├── LICENSE.md
├── README.md
└── VpasModule
├── 14.4.1
├── README.md
├── VpasModule.psd1
├── VpasModule.psm1
├── private
│ ├── Debug-VPASTroubleshootingHelper.ps1
│ ├── Get-VPASAccountGroupIDHelper.ps1
│ ├── Get-VPASAccountIDHelper.ps1
│ ├── Get-VPASAccountRequestIDHelper.ps1
│ ├── Get-VPASActiveSessionIDHelper.ps1
│ ├── Get-VPASApplicationAuthIDHelper.ps1
│ ├── Get-VPASAuthenticationMethodIDHelper.ps1
│ ├── Get-VPASCMConnectorComponentIDHelper.ps1
│ ├── Get-VPASCMConnectorIDHelper.ps1
│ ├── Get-VPASCMConnectorPoolIDHelper.ps1
│ ├── Get-VPASCurrentEPVUserDetailsHelper.ps1
│ ├── Get-VPASDPAPolicyIDHelper.ps1
│ ├── Get-VPASDPAStrongAccountIDHelper.ps1
│ ├── Get-VPASDirectoryMappingIDHelper.ps1
│ ├── Get-VPASDiscoveredAccountIDHelper.ps1
│ ├── Get-VPASEPVGroupIDHelper.ps1
│ ├── Get-VPASEPVUserIDHelper.ps1
│ ├── Get-VPASGroupPlatformIDHelper.ps1
│ ├── Get-VPASIncomingRequestIDHelper.ps1
│ ├── Get-VPASPlatformIDHelper.ps1
│ ├── Get-VPASRecordingIDHelper.ps1
│ ├── Get-VPASRoleIDIdentityHelper.ps1
│ ├── Get-VPASRotationalPlatformIDHelper.ps1
│ ├── Get-VPASSecurityQuestionIDIdentityHelper.ps1
│ ├── Get-VPASSession.ps1
│ ├── Get-VPASUsagePlatformIDHelper.ps1
│ ├── Get-VPASUserIDIdentityHelper.ps1
│ ├── Test-VPASHashtableKeysHelper.ps1
│ ├── Write-Iterate.ps1
│ ├── Write-VPASExampleHelper.ps1
│ ├── Write-VPASExportCSV.ps1
│ ├── Write-VPASLogger.ps1
│ ├── Write-VPASTextRecorder.ps1
│ ├── Write-VPASTypewriter.ps1
│ └── vpasai.xml
└── public
│ ├── Add-VPASAccount.ps1
│ ├── Add-VPASAccountGroup.ps1
│ ├── Add-VPASAccountRequest.ps1
│ ├── Add-VPASAccountToAccountGroup.ps1
│ ├── Add-VPASAllowedIP.ps1
│ ├── Add-VPASAllowedReferrer.ps1
│ ├── Add-VPASApplication.ps1
│ ├── Add-VPASApplicationAuthentication.ps1
│ ├── Add-VPASAuthenticationMethod.ps1
│ ├── Add-VPASBulkAccounts.ps1
│ ├── Add-VPASBulkSafeMembers.ps1
│ ├── Add-VPASBulkSafes.ps1
│ ├── Add-VPASEPVGroup.ps1
│ ├── Add-VPASEPVUser.ps1
│ ├── Add-VPASIdentityRole.ps1
│ ├── Add-VPASIdentitySecurityQuestionAdmin.ps1
│ ├── Add-VPASIdentityUserSecurityQuestions.ps1
│ ├── Add-VPASMemberEPVGroup.ps1
│ ├── Add-VPASSafe.ps1
│ ├── Add-VPASSafeMember.ps1
│ ├── Approve-VPASIncomingRequest.ps1
│ ├── Confirm-VPASBulkFile.ps1
│ ├── Copy-VPASGroupPlatform.ps1
│ ├── Copy-VPASPlatform.ps1
│ ├── Copy-VPASRotationalPlatform.ps1
│ ├── Copy-VPASUsagePlatform.ps1
│ ├── Deny-VPASIncomingRequest.ps1
│ ├── Disable-VPASCustomTheme.ps1
│ ├── Disable-VPASEPVUser.ps1
│ ├── Disable-VPASGroupPlatform.ps1
│ ├── Disable-VPASPlatform.ps1
│ ├── Disable-VPASRotationalPlatform.ps1
│ ├── Enable-VPASCustomTheme.ps1
│ ├── Enable-VPASEPVUser.ps1
│ ├── Enable-VPASGroupPlatform.ps1
│ ├── Enable-VPASPlatform.ps1
│ ├── Enable-VPASRotationalPlatform.ps1
│ ├── Export-VPASPlatform.ps1
│ ├── Find-VPASTargetValue.ps1
│ ├── Get-VPASAccountActivity.ps1
│ ├── Get-VPASAccountCompliance.ps1
│ ├── Get-VPASAccountDetails.ps1
│ ├── Get-VPASAccountDetailsExtended.ps1
│ ├── Get-VPASAccountGroupMembers.ps1
│ ├── Get-VPASAccountGroups.ps1
│ ├── Get-VPASAccountPrivateSSHKey.ps1
│ ├── Get-VPASAccountRequestDetails.ps1
│ ├── Get-VPASActiveSessionActivities.ps1
│ ├── Get-VPASActiveSessionProperties.ps1
│ ├── Get-VPASActiveSessions.ps1
│ ├── Get-VPASAllAccountRequests.ps1
│ ├── Get-VPASAllAccounts.ps1
│ ├── Get-VPASAllActiveSessions.ps1
│ ├── Get-VPASAllApplications.ps1
│ ├── Get-VPASAllConnectionComponents.ps1
│ ├── Get-VPASAllCustomThemes.ps1
│ ├── Get-VPASAllDirectories.ps1
│ ├── Get-VPASAllDiscoveredAccounts.ps1
│ ├── Get-VPASAllEPVGroups.ps1
│ ├── Get-VPASAllEPVUsers.ps1
│ ├── Get-VPASAllGroupPlatforms.ps1
│ ├── Get-VPASAllIncomingRequests.ps1
│ ├── Get-VPASAllPSMServers.ps1
│ ├── Get-VPASAllPSMSessions.ps1
│ ├── Get-VPASAllPlatforms.ps1
│ ├── Get-VPASAllRotationalPlatforms.ps1
│ ├── Get-VPASAllSafes.ps1
│ ├── Get-VPASAllTargetPlatforms.ps1
│ ├── Get-VPASAllUsagePlatforms.ps1
│ ├── Get-VPASAllowedIPs.ps1
│ ├── Get-VPASAllowedReferrer.ps1
│ ├── Get-VPASApplicationAuthentications.ps1
│ ├── Get-VPASApplicationDetails.ps1
│ ├── Get-VPASAuthenticationMethods.ps1
│ ├── Get-VPASBulkTemplateFiles.ps1
│ ├── Get-VPASCMAllComponents.ps1
│ ├── Get-VPASCMAllConnectorComponents.ps1
│ ├── Get-VPASCMAllConnectorPools.ps1
│ ├── Get-VPASCMAllConnectors.ps1
│ ├── Get-VPASCMComponentLogList.ps1
│ ├── Get-VPASCMComponentLogs.ps1
│ ├── Get-VPASCMConnectorComponentDetails.ps1
│ ├── Get-VPASCMConnectorDetails.ps1
│ ├── Get-VPASCMConnectorPoolDetails.ps1
│ ├── Get-VPASCMConnectors.ps1
│ ├── Get-VPASCurrentCustomTheme.ps1
│ ├── Get-VPASCurrentEPVUserDetails.ps1
│ ├── Get-VPASCustomTheme.ps1
│ ├── Get-VPASDPAAllPolicies.ps1
│ ├── Get-VPASDPAAllStrongAccountSets.ps1
│ ├── Get-VPASDPAAllStrongAccounts.ps1
│ ├── Get-VPASDPAPolicies.ps1
│ ├── Get-VPASDPAPolicyDetails.ps1
│ ├── Get-VPASDPASettings.ps1
│ ├── Get-VPASDPAStrongAccountDetails.ps1
│ ├── Get-VPASDPAStrongAccounts.ps1
│ ├── Get-VPASDirectoryDetails.ps1
│ ├── Get-VPASDirectoryMappingDetails.ps1
│ ├── Get-VPASDirectoryMappings.ps1
│ ├── Get-VPASDiscoveredAccounts.ps1
│ ├── Get-VPASDiscoveredAccountsDependencies.ps1
│ ├── Get-VPASEPVGroupDetails.ps1
│ ├── Get-VPASEPVUserDetails.ps1
│ ├── Get-VPASEPVUserDetailsSearch.ps1
│ ├── Get-VPASEPVUserTypes.ps1
│ ├── Get-VPASEmptyPlatforms.ps1
│ ├── Get-VPASEmptySafes.ps1
│ ├── Get-VPASGroupPlatformDetails.ps1
│ ├── Get-VPASIdentityAdminSecurityQuestion.ps1
│ ├── Get-VPASIdentityAllAdminSecurityQuestions.ps1
│ ├── Get-VPASIdentityAllRoles.ps1
│ ├── Get-VPASIdentityAllUsers.ps1
│ ├── Get-VPASIdentityCurrentUserDetails.ps1
│ ├── Get-VPASIdentityCurrentUserSecurityQuestions.ps1
│ ├── Get-VPASIdentityRoleDetails.ps1
│ ├── Get-VPASIdentityRoles.ps1
│ ├── Get-VPASIdentityTenantDetails.ps1
│ ├── Get-VPASIdentityUserDetails.ps1
│ ├── Get-VPASIdentityUserSecurityQuestions.ps1
│ ├── Get-VPASIncomingRequestDetails.ps1
│ ├── Get-VPASPSMSessionActivities.ps1
│ ├── Get-VPASPSMSessionDetails.ps1
│ ├── Get-VPASPSMSessionProperties.ps1
│ ├── Get-VPASPSMSessions.ps1
│ ├── Get-VPASPSMSettingsByPlatformID.ps1
│ ├── Get-VPASPasswordHistory.ps1
│ ├── Get-VPASPasswordValue.ps1
│ ├── Get-VPASPlatformDetails.ps1
│ ├── Get-VPASPlatformDetailsSearch.ps1
│ ├── Get-VPASRotationalPlatformDetails.ps1
│ ├── Get-VPASSQLAccounts.ps1
│ ├── Get-VPASSQLPlatforms.ps1
│ ├── Get-VPASSQLSafes.ps1
│ ├── Get-VPASSafeDetails.ps1
│ ├── Get-VPASSafeMemberSearch.ps1
│ ├── Get-VPASSafeMembers.ps1
│ ├── Get-VPASSafes.ps1
│ ├── Get-VPASSafesByPlatformID.ps1
│ ├── Get-VPASSearchProperties.ps1
│ ├── Get-VPASSpecificAuthenticationMethod.ps1
│ ├── Get-VPASSystemComponents.ps1
│ ├── Get-VPASSystemHealth.ps1
│ ├── Get-VPASUsagePlatformDetails.ps1
│ ├── Get-VPASVaultDetails.ps1
│ ├── Get-VPASVaultVersion.ps1
│ ├── Import-VPASConnectionComponent.ps1
│ ├── Import-VPASPlatform.ps1
│ ├── Invoke-VPASAccountPasswordAction.ps1
│ ├── Invoke-VPASActivePSMSessionAction.ps1
│ ├── Invoke-VPASAuditSafeTest.ps1
│ ├── Invoke-VPASCentralCredentialProvider.ps1
│ ├── Invoke-VPASCredentialProvider.ps1
│ ├── Invoke-VPASHealthCheck.ps1
│ ├── Invoke-VPASMetricsAccounts.ps1
│ ├── Invoke-VPASMetricsCPM.ps1
│ ├── Invoke-VPASMetricsPSM.ps1
│ ├── Invoke-VPASMetricsPlatforms.ps1
│ ├── Invoke-VPASMetricsProviders.ps1
│ ├── Invoke-VPASQuery.ps1
│ ├── Invoke-VPASReporting.ps1
│ ├── Invoke-VPASUserLicenseReport.ps1
│ ├── New-VPASDPASetupScript.ps1
│ ├── New-VPASIdentityGenerateUserPassword.ps1
│ ├── New-VPASPSMSession.ps1
│ ├── New-VPASToken.ps1
│ ├── Remove-VPASAccount.ps1
│ ├── Remove-VPASAccountFromAccountGroup.ps1
│ ├── Remove-VPASAccountRequest.ps1
│ ├── Remove-VPASAllDiscoveredAccounts.ps1
│ ├── Remove-VPASApplication.ps1
│ ├── Remove-VPASApplicationAuthentication.ps1
│ ├── Remove-VPASAuthenticationMethod.ps1
│ ├── Remove-VPASCustomTheme.ps1
│ ├── Remove-VPASDPAPolicy.ps1
│ ├── Remove-VPASDPAStrongAccount.ps1
│ ├── Remove-VPASDirectory.ps1
│ ├── Remove-VPASEPVGroup.ps1
│ ├── Remove-VPASEPVUser.ps1
│ ├── Remove-VPASGroupPlatform.ps1
│ ├── Remove-VPASIdentityAdminSecurityQuestion.ps1
│ ├── Remove-VPASIdentityRole.ps1
│ ├── Remove-VPASLinkedAccount.ps1
│ ├── Remove-VPASMemberEPVGroup.ps1
│ ├── Remove-VPASPlatform.ps1
│ ├── Remove-VPASRotationalPlatform.ps1
│ ├── Remove-VPASSafe.ps1
│ ├── Remove-VPASSafeMember.ps1
│ ├── Remove-VPASToken.ps1
│ ├── Remove-VPASUsagePlatform.ps1
│ ├── Reset-VPASEPVUserPassword.ps1
│ ├── Reset-VPASIdentityUserSecurityQuestions.ps1
│ ├── Set-VPASAuditSafeTest.ps1
│ ├── Set-VPASIdentityUserState.ps1
│ ├── Set-VPASIdentityUserStatus.ps1
│ ├── Set-VPASLinkedAccount.ps1
│ ├── Set-VPASSQLConnectionDetails.ps1
│ ├── Test-VPASIdentityUserLocked.ps1
│ ├── Test-VPASSQLConnectionDetails.ps1
│ ├── Unlock-VPASExclusiveAccount.ps1
│ ├── Update-VPASAccountFields.ps1
│ ├── Update-VPASAuthenticationMethod.ps1
│ ├── Update-VPASCustomThemeDraft.ps1
│ ├── Update-VPASEPVGroup.ps1
│ ├── Update-VPASEPVUser.ps1
│ ├── Update-VPASIdentityCurrentUserPassword.ps1
│ ├── Update-VPASIdentityRole.ps1
│ ├── Update-VPASPSMSettingsByPlatformID.ps1
│ ├── Update-VPASSafe.ps1
│ ├── Update-VPASSafeMember.ps1
│ ├── Watch-VPASActivePSMSession.ps1
│ └── Write-VPASOutput.ps1
├── CHANGELOG.md
├── LICENSE.md
└── README.md
/LICENSE.md:
--------------------------------------------------------------------------------
1 | MIT License
2 |
3 | Copyright (c) 2021 - 2025 Vadim Melamed
4 |
5 | Permission is hereby granted, free of charge, to any person obtaining a copy
6 | of this software and associated documentation files (the "Software"), to deal
7 | in the Software without restriction, including without limitation the rights
8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 |
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 |
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 |
2 | 
3 |
4 |
5 |
6 | A simplified PowerShell module to interact with CyberArk Web Services for Self Hosted, PrivilegeCloud Standard, and SharedServices (ISPSS) solutions as well as Identity/DPA/ConnectorManagement API suite
7 |
8 |
9 |
10 | Creator: Vadim Melamed
11 |
12 | Email: vpasmodule@gmail.com
13 |
14 |
15 |
16 |
17 | | PSGallery | CodeFactor |
18 | |---------------------------|---------------------------|
19 | | [![downloads][]][psgallery-site] | [![codefactor][]][codefactor-site]|
20 |
21 | [downloads]:https://img.shields.io/powershellgallery/dt/vpasmodule.svg?color=darkblue
22 | [psgallery-site]:https://www.powershellgallery.com/packages/VpasModule
23 | [codefactor-site]:https://www.codefactor.io/repository/github/vmelamed5/cyberark
24 | [codefactor]:https://www.codefactor.io/repository/github/vmelamed5/cyberark/badge
25 |
26 |
27 |
28 | ## Installation
29 |
30 | Install the module via [PowershellGallery](https://www.powershellgallery.com/packages/VpasModule/)
31 |
32 | ```powershell
33 | Install-Module VpasModule -scope CurrentUser
34 | ```
35 |
36 | ## Usage
37 |
38 | ```powershell
39 | # Step1) import vpasmodule
40 | Import-Module vpasmodule
41 |
42 | # Step2) Retrieve cyberark login token via New-VPASToken
43 | New-VPASToken -PVWA "MyPVWAServer.com" -AuthType cyberark
44 |
45 | # Step3) Run desired API calls
46 | $SafeDetails = Get-VPASSafes -searchQuery "TestSafe"
47 | $AllAccounts = Get-VPASAllAccounts
48 |
49 | # Step4: Invalidate cyberark login token via Remove-VPASToken
50 | Remove-VPASToken
51 | ```
52 |
53 | ## Supported Versions
54 | ```
55 | > v10.10 - SelfHosted
56 | > v11.X - SelfHosted
57 | > v12.X - SelfHosted
58 | > v13.X - SelfHosted + PrivilegeCloud
59 | > v14.X - SelfHosted + PrivilegeCloud + Identity
60 | ```
61 | ```
62 | > v14.4.1 (Current):
63 | - SelfHosted
64 | - PrivilegeCloudStandard
65 | - SharedServices (ISPSS)
66 | - Identity (WORK IN PROGRESS)
67 | - ConnectorManagement (WORK IN PROGRESS)
68 | - DynamicPrivilegedAccess (WORK IN PROGRESS)
69 | ```
70 |
71 | ## Documentation
72 | Find version specific README.md inside specific vpasmodule versions for more documentation on function syntax, examples, usages, etc.\
73 | \
74 | Please visit [VpasModule Website](https://vpasmodule.com/index.html) to stay up to date with any updates, changes, and various other features
75 |
76 |
--------------------------------------------------------------------------------
/VpasModule/14.4.1/VpasModule.psd1:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/vmelamed5/CyberArk/fc20089073dc83206b16c6754c5cd479809d2a62/VpasModule/14.4.1/VpasModule.psd1
--------------------------------------------------------------------------------
/VpasModule/14.4.1/VpasModule.psm1:
--------------------------------------------------------------------------------
1 | [CmdletBinding()]
2 | $ModuleRoot = Split-Path $MyInvocation.MyCommand.Path
3 | $folders = 'Classes', 'Includes', 'Internal', 'Private', 'Public', 'Bin'
4 | foreach ($folder in $folders)
5 | {
6 | $root = Join-Path -Path $PSScriptRoot -ChildPath $folder
7 | if (Test-Path -Path $root)
8 | {
9 | Write-Verbose -Message "Importing files from [$folder]..."
