228 | - name: Remove password for AutoAdminLogon 229 | ansible.windows.win_regedit: 230 | path: HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon 231 | name: DefaultPassword 232 | state: absent 233 | with_items: 234 | - "{{ log_result.stdout | from_json }}" 235 | when: 236 | - item.restartRequired 237 | - psm_restart 238 | 239 | rescue: 240 | 241 | - name: Get log path for prerequisites 242 | ansible.windows.win_shell: | 243 | $Result = Get-Content "{{ psm_prerequisites_log }}" 244 | Write-Output $Result 245 | register: log_result 246 | 247 | - name: Fetch prerequisites log from path 248 | ansible.builtin.fetch: 249 | src: '{{ item.logPath }}' 250 | dest: '{{ log_path_dest }}/psm_prerequisites.log' 251 | flat: true 252 | with_items: 253 | - "{{ log_result.stdout | from_json }}" 254 | 255 | - name: Fail when prerequisites not successful 256 | ansible.builtin.fail: 257 | msg: 'ERROR: Prerequisites failed. For more info check {{ log_path_dest }}/psm_prerequisites.log' 258 | -------------------------------------------------------------------------------- /tasks/psm_registration.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # tasks file for psm registration 3 | 4 | - name: Registration Block 5 | block: 6 | 7 | - name: Update PSM registration configuration file 8 | ansible.windows.win_shell: | 9 | try 10 | { 11 | $filePath = "{{ psm_registrationtool_folder }}\\RegistrationConfig.xml" 12 | $xml = [xml](Get-Content $filePath) 13 | $step1 = $xml.SelectSingleNode("//Parameter[@Name = 'vaultip']") 14 | $step1.Value = "{{ vault_ip }}" 15 | $step2 = $xml.SelectSingleNode("//Parameter[@Name = 'vaultport']") 16 | $step2.Value = "{{ vault_port }}" 17 | $step3 = $xml.SelectSingleNode("//Parameter[@Name = 'vaultusername']") 18 | $step3.Value = "{{ vault_username }}" 19 | $step4 = $xml.SelectSingleNode("//Parameter[@Name = 'accepteula']") 20 | $step4.Value = "yes" 21 | $xml.Save($filePath) 22 | exit 0 23 | } 24 | catch 25 | { 26 | Write-Output "Error occured While updating registration configuration file" 27 | exit 1 28 | } 29 | when: dr_vault_ip is not defined 30 | 31 | - name: Update PSM registration configuration file 32 | ansible.windows.win_shell: | 33 | try 34 | { 35 | $filePath = "{{ psm_registrationtool_folder }}\\RegistrationConfig.xml" 36 | $xml = [xml](Get-Content $filePath) 37 | $step1 = $xml.SelectSingleNode("//Parameter[@Name = 'vaultip']") 38 | $step1.Value = "{{ vault_ip }},{{ dr_vault_ip }}" 39 | $step2 = $xml.SelectSingleNode("//Parameter[@Name = 'vaultport']") 40 | $step2.Value = "{{ vault_port }}" 41 | $step3 = $xml.SelectSingleNode("//Parameter[@Name = 'vaultusername']") 42 | $step3.Value = "{{ vault_username }}" 43 | $step4 = $xml.SelectSingleNode("//Parameter[@Name = 'accepteula']") 44 | $step4.Value = "yes" 45 | $xml.Save($filePath) 46 | exit 0 47 | } 48 | catch 49 | { 50 | Write-Output "Error occured While updating registration configuration file" 51 | exit 1 52 | } 53 | when: dr_vault_ip is defined 54 | 55 | - name: Run PSM registration 56 | ansible.windows.win_shell: | 57 | Set-Location "{{ psm_installationautomation_folder }}" 58 | $secStrObj = ConvertTo-SecureString -String "{{ secure_vault_password }}" -Force 59 | $Action = .\Execute-Stage.ps1 "{{ psm_registrationtool_folder }}\\RegistrationConfig.xml" ` 60 | -silentMode "Silent" -displayJson -spwdObj $secStrObj 61 | $Action | Out-File -FilePath "{{ psm_registration_log }}" 62 | $Result = Get-Content "{{ psm_registration_log }}" -Raw | ConvertFrom-Json 63 | if ($Result.isSucceeded -ne 0) { 64 | exit 1 65 | } else { 66 | exit 0 67 | } 68 | no_log: true 69 | 70 | - name: Get log path for registration 71 | ansible.windows.win_shell: | 72 | $Result = Get-Content "{{ psm_registration_log }}" 73 | Write-Output $Result 74 | register: log_result 75 | no_log: true 76 | 77 | - name: Fetch registration log from path 78 | ansible.builtin.fetch: 79 | src: '{{ item.logPath }}' 80 | dest: '{{ log_path_dest }}/psm_registration.log' 81 | flat: true 82 | with_items: 83 | - "{{ log_result.stdout | from_json }}" 84 | 85 | - name: Start PSM service & set to auto 86 | ansible.windows.win_service: 87 | name: "{{ psm_service_name }}" 88 | start_mode: auto 89 | state: started 90 | 91 | - name: Check if PSM service is running 92 | ansible.windows.win_service: 93 | name: "{{ psm_service_name }}" 94 | register: psm_service_info 95 | 96 | - name: Set registration success as fact 97 | ansible.builtin.set_fact: 98 | psm_registered: true 99 | when: psm_service_info.state == "running" 100 | 101 | rescue: 102 | 103 | - name: Get log path for registration 104 | ansible.windows.win_shell: | 105 | $Result = Get-Content "{{ psm_registration_log }}" 106 | Write-Output $Result 107 | register: log_result 108 | no_log: true 109 | 110 | - name: Fetch registration log from path 111 | ansible.builtin.fetch: 112 | src: '{{ item.logPath }}' 113 | dest: '{{ log_path_dest }}/psm_registration.log' 114 | flat: true 115 | with_items: 116 | - "{{ log_result.stdout | from_json }}" 117 | 118 | - name: Fail when registration not successful 119 | ansible.builtin.fail: 120 | msg: 'ERROR: Registration failed. For more info check {{ log_path_dest }}/psm_registration.log' 121 | -------------------------------------------------------------------------------- /tasks/psm_validateparameters.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # tasks file for psm_validateparameters 3 | 4 | - name: Check EULA is accepted 5 | ansible.builtin.fail: 6 | msg: "You must accept EULA to start the playbook" 7 | when: (accept_eula | type_debug != 'bool' and accept_eula | lower != "yes") or (accept_eula | type_debug == 'bool' and not accept_eula) 8 | 9 | - name: Set secure vault password 10 | when: 11 | - psm_registration 12 | no_log: true 13 | block: 14 | - name: Set default value for vault_password 15 | ansible.builtin.set_fact: 16 | vault_password: '' 17 | when: vault_password is undefined 18 | 19 | - name: Set default value for secure_vault_password 20 | ansible.builtin.set_fact: 21 | secure_vault_password: '' 22 | when: secure_vault_password is undefined 23 | 24 | - name: Check if the user use 2 passwords 25 | ansible.builtin.fail: 26 | msg: "You must provide either vault_password or secure_vault_password parameter" 27 | when: 28 | - (vault_password != '') 29 | - (secure_vault_password != '') 30 | 31 | - name: Convert to securestring 32 | ansible.windows.win_shell: | 33 | $secure_vault_password_object = ConvertTo-SecureString "{{ vault_password }}" -AsPlainText -Force 34 | $secure_vault_password_string = ConvertFrom-SecureString $secure_vault_password_object 35 | write-output $secure_vault_password_string 36 | register: secure_vault_password_string 37 | when: vault_password != '' 38 | 39 | - name: Set varible for secured vault password 40 | ansible.builtin.set_fact: 41 | secure_vault_password: "{{ secure_vault_password_string.stdout_lines[0] }}" 42 | vault_password: '' 43 | when: secure_vault_password == '' 44 | 45 | - name: Check PSM service status 46 | ansible.windows.win_service: 47 | name: "{{ psm_service_name }}" 48 | register: psm_service_info 49 | 50 | - name: Set service info as fact 51 | ansible.builtin.set_fact: 52 | psm_exists: true 53 | when: psm_service_info.exists 54 | 55 | - name: Check if PSM is registered 56 | ansible.builtin.set_fact: 57 | psm_registered: true 58 | when: 59 | - psm_service_info.exists 60 | - psm_service_info.state == "running" 61 | -------------------------------------------------------------------------------- /tests/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | 3 | # Default path to roles directory 4 | roles_path = ../../ 5 | 6 | # Adds timestamp to each task and add a recap on the end of the playbook 7 | callback_whitelist = profile_tasks 8 | log_path = ./logs/ansible.log 9 | ; host_key_checking = False 10 | -------------------------------------------------------------------------------- /tests/default.