10 | $files = Get-ChildItem -Path $root -Filter '*.ps1' -Recurse |
11 | Where-Object Name -notlike '*.Tests.ps1'
12 | foreach ($file in $files)
13 | {
14 | Write-Verbose -Message "Dot sourcing [$($file.BaseName)]..."
15 | . $file.FullName
16 | }
17 | }
18 | }
19 | Write-Verbose -Message 'Exporting Public functions...'
20 | $functions = Get-ChildItem -Path "$PSScriptRoot\Public" -Filter '*.ps1'
21 | Export-ModuleMember -Function $functions.BaseName -alias *
--------------------------------------------------------------------------------
/VpasModule/14.4.1/private/Get-VPASCMConnectorComponentIDHelper.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .Synopsis
3 | GET CONNECTOR MANAGEMENT CONNECTOR COMPONENT ID
4 | CREATED BY: Vadim Melamed, EMAIL: vpasmodule@gmail.com
5 | .DESCRIPTION
6 | HELPER FUNCTION TO RETRIEVE CONNECTOR IDS FROM CONNECTOR MANAGEMENT
7 | #>
8 | function Get-VPASCMConnectorComponentIDHelper{
9 | [OutputType([bool],'System.Int32')]
10 | [CmdletBinding()]
11 | Param(
12 |
13 | [Parameter(Mandatory=$true,ValueFromPipelineByPropertyName=$true,Position=0)]
14 | [String]$SearchQuery,
15 |
16 | [Parameter(Mandatory=$true,ValueFromPipelineByPropertyName=$true,Position=1)]
17 | [String]$ConnectorID,
18 |
19 | [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true,Position=2)]
20 | [hashtable]$token
21 | )
22 |
23 | Begin{
24 | $tokenval,$sessionval,$PVWA,$Header,$ISPSS,$IdentityURL,$EnableTextRecorder,$AuditTimeStamp,$NoSSL,$VaultVersion,$HideWarnings,$AuthenticatedAs,$SubDomain,$EnableTroubleshooting = Get-VPASSession -token $token
25 | $CommandName = $MyInvocation.MyCommand.Name
26 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType COMMAND -Helper
27 | }
28 | Process{
29 | try{
30 | if($SubDomain -eq "N/A"){
31 | Write-VPASOutput -str "SelfHosted + PriviledgeCloud Standard solutions do not support this API Call, returning false" -type E
32 | $log = Write-VPASTextRecorder -inputval "SelfHosted + PrivilegeCloud Standard solutions do not support this API Call, returning false" -token $token -LogType MISC
33 | $log = Write-VPASTextRecorder -inputval $false -token $token -LogType RETURN
34 | return -1
35 | }
36 |
37 | Write-Verbose "CONSTRUCTING SEARCH STRING TO QUERY CONNECTOR MANAGEMENT"
38 | $log = Write-VPASTextRecorder -inputval "SEARCHING FOR: $SearchQuery" -token $token -LogType MISC -Helper
39 |
40 | write-verbose "MAKING API CALL TO CYBERARK"
41 | $uri = "https://$SubDomain.connectormanagement.cyberark.cloud/api/connectors/$ConnectorID/components"
42 | Write-Verbose "CONSTRUCTING URI: $uri"
43 |
44 | $log = Write-VPASTextRecorder -inputval $uri -token $token -LogType URI
45 | $log = Write-VPASTextRecorder -inputval "GET" -token $token -LogType METHOD
46 |
47 | if($sessionval){
48 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json" -WebSession $sessionval
49 | }
50 | else{
51 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json"
52 | }
53 | $log = Write-VPASTextRecorder -inputval $response -token $token -LogType RETURNARRAY
54 |
55 | $output = -1
56 | foreach($rec in $response.components){
57 | $recComponentID = $rec.componentId
58 | $recAcronym = $rec.acronym
59 |
60 | if($recAcronym -eq $SearchQuery){
61 | $output = $recComponentID
62 | Write-Verbose "FOUND $SearchQuery : TARGET ENTRY FOUND, RETURNING COMPONENT ID"
63 | $logoutput = $rec | ConvertTo-Json | ConvertFrom-Json
64 | $log = Write-VPASTextRecorder -inputval $logoutput -token $token -LogType RETURN -Helper
65 | return $output
66 | }
67 | Write-Verbose "FOUND $recComponentID : NOT TARGET ENTRY (SKIPPING)"
68 | }
69 | Write-Verbose "CAN NOT FIND TARGET ENTRY, RETURNING -1"
70 | $log = Write-VPASTextRecorder -inputval "CAN NOT FIND TARGET ENTRY" -token $token -LogType MISC -Helper
71 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC -Helper
72 | return $output
73 | }catch{
74 | $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR
75 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC
76 | Write-Verbose "FAILED TO RETRIEVE CONNECTOR MANAGEMENT CONNECTOR COMPONENTS"
77 | Write-VPASOutput -str $_ -type E
78 | return $false
79 | }
80 | }
81 | End{
82 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType DIVIDER
83 | }
84 | }
85 |
--------------------------------------------------------------------------------
/VpasModule/14.4.1/private/Get-VPASCMConnectorIDHelper.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .Synopsis
3 | GET CONNECTOR MANAGEMENT CONNECTOR ID
4 | CREATED BY: Vadim Melamed, EMAIL: vpasmodule@gmail.com
5 | .DESCRIPTION
6 | HELPER FUNCTION TO RETRIEVE CONNECTOR IDS FROM CONNECTOR MANAGEMENT
7 | #>
8 | function Get-VPASCMConnectorIDHelper{
9 | [OutputType([bool],'System.Int32')]
10 | [CmdletBinding()]
11 | Param(
12 |
13 | [Parameter(Mandatory=$true,ValueFromPipelineByPropertyName=$true,Position=0)]
14 | [String]$SearchQuery,
15 |
16 | [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true,Position=1)]
17 | [hashtable]$token
18 | )
19 |
20 | Begin{
21 | $tokenval,$sessionval,$PVWA,$Header,$ISPSS,$IdentityURL,$EnableTextRecorder,$AuditTimeStamp,$NoSSL,$VaultVersion,$HideWarnings,$AuthenticatedAs,$SubDomain,$EnableTroubleshooting = Get-VPASSession -token $token
22 | $CommandName = $MyInvocation.MyCommand.Name
23 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType COMMAND -Helper
24 | }
25 | Process{
26 | try{
27 | if($SubDomain -eq "N/A"){
28 | Write-VPASOutput -str "SelfHosted + PriviledgeCloud Standard solutions do not support this API Call, returning false" -type E
29 | $log = Write-VPASTextRecorder -inputval "SelfHosted + PrivilegeCloud Standard solutions do not support this API Call, returning false" -token $token -LogType MISC
30 | $log = Write-VPASTextRecorder -inputval $false -token $token -LogType RETURN
31 | return -1
32 | }
33 |
34 | Write-Verbose "CONSTRUCTING SEARCH STRING TO QUERY CONNECTOR MANAGEMENT"
35 | $log = Write-VPASTextRecorder -inputval "SEARCHING FOR: $SearchQuery" -token $token -LogType MISC -Helper
36 |
37 | write-verbose "MAKING API CALL TO CYBERARK"
38 | $uri = "https://$SubDomain.connectormanagement.cyberark.cloud/api/connectors"
39 | Write-Verbose "CONSTRUCTING URI: $uri"
40 |
41 | $log = Write-VPASTextRecorder -inputval $uri -token $token -LogType URI
42 | $log = Write-VPASTextRecorder -inputval "GET" -token $token -LogType METHOD
43 |
44 | if($sessionval){
45 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json" -WebSession $sessionval
46 | }
47 | else{
48 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json"
49 | }
50 | $log = Write-VPASTextRecorder -inputval $response -token $token -LogType RETURNARRAY
51 |
52 | $output = -1
53 | foreach($rec in $response.connectors){
54 | $recConnectorID = $rec.connectorId
55 | $recHostname = $rec.host.hostname
56 | $recPublicIP = $rec.host.publicIP
57 | $recPrivateIP = $rec.host.privateIp
58 |
59 | if($recHostname -eq $SearchQuery -or $recPublicIP -eq $SearchQuery -or $recPrivateIP -eq $SearchQuery){
60 | $output = $recConnectorID
61 | Write-Verbose "FOUND $SearchQuery : TARGET ENTRY FOUND, RETURNING CONNECTOR ID"
62 | $logoutput = $rec | ConvertTo-Json | ConvertFrom-Json
63 | $log = Write-VPASTextRecorder -inputval $logoutput -token $token -LogType RETURN -Helper
64 | return $output
65 | }
66 | Write-Verbose "FOUND $recConnectorID : NOT TARGET ENTRY (SKIPPING)"
67 | }
68 | Write-Verbose "CAN NOT FIND TARGET ENTRY, RETURNING -1"
69 | $log = Write-VPASTextRecorder -inputval "CAN NOT FIND TARGET ENTRY" -token $token -LogType MISC -Helper
70 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC -Helper
71 | return $output
72 | }catch{
73 | $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR
74 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC
75 | Write-Verbose "FAILED TO RETRIEVE CONNECTOR MANAGEMENT CONNECTORS"
76 | Write-VPASOutput -str $_ -type E
77 | return $false
78 | }
79 | }
80 | End{
81 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType DIVIDER
82 | }
83 | }
84 |
--------------------------------------------------------------------------------
/VpasModule/14.4.1/private/Get-VPASCMConnectorPoolIDHelper.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .Synopsis
3 | GET CONNECTOR MANAGEMENT CONNECTOR POOL ID
4 | CREATED BY: Vadim Melamed, EMAIL: vpasmodule@gmail.com
5 | .DESCRIPTION
6 | HELPER FUNCTION TO RETRIEVE CONNECTOR POOL IDS FROM CONNECTOR MANAGEMENT
7 | #>
8 | function Get-VPASCMConnectorPoolIDHelper{
9 | [OutputType([bool],'System.Int32')]
10 | [CmdletBinding()]
11 | Param(
12 |
13 | [Parameter(Mandatory=$true,ValueFromPipelineByPropertyName=$true,Position=0)]
14 | [String]$SearchQuery,
15 |
16 | [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true,Position=1)]
17 | [hashtable]$token
18 | )
19 |
20 | Begin{
21 | $tokenval,$sessionval,$PVWA,$Header,$ISPSS,$IdentityURL,$EnableTextRecorder,$AuditTimeStamp,$NoSSL,$VaultVersion,$HideWarnings,$AuthenticatedAs,$SubDomain,$EnableTroubleshooting = Get-VPASSession -token $token
22 | $CommandName = $MyInvocation.MyCommand.Name
23 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType COMMAND -Helper
24 | }
25 | Process{
26 | try{
27 | if($SubDomain -eq "N/A"){
28 | Write-VPASOutput -str "SelfHosted + PriviledgeCloud Standard solutions do not support this API Call, returning false" -type E
29 | $log = Write-VPASTextRecorder -inputval "SelfHosted + PrivilegeCloud Standard solutions do not support this API Call, returning false" -token $token -LogType MISC
30 | $log = Write-VPASTextRecorder -inputval $false -token $token -LogType RETURN
31 | return -1
32 | }
33 |
34 | Write-Verbose "CONSTRUCTING SEARCH STRING TO QUERY CONNECTOR MANAGEMENT"
35 | $log = Write-VPASTextRecorder -inputval "SEARCHING FOR: $SearchQuery" -token $token -LogType MISC -Helper
36 |
37 | write-verbose "MAKING API CALL TO CYBERARK"
38 | $uri = "https://$SubDomain.connectormanagement.cyberark.cloud/api/connector-pools"
39 | Write-Verbose "CONSTRUCTING URI: $uri"
40 |
41 | $log = Write-VPASTextRecorder -inputval $uri -token $token -LogType URI
42 | $log = Write-VPASTextRecorder -inputval "GET" -token $token -LogType METHOD
43 |
44 | if($sessionval){
45 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json" -WebSession $sessionval
46 | }
47 | else{
48 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json"
49 | }
50 | $log = Write-VPASTextRecorder -inputval $response -token $token -LogType RETURNARRAY
51 |
52 | $output = -1
53 | foreach($rec in $response.connectorPools){
54 | $recPoolID = $rec.poolId
55 | $recName = $rec.name
56 | $recDescription = $rec.description
57 |
58 | if($recName -eq $SearchQuery){
59 | $output = $recPoolID
60 | Write-Verbose "FOUND $SearchQuery : TARGET ENTRY FOUND, RETURNING CONNECTOR POOL ID"
61 | $logoutput = $rec | ConvertTo-Json | ConvertFrom-Json
62 | $log = Write-VPASTextRecorder -inputval $logoutput -token $token -LogType RETURN -Helper
63 | return $output
64 | }
65 | Write-Verbose "FOUND $recName : NOT TARGET ENTRY (SKIPPING)"
66 | }
67 | Write-Verbose "CAN NOT FIND TARGET ENTRY, RETURNING -1"
68 | $log = Write-VPASTextRecorder -inputval "CAN NOT FIND TARGET ENTRY" -token $token -LogType MISC -Helper
69 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC -Helper
70 | return $output
71 | }catch{
72 | $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR
73 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC
74 | Write-Verbose "FAILED TO RETRIEVE CONNECTOR MANAGEMENT CONNECTOR POOLS"
75 | Write-VPASOutput -str $_ -type E
76 | return $false
77 | }
78 | }
79 | End{
80 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType DIVIDER
81 | }
82 | }
83 |
--------------------------------------------------------------------------------
/VpasModule/14.4.1/private/Get-VPASCurrentEPVUserDetailsHelper.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .Synopsis
3 | GET CURRENT EPV USER DETAILS HELPER
4 | CREATED BY: Vadim Melamed, EMAIL: vpasmodule@gmail.com
5 | .DESCRIPTION
6 | HELPER FUNCTION TO RETRIEVE CURRENT DETAILS OF THE LOGGED IN USER
7 | #>
8 | function Get-VPASCurrentEPVUserDetailsHelper{
9 | [OutputType('System.String',[bool])]
10 | [CmdletBinding()]
11 | Param(
12 | [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true,Position=0)]
13 | [hashtable]$token,
14 |
15 | [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true,Position=1)]
16 | [String]$APIUsername
17 | )
18 |
19 | Begin{
20 | $tokenval,$sessionval,$PVWA,$Header,$ISPSS,$IdentityURL,$EnableTextRecorder,$AuditTimeStamp,$NoSSL,$VaultVersion,$HideWarnings,$AuthenticatedAs,$SubDomain,$EnableTroubleshooting = Get-VPASSession -token $token
21 | $CommandName = $MyInvocation.MyCommand.Name
22 | }
23 | Process{
24 | $returnType = $false
25 | Write-Verbose "SUCCESSFULLY PARSED PVWA VALUE"
26 | Write-Verbose "SUCCESSFULLY PARSED TOKEN VALUE"
27 |
28 | try{
29 | if(!$ISPSS){
30 | if($PVWA -match ".privilegecloud.cyberark."){
31 | Write-Verbose "STANDARD PRIVILEGE CLOUD TENANT, PARSING USERNAME FROM CREDENTIAL OBJECT"
32 | $returnType = "Standard"
33 | }
34 | else{
35 | if($NoSSL){
36 | Write-Verbose "NO SSL ENABLED, USING HTTP INSTEAD OF HTTPS"
37 | $uri = "http://$PVWA/PasswordVault/WebServices/PIMServices.svc/User"
38 | }
39 | else{
40 | Write-Verbose "SSL ENABLED BY DEFAULT, USING HTTPS"
41 | $uri = "https://$PVWA/PasswordVault/WebServices/PIMServices.svc/User"
42 | }
43 | $returnType = "SelfHosted"
44 | }
45 | }
46 | else{
47 | if($NoSSL){
48 | Write-Verbose "NO SSL ENABLED, USING HTTP INSTEAD OF HTTPS"
49 | $uri = "http://$IdentityURL/Security/WhoAmI"
50 | $returnType = "ISPSS"
51 | }
52 | else{
53 | Write-Verbose "SSL ENABLED BY DEFAULT, USING HTTPS"
54 | $uri = "https://$IdentityURL/Security/WhoAmI"
55 | $returnType = "ISPSS"
56 | }
57 | }
58 |
59 | if($returnType -ne "Standard"){
60 | Write-Verbose "MAKING API CALL TO CYBERARK"
61 |
62 | if($sessionval){
63 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json" -WebSession $sessionval
64 | }
65 | else{
66 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json"
67 | }
68 |
69 | Write-Verbose "SUCCESSFULLY RETRIEVED DETAILS FOR CURRENT USER"
70 | Write-Verbose "RETURNING USERNAME OBJECT"
71 | if($returnType -eq "SelfHosted"){
72 | return $response.UserName
73 | }
74 | elseif($returnType -eq "ISPSS"){
75 | return $response.Result.User
76 | }
77 | }
78 | else{
79 | Write-Verbose "RETURNING USERNAME OBJECT"
80 | return $APIUsername
81 | }
82 | }catch{
83 | Write-Verbose "UNABLE TO RETRIEVE DETAILS FOR CURRENT EPV USER"
84 | Write-VPASOutput -str $_ -type E
85 | return $false
86 | }
87 | }
88 | End{
89 |
90 | }
91 | }
92 |
--------------------------------------------------------------------------------
/VpasModule/14.4.1/private/Get-VPASDPAPolicyIDHelper.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .Synopsis
3 | GET DPA POLICY ID
4 | CREATED BY: Vadim Melamed, EMAIL: vpasmodule@gmail.com
5 | .DESCRIPTION
6 | HELPER FUNCTION TO RETRIEVE POLICY IDS FROM DPA
7 | #>
8 | function Get-VPASDPAPolicyIDHelper{
9 | [OutputType([bool],'System.Int32')]
10 | [CmdletBinding()]
11 | Param(
12 |
13 | [Parameter(Mandatory=$true,ValueFromPipelineByPropertyName=$true,Position=0)]
14 | [String]$SearchQuery,
15 |
16 | [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true,Position=1)]
17 | [hashtable]$token
18 | )
19 |
20 | Begin{
21 | $tokenval,$sessionval,$PVWA,$Header,$ISPSS,$IdentityURL,$EnableTextRecorder,$AuditTimeStamp,$NoSSL,$VaultVersion,$HideWarnings,$AuthenticatedAs,$SubDomain,$EnableTroubleshooting = Get-VPASSession -token $token
22 | $CommandName = $MyInvocation.MyCommand.Name
23 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType COMMAND -Helper
24 | }
25 | Process{
26 | try{
27 | if($SubDomain -eq "N/A"){
28 | Write-VPASOutput -str "SelfHosted + PriviledgeCloud Standard solutions do not support this API Call, returning false" -type E
29 | $log = Write-VPASTextRecorder -inputval "SelfHosted + PrivilegeCloud Standard solutions do not support this API Call, returning false" -token $token -LogType MISC
30 | $log = Write-VPASTextRecorder -inputval $false -token $token -LogType RETURN
31 | return -1
32 | }
33 |
34 | Write-Verbose "CONSTRUCTING SEARCH STRING TO QUERY DPA"
35 | $log = Write-VPASTextRecorder -inputval "SEARCHING FOR: $SearchQuery" -token $token -LogType MISC -Helper
36 |
37 | $apiLimit = 1000
38 | write-verbose "MAKING API CALL TO CYBERARK"
39 | $uri = "https://$SubDomain.dpa.cyberark.cloud/api/access-policies?limit=$apiLimit"
40 | Write-Verbose "CONSTRUCTING URI: $uri"
41 |
42 | $log = Write-VPASTextRecorder -inputval $uri -token $token -LogType URI
43 | $log = Write-VPASTextRecorder -inputval "GET" -token $token -LogType METHOD
44 |
45 | if($sessionval){
46 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json" -WebSession $sessionval
47 | }
48 | else{
49 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json"
50 | }
51 | $log = Write-VPASTextRecorder -inputval $response -token $token -LogType RETURNARRAY
52 |
53 | $curcount = $response.TotalCount
54 | $curcount = $curcount - $apiLimit
55 | $curItems = $response.items
56 | $curOffset = 0
57 | while($curcount -gt 0){
58 | $curOffset += $apiLimit
59 | $uri = "https://$SubDomain.dpa.cyberark.cloud/api/access-policies?limit=$apiLimit&offset=$curOffset"
60 | Write-Verbose "SETTING URI: $uri"
61 |
62 | $log = Write-VPASTextRecorder -inputval $uri -token $token -LogType URI
63 | $log = Write-VPASTextRecorder -inputval "GET" -token $token -LogType METHOD
64 | write-verbose "MAKING API CALL TO CYBERARK"
65 |
66 | if($sessionval){
67 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json" -WebSession $sessionval
68 | }
69 | else{
70 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json"
71 | }
72 | $log = Write-VPASTextRecorder -inputval $response -token $token -LogType RETURNARRAY
73 |
74 | $curcount = $curcount - $apiLimit
75 | $curItems += $response.items
76 | }
77 | $response.items = $curItems
78 |
79 | $output = -1
80 | foreach($rec in $response.items){
81 | $recPolicyID = $rec.policyId
82 | $recPolicyName = $rec.policyName
83 |
84 | if($recPolicyName -eq $SearchQuery){
85 | $output = $recPolicyID
86 | Write-Verbose "FOUND $SearchQuery : TARGET ENTRY FOUND, RETURNING POLICY ID"
87 | $logoutput = $rec | ConvertTo-Json | ConvertFrom-Json
88 | $log = Write-VPASTextRecorder -inputval $logoutput -token $token -LogType RETURN -Helper
89 | return $output
90 | }
91 | Write-Verbose "FOUND $recPolicyName : NOT TARGET ENTRY (SKIPPING)"
92 | }
93 | Write-Verbose "CAN NOT FIND TARGET ENTRY, RETURNING -1"
94 | $log = Write-VPASTextRecorder -inputval "CAN NOT FIND TARGET ENTRY" -token $token -LogType MISC -Helper
95 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC -Helper
96 | return $output
97 | }catch{
98 | $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR
99 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC
100 | Write-Verbose "FAILED TO RETRIEVE DPA POLICIES"
101 | Write-VPASOutput -str $_ -type E
102 | return $false
103 | }
104 | }
105 | End{
106 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType DIVIDER
107 | }
108 | }
109 |
--------------------------------------------------------------------------------
/VpasModule/14.4.1/private/Get-VPASDPAStrongAccountIDHelper.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .Synopsis
3 | GET DPA STRONG ACCOUNT ID
4 | CREATED BY: Vadim Melamed, EMAIL: vpasmodule@gmail.com
5 | .DESCRIPTION
6 | HELPER FUNCTION TO RETRIEVE POLICY IDS FROM DPA
7 | #>
8 | function Get-VPASDPAStrongAccountIDHelper{
9 | [OutputType([bool],'System.Int32')]
10 | [CmdletBinding()]
11 | Param(
12 |
13 | [Parameter(Mandatory=$true,ValueFromPipelineByPropertyName=$true,Position=0)]
14 | [String]$SearchQuery,
15 |
16 | [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true,Position=1)]
17 | [hashtable]$token
18 | )
19 |
20 | Begin{
21 | $tokenval,$sessionval,$PVWA,$Header,$ISPSS,$IdentityURL,$EnableTextRecorder,$AuditTimeStamp,$NoSSL,$VaultVersion,$HideWarnings,$AuthenticatedAs,$SubDomain,$EnableTroubleshooting = Get-VPASSession -token $token
22 | $CommandName = $MyInvocation.MyCommand.Name
23 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType COMMAND -Helper
24 | }
25 | Process{
26 | try{
27 | if($SubDomain -eq "N/A"){
28 | Write-VPASOutput -str "SelfHosted + PriviledgeCloud Standard solutions do not support this API Call, returning false" -type E
29 | $log = Write-VPASTextRecorder -inputval "SelfHosted + PrivilegeCloud Standard solutions do not support this API Call, returning false" -token $token -LogType MISC
30 | $log = Write-VPASTextRecorder -inputval $false -token $token -LogType RETURN
31 | return -1
32 | }
33 |
34 | Write-Verbose "CONSTRUCTING SEARCH STRING TO QUERY DPA"
35 | $log = Write-VPASTextRecorder -inputval "SEARCHING FOR: $SearchQuery" -token $token -LogType MISC -Helper
36 |
37 | write-verbose "MAKING API CALL TO CYBERARK"
38 | $uri = "https://$SubDomain.dpa.cyberark.cloud/api/secrets/public/v1"
39 | Write-Verbose "CONSTRUCTING URI: $uri"
40 |
41 | $log = Write-VPASTextRecorder -inputval $uri -token $token -LogType URI
42 | $log = Write-VPASTextRecorder -inputval "GET" -token $token -LogType METHOD
43 |
44 | if($sessionval){
45 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json" -WebSession $sessionval
46 | }
47 | else{
48 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json"
49 | }
50 | $log = Write-VPASTextRecorder -inputval $response -token $token -LogType RETURNARRAY
51 |
52 | $output = -1
53 | foreach($rec in $response){
54 | $recID = $rec.secret_id
55 | $recName = $rec.secret_name
56 |
57 | if($recName -eq $SearchQuery){
58 | $output = $recID
59 | Write-Verbose "FOUND $SearchQuery : TARGET ENTRY FOUND, RETURNING STRONG ACCOUNT ID"
60 | $logoutput = $rec | ConvertTo-Json | ConvertFrom-Json
61 | $log = Write-VPASTextRecorder -inputval $logoutput -token $token -LogType RETURN -Helper
62 | return $output
63 | }
64 | Write-Verbose "FOUND $recName : NOT TARGET ENTRY (SKIPPING)"
65 | }
66 | Write-Verbose "CAN NOT FIND TARGET ENTRY, RETURNING -1"
67 | $log = Write-VPASTextRecorder -inputval "CAN NOT FIND TARGET ENTRY" -token $token -LogType MISC -Helper
68 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC -Helper
69 | return $output
70 | }catch{
71 | $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR
72 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC
73 | Write-Verbose "FAILED TO RETRIEVE DPA STRONG ACCOUNTS"
74 | Write-VPASOutput -str $_ -type E
75 | return $false
76 | }
77 | }
78 | End{
79 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType DIVIDER
80 | }
81 | }
82 |
--------------------------------------------------------------------------------
/VpasModule/14.4.1/private/Get-VPASDirectoryMappingIDHelper.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .Synopsis
3 | Get directory mapping ID
4 | CREATED BY: Vadim Melamed, EMAIL: vpasmodule@gmail.com
5 | .DESCRIPTION
6 | Helper function to retrieve directory mapping IDs from CyberArk
7 | #>
8 | function Get-VPASDirectoryMappingIDHelper{
9 | [OutputType([String],'System.Int32')]
10 | [CmdletBinding()]
11 | Param(
12 |
13 | [Parameter(Mandatory=$true,ValueFromPipelineByPropertyName=$true,Position=0)]
14 | [String]$DomainName,
15 |
16 | [Parameter(Mandatory=$true,ValueFromPipelineByPropertyName=$true,Position=1)]
17 | [String]$DirectoryMappingSearch,
18 |
19 | [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true,Position=2)]
20 | [hashtable]$token
21 | )
22 |
23 | Begin{
24 | $tokenval,$sessionval,$PVWA,$Header,$ISPSS,$IdentityURL,$EnableTextRecorder,$AuditTimeStamp,$NoSSL,$VaultVersion,$HideWarnings,$AuthenticatedAs,$SubDomain,$EnableTroubleshooting = Get-VPASSession -token $token
25 | $CommandName = $MyInvocation.MyCommand.Name
26 | $log = Write-VPASTextRecorder -inputval "Get-VPASDirectoryMappingIDHelper" -token $token -LogType COMMAND -Helper
27 | }
28 | Process{
29 | try{
30 | Write-Verbose "CONSTRUCTING SEARCH STRING TO QUERY CYBERARK"
31 | $searchQuery = "$DirectoryMappingSearch"
32 | $log = Write-VPASTextRecorder -inputval "SEARCHING FOR: $searchQuery" -token $token -LogType MISC -Helper
33 |
34 | if($NoSSL){
35 | Write-Verbose "NO SSL ENABLED, USING HTTP INSTEAD OF HTTPS"
36 | $uri = "http://$PVWA/PasswordVault/API/Configuration/LDAP/Directories/$DomainName/Mappings"
37 | }
38 | else{
39 | Write-Verbose "SSL ENABLED BY DEFAULT, USING HTTPS"
40 | $uri = "https://$PVWA/PasswordVault/API/Configuration/LDAP/Directories/$DomainName/Mappings"
41 | }
42 | write-verbose "MAKING API CALL"
43 | $log = Write-VPASTextRecorder -inputval $uri -token $token -LogType URI -Helper
44 | $log = Write-VPASTextRecorder -inputval "GET" -token $token -LogType METHOD -Helper
45 |
46 | if($sessionval){
47 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json" -WebSession $sessionval
48 | }
49 | else{
50 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json"