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - hosts: psm 4 | gather_facts: false 5 | tasks: 6 | 7 | - name: Get roles directory dirname 8 | ansible.builtin.set_fact: 9 | roles_dirname: "{{ playbook_dir | dirname | basename }}" 10 | 11 | - name: download package from s3 12 | aws_s3: 13 | bucket: cloud-initiatives-pipeline-bucket 14 | object: "Packages/v14.2/Privileged Session Manager-Rls-v14.2.zip" 15 | dest: "/tmp/psm.zip" 16 | mode: get 17 | delegate_to: localhost 18 | 19 | - name: PSM Deployment 20 | ansible.builtin.include_role: 21 | name: "{{ roles_dirname }}" 22 | vars: 23 | - psm_extract: true 24 | - psm_official: false 25 | - psm_prerequisites: true 26 | - psm_install: true 27 | - psm_postinstall: true 28 | - psm_hardening: true 29 | - psm_registration: false 30 | - psm_zip_file_path: "/tmp/psm.zip" 31 | - accept_eula: "yes" 32 | - psm_out_of_domain: true 33 | -------------------------------------------------------------------------------- /tests/integration/default/pester/defaults.tests.ps1: -------------------------------------------------------------------------------- 1 | describe "ansible_test_kitchen_windows_role ansible role" { 2 | Context "PSM Installation Path" { 3 | $Path = "C:\Program Files (x86)\Cyberark\PSM\Recordings" 4 | it "PSM Recordings Directory Exists" { 5 | Test-Path -Path $Path | Should be $true 6 | } 7 | } 8 | } -------------------------------------------------------------------------------- /tests/requirements.txt: -------------------------------------------------------------------------------- 1 | adal==1.2.2 2 | ansible==2.9.5 3 | ansible-lint==4.2.0 4 | applicationinsights==0.11.9 5 | argcomplete==1.11.1 6 | bcrypt==3.1.7 7 | boto==2.49.0 8 | boto3==1.12.19 9 | botocore==1.15.19 10 | certifi==2019.11.28 11 | cffi==1.14.0 12 | chardet==3.0.4 13 | colorama==0.4.3 14 | cryptography==2.8 15 | docutils==0.15.2 16 | humanfriendly==8.1 17 | idna==2.9 18 | importlib-metadata==1.5.0 19 | isodate==0.6.0 20 | Jinja2==2.11.1 21 | jmespath==0.9.5 22 | knack==0.3.3 23 | MarkupSafe==1.1.1 24 | msrest==0.6.1 25 | ntlm-auth==1.4.0 26 | oauthlib==3.1.0 27 | packaging==20.3 28 | paramiko==2.7.1 29 | pathspec==0.7.0 30 | pyasn1==0.4.8 31 | pycparser==2.20 32 | Pygments==2.6.1 33 | PyJWT==1.7.1 34 | PyNaCl==1.3.0 35 | pyOpenSSL==19.1.0 36 | pyparsing==2.4.6 37 | python-dateutil==2.8.1 38 | pywinrm==0.4.1 39 | PyYAML==5.3 40 | requests==2.23.0 41 | requests-credssp==1.1.1 42 | requests-ntlm==1.1.0 43 | requests-oauthlib==1.3.0 44 | ruamel.yaml==0.16.10 45 | ruamel.yaml.clib==0.2.0 46 | s3transfer==0.3.3 47 | six==1.14.0 48 | tabulate==0.8.2 49 | urllib3==1.25.8 50 | xmltodict==0.12.0 51 | yamllint==1.20.0 52 | zipp==3.1.0 53 | -------------------------------------------------------------------------------- /tests/scripts/user_data_windows_2016.ps1: -------------------------------------------------------------------------------- 1 | 2 | # Change Password 3 | $admin = [adsi]("WinNT://./administrator, user") 4 | $admin.PSBase.Invoke("SetPassword", "Nopass123") 5 | 6 | # Configure machine for ansible remoting 7 | [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 8 | $url = "https://raw.githubusercontent.com/ansible/ansible/devel/examples/scripts/ConfigureRemotingForAnsible.ps1" 9 | $file = "$env:temp\ConfigureRemotingForAnsible.ps1" 10 | Invoke-WebRequest -Uri $url -OutFile $file 11 | powershell.exe -ExecutionPolicy ByPass -File $file -EnableCredSSP 12 | 13 | Set-ItemProperty -Name LocalAccountTokenFilterPolicy -Path HKLM:\software\Microsoft\Windows\CurrentVersion\Policies\system -Value 1 14 | -------------------------------------------------------------------------------- /vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for psm 3 | --------------------------------------------------------------------------------