51 | }
52 |
53 | $counter = $response.Count
54 | Write-Verbose "FOUND $counter MAPPING IDS UNDER $DomainName...LOOKING FOR TARGET MAPPING ID: $searchQuery"
55 |
56 | $output = -1
57 | foreach($rec in $response){
58 | $recMappingName = $rec.MappingName
59 | $recMappingID = $rec.MappingID
60 |
61 | if($recMappingName -match $searchQuery){
62 | if($output -eq -1){
63 | $output = [int]$recMappingID
64 | $outputlog = $rec | ConvertTo-Json | ConvertFrom-Json
65 | }
66 | else{
67 | Write-Verbose "FOUND MULTIPLE TARGET ENTRIES, USE MORE SEARCH PARAMETES...RETURNING -2"
68 | $output = -2
69 | $log = Write-VPASTextRecorder -inputval "MULTIPLE TARGET ENTRIES WERE RETURNED, ADD MORE TO NAME TO NARROW RESULTS" -token $token -LogType MISC -Helper
70 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC -Helper
71 | return $output
72 | }
73 | }
74 | else{
75 | Write-Verbose "FOUND $recMappingName : NOT TARGET ENTRY (SKIPPING)"
76 | }
77 |
78 | }
79 |
80 | if($output -ne -1){
81 | Write-Verbose "FOUND MATCHING DIRECTORY MAPPING ID...RETURNING DIRECTORY MAPPING ID"
82 | $log = Write-VPASTextRecorder -inputval $outputlog -token $token -LogType RETURN -Helper
83 | return $output
84 | }
85 | else{
86 | Write-Verbose "CAN NOT FIND TARGET ENTRY, RETURNING -1"
87 | $log = Write-VPASTextRecorder -inputval "CAN NOT FIND TARGET ENTRY" -token $token -LogType MISC -Helper
88 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC -Helper
89 | return $output
90 | }
91 | }catch{
92 | Write-Verbose "UNABLE TO QUERY CYBERARK"
93 | Write-VPASOutput -str $_ -type E
94 | $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR -Helper
95 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC -Helper
96 | }
97 | }
98 | End{
99 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType DIVIDER -Helper
100 | }
101 | }
--------------------------------------------------------------------------------
/VpasModule/14.4.1/private/Get-VPASDiscoveredAccountIDHelper.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .Synopsis
3 | Get discovered account ID
4 | CREATED BY: Vadim Melamed, EMAIL: vpasmodule@gmail.com
5 | .DESCRIPTION
6 | Helper function to retrieve discovered account IDs from CyberArk
7 | #>
8 | function Get-VPASDiscoveredAccountIDHelper{
9 | [OutputType([String])]
10 | [CmdletBinding()]
11 | Param(
12 |
13 | [Parameter(ValueFromPipelineByPropertyName=$true,Position=0)]
14 | [String]$SearchQuery,
15 |
16 | [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true,Position=1)]
17 | [hashtable]$token
18 | )
19 |
20 | Begin{
21 | $tokenval,$sessionval,$PVWA,$Header,$ISPSS,$IdentityURL,$EnableTextRecorder,$AuditTimeStamp,$NoSSL,$VaultVersion,$HideWarnings,$AuthenticatedAs,$SubDomain,$EnableTroubleshooting = Get-VPASSession -token $token
22 | $CommandName = $MyInvocation.MyCommand.Name
23 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType COMMAND -Helper
24 | }
25 | Process{
26 | try{
27 | Write-Verbose "CONSTRUCTING SEARCH STRING TO QUERY CYBERARK"
28 |
29 | if($NoSSL){
30 | Write-Verbose "NO SSL ENABLED, USING HTTP INSTEAD OF HTTPS"
31 | $uri = "http://$PVWA/passwordvault/api/DiscoveredAccounts?search=$SearchQuery"
32 | }
33 | else{
34 | Write-Verbose "SSL ENABLED BY DEFAULT, USING HTTPS"
35 | $uri = "https://$PVWA/passwordvault/api/DiscoveredAccounts?search=$SearchQuery"
36 | }
37 | write-verbose "MAKING API CALL"
38 | $log = Write-VPASTextRecorder -inputval $uri -token $token -LogType URI -Helper
39 | $log = Write-VPASTextRecorder -inputval "GET" -token $token -LogType METHOD -Helper
40 |
41 | if($sessionval){
42 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json" -WebSession $sessionval
43 | }
44 | else{
45 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json"
46 | }
47 |
48 | $counter = $response.Count
49 | Write-Verbose "FOUND $counter DISCOVERED ACCOUNTS...LOOKING FOR TARGET DISCOVERED ACCOUNT: $searchQuery"
50 |
51 | $output = -1
52 | $outputarr = @()
53 | foreach($rec in $response.value){
54 | $recid = $rec.ID
55 | $recusername = $rec.userName
56 | $recname = $rec.Name
57 |
58 | if($recusername -match $SearchQuery -or $recname -match $SearchQuery){
59 | $output = $recid
60 | $outputarr += $recid
61 | Write-Verbose "FOUND $recusername : TARGET ENTRY FOUND, ADDING TO RETURN ARRAY"
62 | }
63 | else{
64 | Write-Verbose "FOUND $recusername : NOT TARGET ENTRY (SKIPPING)"
65 | }
66 | }
67 |
68 | if($output -eq -1){
69 | Write-Verbose "CAN NOT FIND TARGET ENTRY, RETURNING -1"
70 | $log = Write-VPASTextRecorder -inputval "CAN NOT FIND TARGET ENTRY" -token $token -LogType MISC -Helper
71 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC -Helper
72 | return $output
73 | }
74 | else{
75 | $log = Write-VPASTextRecorder -inputval $outputarr -token $token -LogType RETURN -Helper
76 | return $outputarr
77 | }
78 | }catch{
79 | Write-Verbose "UNABLE TO QUERY CYBERARK"
80 | Write-VPASOutput -str $_ -type E
81 | $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR -Helper
82 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC -Helper
83 | }
84 | }
85 | End{
86 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType DIVIDER -Helper
87 | }
88 | }
89 |
--------------------------------------------------------------------------------
/VpasModule/14.4.1/private/Get-VPASEPVGroupIDHelper.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .Synopsis
3 | Get group ID
4 | CREATED BY: Vadim Melamed, EMAIL: vpasmodule@gmail.com
5 | .DESCRIPTION
6 | Helper function to retrieve group IDs from CyberArk
7 | #>
8 | function Get-VPASEPVGroupIDHelper{
9 | [OutputType([String],'System.Int32')]
10 | [CmdletBinding()]
11 | Param(
12 |
13 | [Parameter(ValueFromPipelineByPropertyName=$true,Position=0)]
14 | [String]$GroupName,
15 |
16 | [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true,Position=1)]
17 | [hashtable]$token
18 | )
19 |
20 | Begin{
21 | $tokenval,$sessionval,$PVWA,$Header,$ISPSS,$IdentityURL,$EnableTextRecorder,$AuditTimeStamp,$NoSSL,$VaultVersion,$HideWarnings,$AuthenticatedAs,$SubDomain,$EnableTroubleshooting = Get-VPASSession -token $token
22 | $CommandName = $MyInvocation.MyCommand.Name
23 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType COMMAND -Helper
24 | }
25 | Process{
26 | try{
27 | Write-Verbose "CONSTRUCTING SEARCH STRING TO QUERY CYBERARK"
28 | $searchQuery = "$GroupName"
29 | $log = Write-VPASTextRecorder -inputval "HELPER FUNCTION SEARCH QUERY: $searchQuery" -token $token -LogType MISC -Helper
30 |
31 | if($NoSSL){
32 | Write-Verbose "NO SSL ENABLED, USING HTTP INSTEAD OF HTTPS"
33 | $uri = "http://$PVWA/PasswordVault/api/UserGroups?search=$searchQuery"
34 | }
35 | else{
36 | Write-Verbose "SSL ENABLED BY DEFAULT, USING HTTPS"
37 | $uri = "https://$PVWA/PasswordVault/api/UserGroups?search=$searchQuery"
38 | }
39 | write-verbose "MAKING API CALL"
40 | $log = Write-VPASTextRecorder -inputval $uri -token $token -LogType URI -Helper
41 | $log = Write-VPASTextRecorder -inputval "GET" -token $token -LogType METHOD -Helper
42 |
43 | if($sessionval){
44 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json" -WebSession $sessionval
45 | }
46 | else{
47 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json"
48 | }
49 |
50 | $counter = $response.Count
51 | if($counter -gt 1){
52 | #Write-VPASOutput -str "MULTIPLE ENTRIES FOUND, NARROWING DOWN RESULTS" -type M
53 | Write-Verbose "MULTIPLE GROUP ENTRIES WERE RETURNED, NARROWING DOWN RESULTS"
54 |
55 | $output = -1
56 | foreach($rec in $response.value){
57 | $recid = $rec.id
58 | $recgroupname = $rec.groupName
59 |
60 | if($recgroupname -eq $GroupName){
61 | $output = [int]$recid
62 | Write-verbose "FOUND $recgroupname : TARGET ENTRY FOUND. RETURNING ID"
63 | $outputlog = $rec | ConvertTo-Json | ConvertFrom-Json
64 | $log = Write-VPASTextRecorder -inputval $outputlog -token $token -LogType RETURN -Helper
65 | return $output
66 | }
67 | Write-Verbose "FOUND $recgroupname : NOT TARGET ENTRY (SKIPPING)"
68 | }
69 | write-verbose "CAN NOT FIND TARGET ENTRY, RETURNING -1"
70 | $log = Write-VPASTextRecorder -inputval "CAN NOT FIND TARGET ENTRY" -token $token -LogType MISC -Helper
71 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC -Helper
72 | return $output
73 | }
74 | elseif($counter -eq 0){
75 | Write-Verbose "NO GROUPS FOUND"
76 | Write-VPASOutput -str "NO GROUPS FOUND" -type E
77 | $log = Write-VPASTextRecorder -inputval "NO GROUPS FOUND" -token $token -LogType MISC -Helper
78 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC -Helper
79 | return -2
80 | }
81 | else{
82 | write-verbose "FOUND UNIQUE GROUP ID"
83 | Write-Verbose "RETURNING UNIQUE GROUP ID"
84 | $outputlog = $response.value | ConvertTo-Json | ConvertFrom-Json
85 | $log = Write-VPASTextRecorder -inputval $outputlog -token $token -LogType RETURN -Helper
86 | return $response.value.id
87 | }
88 | }catch{
89 | Write-Verbose "UNABLE TO QUERY CYBERARK"
90 | Write-VPASOutput -str $_ -type E
91 | $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR -Helper
92 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC -Helper
93 | }
94 | }
95 | End{
96 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType DIVIDER -Helper
97 | }
98 | }
99 |
--------------------------------------------------------------------------------
/VpasModule/14.4.1/private/Get-VPASEPVUserIDHelper.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .Synopsis
3 | Get user ID
4 | CREATED BY: Vadim Melamed, EMAIL: vpasmodule@gmail.com
5 | .DESCRIPTION
6 | Helper function to retrieve user IDs from CyberArk
7 | #>
8 | function Get-VPASEPVUserIDHelper{
9 | [OutputType([String],'System.Int32')]
10 | [CmdletBinding()]
11 | Param(
12 |
13 | [Parameter(ValueFromPipelineByPropertyName=$true,Position=0)]
14 | [String]$username,
15 |
16 | [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true,Position=1)]
17 | [hashtable]$token
18 | )
19 |
20 | Begin{
21 | $tokenval,$sessionval,$PVWA,$Header,$ISPSS,$IdentityURL,$EnableTextRecorder,$AuditTimeStamp,$NoSSL,$VaultVersion,$HideWarnings,$AuthenticatedAs,$SubDomain,$EnableTroubleshooting = Get-VPASSession -token $token
22 | $CommandName = $MyInvocation.MyCommand.Name
23 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType COMMAND -Helper
24 | }
25 | Process{
26 | try{
27 | Write-Verbose "CONSTRUCTING SEARCH STRING TO QUERY CYBERARK"
28 | $searchQuery = "$username"
29 | $log = Write-VPASTextRecorder -inputval "HELPER FUNCTION SEARCH QUERY: $searchQuery" -token $token -LogType MISC -Helper
30 |
31 | if($NoSSL){
32 | Write-Verbose "NO SSL ENABLED, USING HTTP INSTEAD OF HTTPS"
33 | $uri = "http://$PVWA/PasswordVault/api/Users?search=$searchQuery"
34 | }
35 | else{
36 | Write-Verbose "SSL ENABLED BY DEFAULT, USING HTTPS"
37 | $uri = "https://$PVWA/PasswordVault/api/Users?search=$searchQuery"
38 | }
39 | write-verbose "MAKING API CALL"
40 | $log = Write-VPASTextRecorder -inputval $uri -token $token -LogType URI -Helper
41 | $log = Write-VPASTextRecorder -inputval "GET" -token $token -LogType METHOD -Helper
42 |
43 | if($sessionval){
44 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json" -WebSession $sessionval
45 | }
46 | else{
47 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json"
48 | }
49 |
50 | $counter = $response.Total
51 | if($counter -gt 1){
52 | Write-Verbose "MULTIPLE ACCOUNT ENTRIES WERE RETURNED, NARROWING DOWN RESULTS"
53 |
54 | $output = -1
55 | foreach($rec in $response.Users){
56 | $recid = $rec.id
57 | $recusername = $rec.username
58 |
59 | if($recusername -eq $username){
60 | $output = [int]$recid
61 | Write-verbose "FOUND $recusername : TARGET ENTRY FOUND. RETURNING ID"
62 | $outputlog = $rec | ConvertTo-Json | ConvertFrom-Json
63 | $log = Write-VPASTextRecorder -inputval $outputlog -token $token -LogType RETURN -Helper
64 | return $output
65 | }
66 | Write-Verbose "FOUND $recusername : NOT TARGET ENTRY (SKIPPING)"
67 | }
68 | write-verbose "CAN NOT FIND TARGET ENTRY, RETURNING -1"
69 | $log = Write-VPASTextRecorder -inputval "CAN NOT FIND TARGET ENTRY" -token $token -LogType MISC -Helper
70 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC -Helper
71 | return $output
72 | }
73 | elseif($counter -eq 0){
74 | Write-Verbose "NO USERS FOUND"
75 | Write-VPASOutput -str "NO USERS FOUND" -type E
76 | $log = Write-VPASTextRecorder -inputval "NO USERS FOUND" -token $token -LogType MISC -Helper
77 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC -Helper
78 | return -2
79 | }
80 | else{
81 | write-verbose "FOUND UNIQUE USER ID"
82 | Write-Verbose "RETURNING UNIQUE USER ID"
83 | $outputlog = $response.Users | ConvertTo-Json | ConvertFrom-Json
84 | $log = Write-VPASTextRecorder -inputval $outputlog -token $token -LogType RETURN -Helper
85 | return $response.Users.id
86 | }
87 | }catch{
88 | Write-Verbose "UNABLE TO QUERY CYBERARK"
89 | Write-VPASOutput -str $_ -type E
90 | $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR -Helper
91 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC -Helper
92 | }
93 | }
94 | End{
95 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType DIVIDER -Helper
96 | }
97 | }
98 |
--------------------------------------------------------------------------------
/VpasModule/14.4.1/private/Get-VPASGroupPlatformIDHelper.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .Synopsis
3 | Get group platform ID
4 | CREATED BY: Vadim Melamed, EMAIL: vpasmodule@gmail.com
5 | .DESCRIPTION
6 | Helper function to retrieve group platform IDs from CyberArk
7 | #>
8 | function Get-VPASGroupPlatformIDHelper{
9 | [OutputType([String],'System.Int32')]
10 | [CmdletBinding()]
11 | Param(
12 |
13 | [Parameter(ValueFromPipelineByPropertyName=$true,Position=0)]
14 | [String]$groupplatformID,
15 |
16 | [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true,Position=1)]
17 | [hashtable]$token
18 | )
19 |
20 | Begin{
21 | $tokenval,$sessionval,$PVWA,$Header,$ISPSS,$IdentityURL,$EnableTextRecorder,$AuditTimeStamp,$NoSSL,$VaultVersion,$HideWarnings,$AuthenticatedAs,$SubDomain,$EnableTroubleshooting = Get-VPASSession -token $token
22 | $CommandName = $MyInvocation.MyCommand.Name
23 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType COMMAND -Helper
24 | }
25 | Process{
26 | try{
27 | $platformID = $groupplatformID
28 | Write-Verbose "CONSTRUCTING SEARCH STRING TO QUERY CYBERARK"
29 | $searchQuery = "$platformID"
30 | $log = Write-VPASTextRecorder -inputval "HELPER FUNCTION SEARCH QUERY: $searchQuery" -token $token -LogType MISC -Helper
31 |
32 | if($NoSSL){
33 | Write-Verbose "NO SSL ENABLED, USING HTTP INSTEAD OF HTTPS"
34 | $uri = "http://$PVWA/passwordvault/api/platforms/groups/"
35 | }
36 | else{
37 | Write-Verbose "SSL ENABLED BY DEFAULT, USING HTTPS"
38 | $uri = "https://$PVWA/passwordvault/api/platforms/groups/"
39 | }
40 | write-verbose "MAKING API CALL"
41 | $log = Write-VPASTextRecorder -inputval $uri -token $token -LogType URI -Helper
42 | $log = Write-VPASTextRecorder -inputval "GET" -token $token -LogType METHOD -Helper
43 |
44 | if($sessionval){
45 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json" -WebSession $sessionval
46 | }
47 | else{
48 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json"
49 | }
50 |
51 | $counter = $response.Total
52 | Write-Verbose "FOUND $counter GROUP PLATFORMS...LOOKING FOR TARGET GROUP PLATFORMID: $searchQuery"
53 |
54 | $output = -1
55 | foreach($rec in $response.Platforms){
56 | $recid = $rec.ID
57 | $recplatformid = $rec.PlatformID
58 | $recname = $rec.Name
59 |
60 | if($recplatformid -eq $platformID -or $recname -eq $platformID){
61 | $output = [int]$recid
62 | Write-Verbose "FOUND $platformID : TARGET ENTRY FOUND, RETURNING ID"
63 | $outputlog = $rec | ConvertTo-Json | ConvertFrom-Json
64 | $log = Write-VPASTextRecorder -inputval $outputlog -token $token -LogType RETURN -Helper
65 | return $output
66 | }
67 | Write-Verbose "FOUND $recplatformid : NOT TARGET ENTRY (SKIPPING)"
68 |
69 | }
70 | Write-Verbose "CAN NOT FIND TARGET ENTRY, RETURNING -1"
71 | $log = Write-VPASTextRecorder -inputval "CAN NOT FIND TARGET ENTRY" -token $token -LogType MISC -Helper
72 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC -Helper
73 | return $output
74 | }catch{
75 | Write-Verbose "UNABLE TO QUERY CYBERARK"
76 | Write-VPASOutput -str $_ -type E
77 | $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR -Helper
78 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC -Helper
79 | }
80 | }
81 | End{
82 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType DIVIDER -Helper
83 | }
84 | }
85 |
--------------------------------------------------------------------------------
/VpasModule/14.4.1/private/Get-VPASIncomingRequestIDHelper.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .Synopsis
3 | Get incoming request ID
4 | CREATED BY: Vadim Melamed, EMAIL: vpasmodule@gmail.com
5 | .DESCRIPTION
6 | Helper function to retrieve incoming request IDs from CyberArk
7 | #>
8 | function Get-VPASIncomingRequestIDHelper{
9 | [OutputType([String[]],[bool])]
10 | [CmdletBinding()]
11 | Param(
12 |
13 | [Parameter(ValueFromPipelineByPropertyName=$true,Position=0)]
14 | [String]$AcctID,
15 |
16 | [Parameter(ValueFromPipelineByPropertyName=$true,Position=1)]
17 | [String]$Safe,
18 |
19 | [Parameter(ValueFromPipelineByPropertyName=$true,Position=2)]
20 | [String]$Platform,
21 |
22 | [Parameter(ValueFromPipelineByPropertyName=$true,Position=3)]
23 | [String]$Username,
24 |
25 | [Parameter(ValueFromPipelineByPropertyName=$true,Position=4)]
26 | [String]$Address,
27 |
28 | [Parameter(ValueFromPipelineByPropertyName=$true,Position=5)]
29 | [String]$UserReason,
30 |
31 | [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true,Position=6)]
32 | [hashtable]$token
33 | )
34 |
35 | Begin{
36 | $tokenval,$sessionval,$PVWA,$Header,$ISPSS,$IdentityURL,$EnableTextRecorder,$AuditTimeStamp,$NoSSL,$VaultVersion,$HideWarnings,$AuthenticatedAs,$SubDomain,$EnableTroubleshooting = Get-VPASSession -token $token
37 | $CommandName = $MyInvocation.MyCommand.Name
38 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType COMMAND -Helper
39 | }
40 | Process{
41 | try{
42 | Write-Verbose "RETRIEVING ALL INCOMING REQUESTS"
43 | $FoundRequests = @()
44 | $AllAccountRequests = Get-VPASAllIncomingRequests
45 | foreach($req in $AllAccountRequests.IncomingRequests){
46 | $curMatch = $true
47 | $requestID = $req.RequestID
48 | $requestAcctID = $req.AccountDetails.AccountID
49 | $requestReason = $req.RequestorReason
50 | $requestSafe = $req.AccountDetails.Properties.Safe
51 | $requestPlatform = $req.AccountDetails.Properties.PolicyID
52 | $requestAddress = $req.AccountDetails.Properties.Address
53 | $requestUsername = $req.AccountDetails.Properties.UserName
54 |
55 | if(![String]::IsNullOrEmpty($AcctID)){
56 | if($requestAcctID -eq $AcctID){
57 | if(![String]::IsNullOrEmpty($UserReason)){
58 | if($requestReason -match $UserReason){
59 | Write-Verbose "FOUND MATCHING REQUEST ID $requestID, ADDING TO RETURN LIST"
60 | $FoundRequests += $requestID
61 | }
62 | }
63 | else{
64 | Write-Verbose "FOUND MATCHING REQUEST ID $requestID, ADDING TO RETURN LIST"
65 | $FoundRequests += $requestID
66 | }
67 | }
68 | }
69 | else{
70 | if(![String]::IsNullOrEmpty($Platform)){
71 | if($requestPlatform -notmatch $Platform){
72 | $curMatch = $false
73 | }
74 | }
75 | if(![String]::IsNullOrEmpty($Safe)){
76 | if($requestSafe -notmatch $Safe){
77 | $curMatch = $false
78 | }
79 | }
80 | if(![String]::IsNullOrEmpty($Address)){
81 | if($requestAddress -notmatch $Address){
82 | $curMatch = $false
83 | }
84 | }
85 | if(![String]::IsNullOrEmpty($Username)){
86 | if($requestUsername -notmatch $Username){
87 | $curMatch = $false
88 | }
89 | }
90 | if(![String]::IsNullOrEmpty($UserReason)){
91 | if($requestReason -notmatch $UserReason){
92 | $curMatch = $false
93 | }
94 | }
95 | if($curMatch){
96 | Write-Verbose "FOUND MATCHING REQUEST ID $requestID, ADDING TO RETURN LIST"
97 | $FoundRequests += $requestID
98 | }
99 | }
100 | }
101 |
102 | $counter = $FoundRequests.count
103 | if($counter -gt 0){
104 | Write-Verbose "FOUND TARGET INCOMING REQUESTS THAT MATCH THE SEARCHQUERY"
105 | $log = Write-VPASTextRecorder -inputval "FOUND TARGET INCOMING REQUESTS THAT MATCH THE SEARCHQUERY" -token $token -LogType MISC -Helper
106 | $log = Write-VPASTextRecorder -inputval $FoundRequests -token $token -LogType RETURN -Helper
107 | return $FoundRequests
108 | }
109 | else{
110 | Write-Verbose "NO INCOMING REQUESTS FOUND"
111 | Write-VPASOutput -str "NO INCOMING REQUESTS FOUND" -type E
112 | $log = Write-VPASTextRecorder -inputval "NO INCOMING REQUESTS FOUND" -token $token -LogType MISC -Helper
113 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: false" -token $token -LogType MISC -Helper
114 | return $false
115 | }
116 | }catch{
117 | Write-Verbose "UNABLE TO QUERY CYBERARK"
118 | Write-VPASOutput -str $_ -type E
119 | $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR -Helper
120 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC -Helper
121 | }
122 | }
123 | End{
124 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType DIVIDER -Helper
125 | }
126 | }
127 |
--------------------------------------------------------------------------------
/VpasModule/14.4.1/private/Get-VPASPlatformIDHelper.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .Synopsis
3 | Get platform ID
4 | CREATED BY: Vadim Melamed, EMAIL: vpasmodule@gmail.com
5 | .DESCRIPTION
6 | Helper function to retrieve platform IDs from CyberArk
7 | #>
8 | function Get-VPASPlatformIDHelper{
9 | [OutputType([String],'System.Int32')]
10 | [CmdletBinding()]
11 | Param(
12 |
13 | [Parameter(ValueFromPipelineByPropertyName=$true,Position=0)]
14 | [String]$platformID,
15 |
16 | [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true,Position=1)]
17 | [hashtable]$token
18 | )
19 |
20 | Begin{
21 | $tokenval,$sessionval,$PVWA,$Header,$ISPSS,$IdentityURL,$EnableTextRecorder,$AuditTimeStamp,$NoSSL,$VaultVersion,$HideWarnings,$AuthenticatedAs,$SubDomain,$EnableTroubleshooting = Get-VPASSession -token $token
22 | $CommandName = $MyInvocation.MyCommand.Name
23 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType COMMAND -Helper
24 | }
25 | Process{
26 | try{
27 | Write-Verbose "CONSTRUCTING SEARCH STRING TO QUERY CYBERARK"
28 | $searchQuery = "$platformID"
29 | $log = Write-VPASTextRecorder -inputval "HELPER FUNCTION SEARCH QUERY: $searchQuery" -token $token -LogType MISC -Helper
30 |
31 | if($NoSSL){
32 | Write-Verbose "NO SSL ENABLED, USING HTTP INSTEAD OF HTTPS"
33 | $uri = "http://$PVWA/passwordvault/api/platforms/targets"
34 | }
35 | else{
36 | Write-Verbose "SSL ENABLED BY DEFAULT, USING HTTPS"
37 | $uri = "https://$PVWA/passwordvault/api/platforms/targets"
38 | }
39 | write-verbose "MAKING API CALL"
40 | $log = Write-VPASTextRecorder -inputval $uri -token $token -LogType URI -Helper
41 | $log = Write-VPASTextRecorder -inputval "GET" -token $token -LogType METHOD -Helper
42 |
43 | if($sessionval){
44 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json" -WebSession $sessionval
45 | }
46 | else{
47 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json"
48 | }
49 |
50 | $counter = $response.Total
51 | Write-Verbose "FOUND $counter PLATFORMS...LOOKING FOR TARGET PLATFORMID: $searchQuery"
52 |
53 | $output = -1
54 | foreach($rec in $response.Platforms){
55 | $recid = $rec.ID
56 | $recplatformid = $rec.PlatformID
57 | $recname = $rec.Name
58 |
59 | if($recplatformid -eq $platformID -or $recname -eq $platformID){
60 | $output = [int]$recid
61 | Write-Verbose "FOUND $platformID : TARGET ENTRY FOUND, RETURNING ID"
62 | $outputlog = $rec | ConvertTo-Json | ConvertFrom-Json
63 | $log = Write-VPASTextRecorder -inputval $outputlog -token $token -LogType RETURN -Helper
64 | return $output
65 | }
66 | Write-Verbose "FOUND $recplatformid : NOT TARGET ENTRY (SKIPPING)"
67 |
68 | }
69 | Write-Verbose "CAN NOT FIND TARGET ENTRY, RETURNING -1"
70 | $log = Write-VPASTextRecorder -inputval "CAN NOT FIND TARGET ENTRY" -token $token -LogType MISC -Helper
71 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC -Helper
72 | return $output
73 | }catch{
74 | Write-Verbose "UNABLE TO QUERY CYBERARK"
75 | Write-VPASOutput -str $_ -type E
76 | $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR -Helper
77 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC -Helper
78 | }
79 | }
80 | End{
81 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType DIVIDER -Helper
82 | }
83 | }
84 |
--------------------------------------------------------------------------------
/VpasModule/14.4.1/private/Get-VPASRecordingIDHelper.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .Synopsis
3 | Get recording ID
4 | CREATED BY: Vadim Melamed, EMAIL: vpasmodule@gmail.com
5 | .DESCRIPTION
6 | Helper function to retrieve recording ID from CyberArk
7 | #>
8 | function Get-VPASRecordingIDHelper{
9 | [OutputType([String],'System.Int32',[bool])]
10 | [CmdletBinding()]
11 | Param(
12 |
13 | [Parameter(Mandatory=$true,ValueFromPipelineByPropertyName=$true,Position=0)]
14 | [String]$SearchQuery,
15 |
16 | [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true,Position=1)]
17 | [hashtable]$token
18 | )
19 |
20 | Begin{
21 | $tokenval,$sessionval,$PVWA,$Header,$ISPSS,$IdentityURL,$EnableTextRecorder,$AuditTimeStamp,$NoSSL,$VaultVersion,$HideWarnings,$AuthenticatedAs,$SubDomain,$EnableTroubleshooting = Get-VPASSession -token $token
22 | $CommandName = $MyInvocation.MyCommand.Name
23 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType COMMAND -Helper
24 | }
25 | Process{
26 | try{
27 | Write-Verbose "SUCCESSFULLY PARSED PVWA VALUE"
28 | Write-Verbose "SUCCESSFULLY PARSED TOKEN VALUE"
29 | Write-Verbose "SUCCESSFULLY PARSED SEARCHQUERY VALUE: $SearchQuery"
30 | $log = Write-VPASTextRecorder -inputval "HELPER FUNCTION SEARCH QUERY: $searchQuery" -token $token -LogType MISC -Helper
31 |
32 | if($NoSSL){
33 | Write-Verbose "NO SSL ENABLED, USING HTTP INSTEAD OF HTTPS"
34 | $uri = "http://$PVWA/PasswordVault/API/recordings?Search=$SearchQuery"
35 | }
36 | else{
37 | Write-Verbose "SSL ENABLED BY DEFAULT, USING HTTPS"
38 | $uri = "https://$PVWA/PasswordVault/API/recordings?Search=$SearchQuery"
39 | }
40 |
41 | write-verbose "MAKING API CALL TO CYBERARK"
42 | $log = Write-VPASTextRecorder -inputval $uri -token $token -LogType URI -Helper
43 | $log = Write-VPASTextRecorder -inputval "GET" -token $token -LogType METHOD -Helper
44 |
45 | if($sessionval){
46 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json" -WebSession $sessionval
47 | }
48 | else{
49 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json"
50 | }
51 |
52 | $output = -1
53 | foreach($rec in $response.Recordings){
54 | $recSessionID = $rec.SessionID
55 | $recUser = $rec.User
56 | $recTargetAcct = $rec.AccountUsername
57 | $recTargetAddr = $rec.AccountAddress
58 |
59 | if($recSessionID -eq $SearchQuery -or $recUser -eq $SearchQuery -or $recTargetAcct -eq $SearchQuery -or $recTargetAddr -match $SearchQuery){
60 | write-verbose "FOUND TARGET RECORDING SESSION: $recSessionID...RETURNING RECORDING SESSION ID"
61 | if($output -eq -1){
62 | $output = $recSessionID
63 | $outputlog = $rec
64 | }
65 | else{
66 | Write-Verbose "FOUND MULTIPLE TARGET ENTRIES, USE MORE SEARCH PARAMETES...RETURNING -2"
67 | Write-VPASOutput -str "FOUND MULTIPLE TARGET ENTRIES, USE MORE SEARCH PARAMETERS...RETURNING -2" -type E
68 | $output = -2
69 | $log = Write-VPASTextRecorder -inputval "MULTIPLE TARGET ENTRIES WERE RETURNED, ADD MORE TO NAME TO NARROW RESULTS" -token $token -LogType MISC -Helper
70 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC -Helper
71 | return $output
72 | }
73 | }
74 | else{
75 | write-verbose "FOUND RECORDING SESSION: $recSessionID...NOT TARGET SESSION, SKIPPING"
76 | }
77 | }
78 |
79 | if($output -ne -1){
80 | Write-Verbose "FOUND MATCHING RECORIDNG SESSION ID...RETURNING RECORDING ID"
81 | $outputlog = $outputlog | ConvertTo-Json | ConvertFrom-Json
82 | $log = Write-VPASTextRecorder -inputval $outputlog -token $token -LogType RETURN -Helper
83 | return $output
84 | }
85 | else{
86 | Write-Verbose "CAN NOT FIND TARGET ENTRY, RETURNING -1"
87 | Write-VPASOutput -str "CAN NOT FIND TARGET ENTRY, RETURNING -1" -type E
88 | $log = Write-VPASTextRecorder -inputval "CAN NOT FIND TARGET ENTRY" -token $token -LogType MISC -Helper
89 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC -Helper
90 | return $output
91 | }
92 |
93 | }catch{
94 | Write-Verbose "UNABLE TO GET RECORDING SESSIONS FOR SEARCHQUERY: $SearchQuery"
95 | Write-VPASOutput -str $_ -type E
96 | $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR -Helper
97 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC -Helper
98 | return $false
99 | }
100 | }
101 | End{
102 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType DIVIDER -Helper
103 | }
104 | }
--------------------------------------------------------------------------------
/VpasModule/14.4.1/private/Get-VPASRoleIDIdentityHelper.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .Synopsis
3 | Get Identity role ID
4 | CREATED BY: Vadim Melamed, EMAIL: vpasmodule@gmail.com
5 | .DESCRIPTION
6 | Helper function to retrieve role IDs from Identity
7 | #>
8 | function Get-VPASRoleIDIdentityHelper{
9 | [OutputType([String],[bool],'System.Int32')]
10 | [CmdletBinding()]
11 | Param(
12 |
13 | [Parameter(Mandatory=$true,ValueFromPipelineByPropertyName=$true,Position=0)]
14 | [String]$RoleName,
15 |
16 | [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true,Position=1)]
17 | [hashtable]$token
18 | )
19 |
20 | Begin{
21 | $tokenval,$sessionval,$PVWA,$Header,$ISPSS,$IdentityURL,$EnableTextRecorder,$AuditTimeStamp,$NoSSL,$VaultVersion,$HideWarnings,$AuthenticatedAs,$SubDomain,$EnableTroubleshooting = Get-VPASSession -token $token
22 | $CommandName = $MyInvocation.MyCommand.Name
23 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType COMMAND -Helper
24 | }
25 | Process{
26 | $log = Write-VPASTextRecorder -inputval "LOOKING FOR *$RoleName* IDENTITY ROLE" -token $token -LogType MISC -Helper
27 | try{
28 | if(!$IdentityURL){
29 | Write-VPASOutput -str "LOGIN TOKEN WAS NOT GENERATED THROUGH IDENTITY, TERMINATING API CALL" -type E
30 | $log = Write-VPASTextRecorder -inputval "LOGIN TOKEN WAS NOT GENERATED THROUGH IDENTITY, TERMINATING API CALL" -token $token -LogType MISC -Helper
31 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC -Helper
32 | return $false
33 | }
34 |
35 | Write-Verbose "CONSTRUCTING PARAMETERS"
36 | $params = @{
37 | Script = "Select * from Role"
38 | }
39 | $log = Write-VPASTextRecorder -inputval $params -token $token -LogType PARAMS -Helper
40 | $params = $params | ConvertTo-Json
41 |
42 | if($NoSSL){
43 | Write-Verbose "NO SSL ENABLED, USING HTTP INSTEAD OF HTTPS"
44 | $uri = "http://$IdentityURL/Redrock/query"
45 | }
46 | else{
47 | Write-Verbose "SSL ENABLED BY DEFAULT, USING HTTPS"
48 | $uri = "https://$IdentityURL/Redrock/query"
49 | }
50 | write-verbose "MAKING API CALL"
51 | $log = Write-VPASTextRecorder -inputval $uri -token $token -LogType URI -Helper
52 | $log = Write-VPASTextRecorder -inputval "POST" -token $token -LogType METHOD -Helper
53 |
54 | if($sessionval){
55 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method POST -Body $params -ContentType "application/json" -WebSession $sessionval
56 | }
57 | else{
58 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method POST -Body $params -ContentType "application/json"
59 | }
60 | $result = $response
61 |
62 | $counter = 0
63 | $returnID = ""
64 | foreach($role in $result.Result.Results.Row){
65 | $RECroleName = $role.Name
66 | $RECroleID = $role.ID
67 |
68 | if($RECroleName -match $RoleName){
69 | $counter += 1
70 | $returnID = $RECroleID
71 | }
72 |
73 | if($RECroleName -eq $RoleName){
74 | Write-Verbose "FOUND TARGET ROLE, RETURNING UNIQUE ID"
75 | $log = Write-VPASTextRecorder -inputval $role -token $token -LogType RETURN -Helper
76 | return $RECroleID
77 | }
78 | }
79 |
80 | if($counter -gt 1){
81 | Write-Verbose "MULTIPLE ROLE ENTRIES WERE RETURNED, ADD MORE TO NAME TO NARROW RESULTS"
82 | $log = Write-VPASTextRecorder -inputval "MULTIPLE ROLE ENTRIES WERE RETURNED, ADD MORE TO NAME TO NARROW RESULTS" -token $token -LogType MISC -Helper
83 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC -Helper
84 | return -1
85 | }
86 | elseif($counter -eq 0){
87 | Write-Verbose "NO ROLES FOUND"
88 | Write-VPASOutput -str "NO ROLES FOUND" -type E
89 | $log = Write-VPASTextRecorder -inputval "NO ROLES FOUND" -token $token -LogType MISC -Helper
90 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC -Helper
91 | return -2
92 | }
93 | else{
94 | write-verbose "FOUND UNIQUE ROLE ID"
95 | Write-Verbose "RETURNING UNIQUE ROLE ID"
96 | $log = Write-VPASTextRecorder -inputval "FOUND TARGET UNIQUE ROLE ID $returnID" -token $token -LogType MISC -Helper
97 | $log = Write-VPASTextRecorder -inputval "Get-VPASUserIDIdentityHelper" -token $token -LogType DIVIDER -Helper
98 | return $returnID
99 | }
100 | }catch{
101 | Write-Verbose "UNABLE TO QUERY IDENTITY"
102 | Write-VPASOutput -str $_ -type E
103 | $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR -Helper
104 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC -Helper
105 | }
106 | }
107 | End{
108 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType DIVIDER -Helper
109 | }
110 | }
--------------------------------------------------------------------------------
/VpasModule/14.4.1/private/Get-VPASRotationalPlatformIDHelper.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .Synopsis
3 | Get rotational platform ID
4 | CREATED BY: Vadim Melamed, EMAIL: vpasmodule@gmail.com
5 | .DESCRIPTION
6 | Helper function to retrieve rotational platform IDs from CyberArk
7 | #>
8 | function Get-VPASRotationalPlatformIDHelper{
9 | [OutputType([String],'System.Int32')]
10 | [CmdletBinding()]
11 | Param(
12 |
13 | [Parameter(ValueFromPipelineByPropertyName=$true,Position=0)]
14 | [String]$rotationalplatformID,
15 |
16 | [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true,Position=1)]
17 | [hashtable]$token
18 | )
19 |
20 | Begin{
21 | $tokenval,$sessionval,$PVWA,$Header,$ISPSS,$IdentityURL,$EnableTextRecorder,$AuditTimeStamp,$NoSSL,$VaultVersion,$HideWarnings,$AuthenticatedAs,$SubDomain,$EnableTroubleshooting = Get-VPASSession -token $token
22 | $CommandName = $MyInvocation.MyCommand.Name
23 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType COMMAND -Helper
24 | }
25 | Process{
26 | try{
27 | $platformID = $rotationalplatformID
28 | Write-Verbose "CONSTRUCTING SEARCH STRING TO QUERY CYBERARK"
29 | $searchQuery = "$platformID"
30 |
31 | if($NoSSL){
32 | Write-Verbose "NO SSL ENABLED, USING HTTP INSTEAD OF HTTPS"
33 | $uri = "http://$PVWA/passwordvault/api/platforms/rotationalGroups/"
34 | }
35 | else{
36 | Write-Verbose "SSL ENABLED BY DEFAULT, USING HTTPS"
37 | $uri = "https://$PVWA/passwordvault/api/platforms/rotationalGroups/"
38 | }
39 | write-verbose "MAKING API CALL"
40 | $log = Write-VPASTextRecorder -inputval $uri -token $token -LogType URI -Helper
41 | $log = Write-VPASTextRecorder -inputval "GET" -token $token -LogType METHOD -Helper
42 |
43 | if($sessionval){
44 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json" -WebSession $sessionval
45 | }
46 | else{
47 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json"
48 | }
49 |
50 | $counter = $response.Total
51 | Write-Verbose "FOUND $counter ROTATIONAL PLATFORMS...LOOKING FOR TARGET ROTATIONAL PLATFORMID: $searchQuery"
52 |
53 | $output = -1
54 | foreach($rec in $response.Platforms){
55 | $recid = $rec.ID
56 | $recplatformid = $rec.PlatformID
57 | $recname = $rec.Name
58 |
59 | if($recplatformid -eq $platformID -or $recname -eq $platformID){
60 | $output = [int]$recid
61 | Write-Verbose "FOUND $platformID : TARGET ENTRY FOUND, RETURNING ID"
62 | $logoutput = $rec | ConvertTo-Json | ConvertFrom-Json
63 | $log = Write-VPASTextRecorder -inputval $logoutput -token $token -LogType RETURN -Helper
64 | return $output
65 | }
66 | Write-Verbose "FOUND $recplatformid : NOT TARGET ENTRY (SKIPPING)"
67 |
68 | }
69 | Write-Verbose "CAN NOT FIND TARGET ENTRY, RETURNING -1"
70 | $log = Write-VPASTextRecorder -inputval "CAN NOT FIND TARGET ENTRY" -token $token -LogType MISC -Helper
71 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC -Helper
72 | return $output
73 | }catch{
74 | Write-Verbose "UNABLE TO QUERY CYBERARK"
75 | Write-VPASOutput -str $_ -type E
76 | $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR -Helper
77 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC -Helper
78 | }
79 | }
80 | End{
81 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType DIVIDER -Helper
82 | }
83 | }
84 |
--------------------------------------------------------------------------------
/VpasModule/14.4.1/private/Get-VPASSecurityQuestionIDIdentityHelper.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .Synopsis
3 | Get admin security question ID
4 | CREATED BY: Vadim Melamed, EMAIL: vpasmodule@gmail.com
5 | .DESCRIPTION
6 | Helper function to retrieve admin security question IDs from Identity
7 | #>
8 | function Get-VPASSecurityQuestionIDIdentityHelper{
9 | [OutputType([String],'System.Int32',[bool])]
10 | [CmdletBinding()]
11 | Param(
12 |
13 | [Parameter(Mandatory=$true,ValueFromPipelineByPropertyName=$true,Position=0)]
14 | [String]$SecurityQuestion,
15 |
16 | [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true,Position=1)]
17 | [hashtable]$token
18 | )
19 |
20 | Begin{
21 | $tokenval,$sessionval,$PVWA,$Header,$ISPSS,$IdentityURL,$EnableTextRecorder,$AuditTimeStamp,$NoSSL,$VaultVersion,$HideWarnings,$AuthenticatedAs,$SubDomain,$EnableTroubleshooting = Get-VPASSession -token $token
22 | $CommandName = $MyInvocation.MyCommand.Name
23 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType COMMAND -Helper
24 | }
25 | Process{
26 | $log = Write-VPASTextRecorder -inputval "LOOKING FOR *$SecurityQuestion* SECURITY QUESTION" -token $token -LogType MISC -Helper
27 | try{
28 | if(!$IdentityURL){
29 | Write-VPASOutput -str "LOGIN TOKEN WAS NOT GENERATED THROUGH IDENTITY, TERMINATING API CALL" -type E
30 | $log = Write-VPASTextRecorder -inputval "LOGIN TOKEN WAS NOT GENERATED THROUGH IDENTITY, TERMINATING API CALL" -token $token -LogType MISC -Helper
31 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC -Helper
32 | return $false
33 | }
34 |
35 | if($NoSSL){
36 | Write-Verbose "NO SSL ENABLED, USING HTTP INSTEAD OF HTTPS"
37 | $uri = "http://$IdentityURL/TenantConfig/GetAdminSecurityQuestions"
38 | }
39 | else{
40 | Write-Verbose "SSL ENABLED BY DEFAULT, USING HTTPS"
41 | $uri = "https://$IdentityURL/TenantConfig/GetAdminSecurityQuestions"
42 | }
43 | write-verbose "MAKING API CALL"
44 | $log = Write-VPASTextRecorder -inputval $uri -token $token -LogType URI -Helper
45 | $log = Write-VPASTextRecorder -inputval "POST" -token $token -LogType METHOD -Helper
46 |
47 | if($sessionval){
48 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method POST -ContentType "application/json" -WebSession $sessionval
49 | }
50 | else{
51 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method POST -ContentType "application/json"
52 | }
53 | $result = $response
54 |
55 | $counter = 0
56 | $returnID = ""
57 | foreach($question in $result.Result){
58 | $recQuestionID = $question.Uuid
59 | $recQuestion = $question.Question
60 |
61 | if($recQuestion -match $SecurityQuestion){
62 | $counter += 1
63 | $returnID = $recQuestionID
64 | }
65 |
66 | if($recQuestion -eq $SecurityQuestion){
67 | Write-Verbose "FOUND TARGET SECURITY QUESTION, RETURNING UNIQUE UUID"
68 | $log = Write-VPASTextRecorder -inputval $question -token $token -LogType RETURN -Helper
69 | return $recQuestionID
70 | }
71 | }
72 |
73 | if($counter -gt 1){
74 | Write-Verbose "MULTIPLE SECURITY QUESTION ENTRIES WERE RETURNED, ADD MORE TO QUERY TO NARROW RESULTS"
75 | $log = Write-VPASTextRecorder -inputval "MULTIPLE SECURITY QUESTION ENTRIES WERE RETURNED, ADD MORE TO QUERY TO NARROW RESULTS" -token $token -LogType MISC -Helper
76 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC -Helper
77 | return -1
78 | }
79 | elseif($counter -eq 0){
80 | Write-Verbose "NO SECURITY QUESTIONS FOUND"
81 | Write-VPASOutput -str "NO SECURITY QUESTIONS FOUND" -type E
82 | $log = Write-VPASTextRecorder -inputval "NO SECURITY QUESTIONS FOUND" -token $token -LogType MISC -Helper
83 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC -Helper
84 | return -2
85 | }
86 | else{
87 | write-verbose "FOUND UNIQUE SECURITY QUESTION UUID"
88 | Write-Verbose "RETURNING UNIQUE SECURITY QUESTION UUID"
89 | $log = Write-VPASTextRecorder -inputval "RETURNING UNIQUE SECURITY QUESTION UUID $returnID" -token $token -LogType MISC -Helper
90 | return $returnID
91 | }
92 | }catch{
93 | Write-Verbose "UNABLE TO QUERY IDENTITY"
94 | Write-VPASOutput -str $_ -type E
95 | $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR -Helper
96 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC -Helper
97 | }
98 | }
99 | End{
100 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType DIVIDER -Helper
101 | }
102 | }
103 |
--------------------------------------------------------------------------------
/VpasModule/14.4.1/private/Get-VPASSession.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .Synopsis
3 | Get session variables
4 | CREATED BY: Vadim Melamed, EMAIL: vpasmodule@gmail.com
5 | .DESCRIPTION
6 | Helper function to retrieve current session variables
7 | #>
8 | function Get-VPASSession{
9 | [OutputType([String],[bool],'System.Object[]')]
10 | [CmdletBinding()]
11 | Param(
12 | [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true,Position=0)]
13 | [hashtable]$token
14 | )
15 |
16 | Begin{
17 |
18 | }
19 | Process{
20 | try{
21 | if($token){
22 | $tokenval = $token.token
23 | $sessionval = $token.session
24 | $PVWA = $token.pvwa
25 | $Header = $token.HeaderType
26 | $ISPSS = $token.ISPSS
27 | $IdentityURL = $token.IdentityURL
28 | $EnableTextRecorder = $token.EnableTextRecorder
29 | $AuditTimeStamp = $token.AuditTimeStamp
30 | $NoSSL = $token.NoSSL
31 | $VaultVersion = $token.VaultVersion
32 | $HideWarnings = $token.HideWarnings
33 | $AuthenticatedAs = $token.AuthenticatedAs
34 | $SubDomain = $token.SubDomain
35 | $EnableTroubleshooting = $token.EnableTroubleshooting
36 | }
37 | else{
38 | $tokenval = $Script:VPAStoken.token
39 | $sessionval = $Script:VPAStoken.session
40 | $PVWA = $Script:VPAStoken.pvwa
41 | $Header = $Script:VPAStoken.HeaderType
42 | $ISPSS = $Script:VPAStoken.ISPSS
43 | $IdentityURL = $Script:VPAStoken.IdentityURL
44 | $EnableTextRecorder = $Script:VPAStoken.EnableTextRecorder
45 | $AuditTimeStamp = $Script:VPAStoken.AuditTimeStamp
46 | $NoSSL = $Script:VPAStoken.NoSSL
47 | $VaultVersion = $Script:VPAStoken.VaultVersion
48 | $HideWarnings = $Script:VPAStoken.HideWarnings
49 | $AuthenticatedAs = $Script:VPAStoken.AuthenticatedAs
50 | $SubDomain = $Script:VPAStoken.SubDomain
51 | $EnableTroubleshooting = $Script:VPAStoken.EnableTroubleshooting
52 | }
53 |
54 | if([String]::IsNullOrEmpty($tokenval)){
55 | Write-Verbose "UNABLE TO FIND A SESSION TOKEN"
56 | Write-VPASOutput -str "UNABLE TO FIND A SESSION TOKEN" -type E -Initialized
57 | Write-VPASOutput -str "CREATE A SESSION TOKEN BY RUNNING New-VPASToken" -type E -Initialized
58 | return $false
59 | }
60 | else{
61 | return $tokenval,$sessionval,$PVWA,$Header,$ISPSS,$IdentityURL,$EnableTextRecorder,$AuditTimeStamp,$NoSSL,$VaultVersion,$HideWarnings,$AuthenticatedAs,$SubDomain,$EnableTroubleshooting
62 | }
63 | }catch{
64 | Write-Verbose "UNABLE TO FIND A SESSION TOKEN"
65 | Write-VPASOutput -str $_ -type E -Initialized
66 | }
67 | }
68 | End{
69 |
70 | }
71 | }
--------------------------------------------------------------------------------
/VpasModule/14.4.1/private/Get-VPASUsagePlatformIDHelper.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .Synopsis
3 | Get usage platform ID
4 | CREATED BY: Vadim Melamed, EMAIL: vpasmodule@gmail.com
5 | .DESCRIPTION
6 | Helper function to retrieve usage platform IDs from CyberArk
7 | #>
8 | function Get-VPASUsagePlatformIDHelper{
9 | [OutputType([String],'System.Int32')]
10 | [CmdletBinding()]
11 | Param(
12 |
13 | [Parameter(ValueFromPipelineByPropertyName=$true,Position=0)]
14 | [String]$usageplatformID,
15 |
16 | [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true,Position=1)]
17 | [hashtable]$token
18 | )
19 |
20 | Begin{
21 | $tokenval,$sessionval,$PVWA,$Header,$ISPSS,$IdentityURL,$EnableTextRecorder,$AuditTimeStamp,$NoSSL,$VaultVersion,$HideWarnings,$AuthenticatedAs,$SubDomain,$EnableTroubleshooting = Get-VPASSession -token $token
22 | $CommandName = $MyInvocation.MyCommand.Name
23 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType COMMAND -Helper
24 | }
25 | Process{
26 | try{
27 | $platformID = $usageplatformID
28 | Write-Verbose "CONSTRUCTING SEARCH STRING TO QUERY CYBERARK"
29 | $searchQuery = "$platformID"
30 |
31 | if($NoSSL){
32 | Write-Verbose "NO SSL ENABLED, USING HTTP INSTEAD OF HTTPS"
33 | $uri = "http://$PVWA/passwordvault/api/platforms/dependents/"
34 | }
35 | else{
36 | Write-Verbose "SSL ENABLED BY DEFAULT, USING HTTPS"
37 | $uri = "https://$PVWA/passwordvault/api/platforms/dependents/"
38 | }
39 | write-verbose "MAKING API CALL"
40 | $log = Write-VPASTextRecorder -inputval $uri -token $token -LogType URI -Helper
41 | $log = Write-VPASTextRecorder -inputval "GET" -token $token -LogType METHOD -Helper
42 |
43 | if($sessionval){
44 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json" -WebSession $sessionval
45 | }
46 | else{
47 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json"
48 | }
49 |
50 | $counter = $response.Total
51 | Write-Verbose "FOUND $counter USAGE PLATFORMS...LOOKING FOR TARGET USAGE PLATFORMID: $searchQuery"
52 |
53 | $output = -1
54 | foreach($rec in $response.Platforms){
55 | $recid = $rec.ID
56 | $recplatformid = $rec.PlatformID
57 | $recname = $rec.Name
58 |
59 | if($recplatformid -eq $platformID -or $recname -eq $platformID){
60 | $output = [int]$recid
61 | Write-Verbose "FOUND $platformID : TARGET ENTRY FOUND, RETURNING ID"
62 | $logoutput = $rec | ConvertTo-Json | ConvertFrom-Json
63 | $log = Write-VPASTextRecorder -inputval $logoutput -token $token -LogType RETURN -Helper
64 | return $output
65 | }
66 | Write-Verbose "FOUND $recplatformid : NOT TARGET ENTRY (SKIPPING)"
67 |
68 | }
69 | Write-Verbose "CAN NOT FIND TARGET ENTRY, RETURNING -1"
70 | $log = Write-VPASTextRecorder -inputval "CAN NOT FIND TARGET ENTRY" -token $token -LogType MISC -Helper
71 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC -Helper
72 | return $output
73 | }catch{
74 | Write-Verbose "UNABLE TO QUERY CYBERARK"
75 | Write-VPASOutput -str $_ -type E
76 | $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR -Helper
77 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC -Helper
78 | }
79 | }
80 | End{
81 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType DIVIDER -Helper
82 | }
83 | }
84 |
--------------------------------------------------------------------------------
/VpasModule/14.4.1/private/Get-VPASUserIDIdentityHelper.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .Synopsis
3 | Get Identity user ID
4 | CREATED BY: Vadim Melamed, EMAIL: vpasmodule@gmail.com
5 | .DESCRIPTION
6 | Helper function to retrieve user IDs from Identity
7 | #>
8 | function Get-VPASUserIDIdentityHelper{
9 | [OutputType([String],'System.Int32',[bool])]
10 | [CmdletBinding()]
11 | Param(
12 |
13 | [Parameter(Mandatory=$true,ValueFromPipelineByPropertyName=$true,Position=0)]
14 | [String]$User,
15 |
16 | [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true,Position=1)]
17 | [hashtable]$token
18 | )
19 |
20 | Begin{
21 | $tokenval,$sessionval,$PVWA,$Header,$ISPSS,$IdentityURL,$EnableTextRecorder,$AuditTimeStamp,$NoSSL,$VaultVersion,$HideWarnings,$AuthenticatedAs,$SubDomain,$EnableTroubleshooting = Get-VPASSession -token $token
22 | $CommandName = $MyInvocation.MyCommand.Name
23 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType COMMAND -Helper
24 | }
25 | Process{
26 | $log = Write-VPASTextRecorder -inputval "SEARCHING FOR *$User* IDENTITY USER" -token $token -LogType MISC -Helper
27 | try{
28 | if(!$IdentityURL){
29 | $log = Write-VPASTextRecorder -inputval "LOGIN TOKEN WAS NOT GENERATED THROUGH IDENTITY, TERMINATING API CALL" -token $token -LogType MISC -Helper
30 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC -Helper
31 | Write-VPASOutput -str "LOGIN TOKEN WAS NOT GENERATED THROUGH IDENTITY, TERMINATING API CALL" -type E
32 | return $false
33 | }
34 |
35 | Write-Verbose "CONSTRUCTING PARAMETERS"
36 | $params = @{
37 | Script = "Select UserName, ID from User ORDER BY Username COLLATE NOCASE"
38 | }
39 | $log = Write-VPASTextRecorder -inputval $params -token $token -LogType PARAMS -Helper
40 | $params = $params | ConvertTo-Json
41 |
42 | if($NoSSL){
43 | Write-Verbose "NO SSL ENABLED, USING HTTP INSTEAD OF HTTPS"
44 | $uri = "http://$IdentityURL/Redrock/query"
45 | }
46 | else{
47 | Write-Verbose "SSL ENABLED BY DEFAULT, USING HTTPS"
48 | $uri = "https://$IdentityURL/Redrock/query"
49 | }
50 | write-verbose "MAKING API CALL"
51 | $log = Write-VPASTextRecorder -inputval $uri -token $token -LogType URI -Helper
52 | $log = Write-VPASTextRecorder -inputval "POST" -token $token -LogType METHOD -Helper
53 |
54 | if($sessionval){
55 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method POST -Body $params -ContentType "application/json" -WebSession $sessionval
56 | }
57 | else{
58 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method POST -Body $params -ContentType "application/json"
59 | }
60 | $result = $response
61 |
62 | $counter = 0
63 | $returnID = ""
64 | foreach($role in $result.Result.Results.Row){
65 | $RECroleName = $role.Username
66 | $RECroleID = $role.ID
67 |
68 | if($RECroleName -match $User){
69 | $counter += 1
70 | $returnID = $RECroleID
71 | }
72 |
73 | if($RECroleName -eq $User){
74 | Write-Verbose "FOUND TARGET USER, RETURNING UNIQUE ID"
75 | $logoutput = $role | ConvertTo-Json | ConvertFrom-Json
76 | $log = Write-VPASTextRecorder -inputval $role -token $token -LogType RETURN -Helper
77 | return $RECroleID
78 | }
79 | }
80 |
81 | if($counter -gt 1){
82 | Write-Verbose "MULTIPLE USER ENTRIES WERE RETURNED, ADD MORE TO NAME TO NARROW RESULTS"
83 | $log = Write-VPASTextRecorder -inputval "MULTIPLE USER ENTRIES WERE RETURNED, ADD MORE TO NAME TO NARROW RESULTS" -token $token -LogType MISC -Helper
84 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC -Helper
85 | return -1
86 | }
87 | elseif($counter -eq 0){
88 | Write-Verbose "NO USERS FOUND"
89 | Write-VPASOutput -str "NO USERS FOUND" -type E
90 | $log = Write-VPASTextRecorder -inputval "NO USERS FOUND" -token $token -LogType MISC -Helper
91 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC -Helper
92 | return -2
93 | }
94 | else{
95 | write-verbose "FOUND UNIQUE USER ID"
96 | Write-Verbose "RETURNING UNIQUE USER ID"
97 | $log = Write-VPASTextRecorder -inputval "FOUND UNIQUE IDENTITY USER ID $returnID" -token $token -LogType MISC -Helper
98 | return $returnID
99 | }
100 | }catch{
101 | $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR -Helper
102 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC -Helper
103 | Write-Verbose "UNABLE TO QUERY IDENTITY"
104 | Write-VPASOutput -str $_ -type E
105 | }
106 | }
107 | End{
108 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType DIVIDER -Helper
109 | }
110 | }
--------------------------------------------------------------------------------
/VpasModule/14.4.1/private/Test-VPASHashtableKeysHelper.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .Synopsis
3 | Check hashtable values
4 | CREATED BY: Vadim Melamed, EMAIL: vpasmodule@gmail.com
5 | .DESCRIPTION
6 | Helper function to check hashtable values
7 | #>
8 | function Test-VPASHashtableKeysHelper{
9 | [OutputType([bool])]
10 | [CmdletBinding()]
11 | Param(
12 | [Parameter(Mandatory=$true,ValueFromPipelineByPropertyName=$true)]
13 | [hashtable]$InputHash,
14 |
15 | [Parameter(Mandatory=$true,ValueFromPipelineByPropertyName=$true)]
16 | [hashtable]$KeyHash
17 | )
18 |
19 | Begin{
20 | $tokenval,$sessionval,$PVWA,$Header,$ISPSS,$IdentityURL,$EnableTextRecorder,$AuditTimeStamp,$NoSSL,$VaultVersion,$HideWarnings,$AuthenticatedAs,$SubDomain,$EnableTroubleshooting = Get-VPASSession -token $token
21 | }
22 | Process{
23 | try{
24 | Write-verbose "CHECKING HASHTABLE ACCURACY"
25 |
26 | $AllAcceptables = @()
27 | foreach($key in $KeyHash.Keys){
28 | $AcceptableKeys = $KeyHash.$key.AcceptableKeys
29 | foreach($minikey in $AcceptableKeys){
30 | $AllAcceptables += $minikey
31 | }
32 | }
33 | if($AllAcceptables.count -eq 0){
34 | Write-Verbose "NO INPUTS NEEDED, NOTHING TO CHECK, RETURNING TRUE"
35 | return $true
36 | }
37 | else{
38 | $AllAcceptables = $AllAcceptables.toLower()
39 | }
40 |
41 | foreach($key in $KeyHash.Keys){
42 | Write-Verbose "ANALYZING PARAMETER SET: $key"
43 | $setpass = $true
44 |
45 | #CHECK MANDATORY KEYS
46 | $MandatoryKeys = $KeyHash.$key.MandatoryKeys
47 | $tempMandatory = @{}
48 | foreach($tempkey in $MandatoryKeys){
49 | $tempkey = $tempkey.toLower()
50 | $tempMandatory += @{
51 | $tempkey = $false
52 | }
53 | }
54 |
55 | #CHECK ACCEPTABLE KEYS
56 | $AcceptableKeys = $KeyHash.$key.AcceptableKeys.toLower()
57 | foreach($inputKey in $InputHash.Keys){
58 | $inputKey = $inputKey.ToLower()
59 | if(!$AllAcceptables.Contains($inputKey)){
60 | $log = Write-VPASTextRecorder -inputval "UNKNOWN KEY IN InputParameters: $inputKey" -token $token -LogType MISC
61 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC
62 | Write-Verbose "UNKNOWN KEY IN InputParameters: $inputKey"
63 | Write-VPASOutput -str "UNKNOWN KEY IN InputParameters: $inputKey" -type E
64 | return $false
65 | }
66 |
67 | if(!$AcceptableKeys.Contains($inputKey)){
68 | $setpass = $false
69 | }
70 | else{
71 | $tempMandatory.$inputKey = $true
72 | }
73 | }
74 |
75 | #PROCESS SET
76 | if(!$setpass){
77 | Write-Verbose "PARAMETER SET: $key ACCEPTABLE KEYS NOT PASSED"
78 | }
79 | else{
80 | #CHECK MISSING MANDATORIES
81 | $mandatoryPassed = $true
82 | foreach($finalkey in $tempMandatory.Keys){
83 | if(!$tempMandatory.$finalkey){
84 | $mandatoryPassed = $false
85 | }
86 | }
87 |
88 | if($mandatoryPassed){
89 | Write-Verbose "PARAMETER SET: $key PASSED...RETURNING $key"
90 | return $key
91 | }
92 | else{
93 | Write-Verbose "PARAMETER SET: $key MANDATORY KEYS NOT PASSED"
94 | }
95 | }
96 | }
97 |
98 | Write-Verbose "NO PARAMETER SETS PASSED CHECK...RETURNING FALSE"
99 | $log = Write-VPASTextRecorder -inputval "NO PARAMETER SETS PASSED CHECK...RETURNING FALSE" -token $token -LogType MISC
100 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC
101 | Write-VPASOutput -str "NO PARAMETER SETS PASSED CHECK...DOUBLE CHECK THE SYNTAX FOR InputParameters...RETURNING FALSE" -type E
102 |
103 |
104 |
105 | return $false
106 | }catch{
107 | Write-VPASOutput -str "HASHTABLE CHECKING FAILED " -type E
108 | Write-VPASOutput -str "$_" -type E
109 | return $false
110 | }
111 | }
112 | End{
113 |
114 | }
115 | }
116 |
--------------------------------------------------------------------------------
/VpasModule/14.4.1/private/Write-Iterate.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .Synopsis
3 | Iterate parameter params
4 | CREATED BY: Vadim Melamed, EMAIL: vpasmodule@gmail.com
5 | .DESCRIPTION
6 | Helper function to iterate parameter params
7 | #>
8 | function Write-Iterate{
9 | [OutputType([bool])]
10 | [CmdletBinding()]
11 |
12 | Param(
13 | [Parameter(Mandatory=$true,ValueFromPipelineByPropertyName=$true,Position=0)]
14 | [psobject]$inputval,
15 |
16 | [Parameter(Mandatory=$true,ValueFromPipelineByPropertyName=$true,Position=1)]
17 | [int]$counter,
18 |
19 | [Parameter(Mandatory=$true,ValueFromPipelineByPropertyName=$true,Position=2)]
20 | [String]$targetLog
21 | )
22 |
23 | Begin{
24 |
25 | }
26 | Process{
27 | foreach($key in $inputval.Keys){
28 | $keyval = $inputval.$key
29 | if($keyval.Keys){
30 | $timestamp = Get-Date -Format "(MM-dd-yyyy HH:mm:ss)"
31 | $outputstr = "$timestamp : "
32 | $tempcount = 0
33 | while($tempcount -lt $counter){
34 | $outputstr += "`t"
35 | $tempcount += 1
36 | }
37 | $outputstr += "$key = @{"
38 | write-output $outputstr | Add-Content $targetLog
39 |
40 | $counter = Write-Iterate -inputval $keyval -counter ($counter + 1) -targetLog $targetLog
41 |
42 | $counter -= 1
43 | $timestamp = Get-Date -Format "(MM-dd-yyyy HH:mm:ss)"
44 | $outputstr = "$timestamp : "
45 | $tempcount = 0
46 | while($tempcount -lt $counter){
47 | $outputstr += "`t"
48 | $tempcount += 1
49 | }
50 | $outputstr += "}"
51 | write-output $outputstr | Add-Content $targetLog
52 | }
53 | else{
54 | $timestamp = Get-Date -Format "(MM-dd-yyyy HH:mm:ss)"
55 | $outputstr = "$timestamp : "
56 | $tempcount = 0
57 | while($tempcount -lt $counter){
58 | $outputstr += "`t"
59 | $tempcount += 1
60 | }
61 | $outputstr += "$key = $keyval"
62 | write-output $outputstr | Add-Content $targetLog
63 | }
64 | }
65 | return $counter
66 | }
67 | End{
68 |
69 | }
70 | }
--------------------------------------------------------------------------------
/VpasModule/14.4.1/private/Write-VPASExampleHelper.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .Synopsis
3 | OUTPUT COMMAND EXAMPLES
4 | CREATED BY: Vadim Melamed, EMAIL: vpasmodule@gmail.com
5 | .DESCRIPTION
6 | Helper function to output a commands examples in a readable format
7 | #>
8 | function Write-VPASExampleHelper{
9 | [OutputType([bool])]
10 | [CmdletBinding()]
11 | Param(
12 | [Parameter(Mandatory=$true,ValueFromPipelineByPropertyName=$true)]
13 | [String]$CommandName
14 | )
15 |
16 | Begin{
17 |
18 | }
19 | Process{
20 | try{
21 | Write-verbose "CHECKING COMMAND EXAMPLES"
22 | $CommandHelp = Get-help $CommandName -Full
23 |
24 | $AllExamples = $CommandHelp.examples.example
25 | foreach($ExampleRec in $AllExamples){
26 | $str1 = $ExampleRec.code | Out-String
27 | $str2 = $ExampleRec.remarks | Out-String
28 |
29 | if($str1 -match "InputParameters"){
30 | $ministr = "$str1`n$str2"
31 | $curlycount = 0
32 | $outputstr = ""
33 |
34 | $ministrsplit = $ministr.Split("`r`n")
35 | foreach($txt2 in $ministrsplit){
36 | if($txt2.length -ne 0){
37 | if($txt2 -match "}"){
38 | $curlycount -= 1
39 | }
40 | if($txt2 -match "\]"){
41 | $curlycount -= 1
42 | }
43 |
44 | $i = 0
45 | while($i -lt ($curlycount)){
46 | $outputstr += "`t"
47 | $i += 1
48 | }
49 | $outputstr += $txt2
50 | $outputstr += "`n"
51 |
52 | if($txt2 -match "{"){
53 | $curlycount += 1
54 | }
55 | if($txt2 -match "\["){
56 | $curlycount += 1
57 | }
58 | }
59 | }
60 | $outputstr = $outputstr.Substring(0,($outputstr.Length-1))
61 | Write-VPASOutput -str "$outputstr`n`n" -type DY
62 | }
63 | }
64 | return $true
65 | }catch{
66 | Write-VPASOutput -str "EXAMPLE HELPER FAILED" -type E
67 | Write-VPASOutput -str "$_" -type E
68 | return $false
69 | }
70 | }
71 | End{
72 |
73 | }
74 | }
75 |
--------------------------------------------------------------------------------
/VpasModule/14.4.1/private/Write-VPASLogger.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .Synopsis
3 | Output to log files
4 | CREATED BY: Vadim Melamed, EMAIL: vpasmodule@gmail.com
5 | .DESCRIPTION
6 | Helper function to log outputs for bulk operations
7 | #>
8 | function Write-VPASLogger{
9 | [OutputType([bool])]
10 | [CmdletBinding()]
11 | Param(
12 | [Parameter(Mandatory=$true,ValueFromPipelineByPropertyName=$true,Position=0)]
13 | [String]$LogStr,
14 |
15 | [Parameter(Mandatory=$true,ValueFromPipelineByPropertyName=$true,Position=1)]
16 | [ValidateSet('BulkSafeCreation','BulkAccountCreation','BulkSafeMembers')]
17 | [String]$BulkOperation,
18 |
19 | [Parameter(ValueFromPipelineByPropertyName=$true,Position=2)]
20 | [Switch]$NewFile
21 | )
22 |
23 | Begin{
24 |
25 | }
26 | Process{
27 | try{
28 | Write-verbose "RECIEVED LOGSTR: $LogStr"
29 | Write-Verbose "LOGGING TO CORRECT LOG: $BulkOperation"
30 |
31 | $timestamp = Get-Date -Format "(MM-dd-yyyy HH:mm:ss)"
32 | $curUser = $env:UserName
33 | $targetDirectory = "C:\Users\$curUser\AppData\Local\VPASModuleOutputs"
34 | $targetLogsDirectory = "C:\Users\$curUser\AppData\Local\VPASModuleOutputs\Logs"
35 |
36 | #SELECTING LOG
37 | if($BulkOperation -eq "BulkSafeCreation"){
38 | $targetLog = "C:\Users\$curUser\AppData\Local\VPASModuleOutputs\Logs\BulkSafeCreationLog.log"
39 | Write-Verbose "SETTING TARGETLOG: $targetLog"
40 | }
41 | elseif($BulkOperation -eq "BulkAccountCreation"){
42 | $targetLog = "C:\Users\$curUser\AppData\Local\VPASModuleOutputs\Logs\BulkAccountCreationLog.log"
43 | Write-Verbose "SETTING TARGETLOG: $targetLog"
44 | }
45 | elseif($BulkOperation -eq "BulkSafeMembers"){
46 | $targetLog = "C:\Users\$curUser\AppData\Local\VPASModuleOutputs\Logs\BulkSafeMembersLog.log"
47 | Write-Verbose "SETTING TARGETLOG: $targetLog"
48 | }
49 |
50 | #CREATING DIRECTORY
51 | if(Test-Path -Path $targetDirectory){
52 | #DO NOTHING
53 | }
54 | else{
55 | write-verbose "$targetDirectory DOES NOT EXIST, CREATING DIRECTORY"
56 | $MakeDirectory = New-Item -Path $targetDirectory -Type Directory
57 | }
58 |
59 | if(Test-Path -Path $targetLogsDirectory){
60 | #DO NOTHING
61 | }
62 | else{
63 | write-verbose "$targetLogsDirectory DOES NOT EXIST, CREATING DIRECTORY"
64 | $MakeDirectory = New-Item -Path $targetLogsDirectory -Type Directory
65 | }
66 |
67 |
68 | if($NewFile){
69 | write-output "$timestamp : BEGIN LOG" | Set-Content $targetLog
70 | }
71 |
72 | write-output "$timestamp : $LogStr" | Add-Content $targetLog
73 | return $true
74 | }catch{
75 | Write-VPASOutput -str "COULD NOT WRITE TO LOGS" -type E
76 | Write-VPASOutput -str "$_" -type E
77 | return $false
78 | }
79 | }
80 | End{
81 |
82 | }
83 | }
84 |
--------------------------------------------------------------------------------
/VpasModule/14.4.1/private/Write-VPASTypewriter.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .Synopsis
3 | OUTPUT TEXT WITH A TYPEWRITER EFFECT
4 | CREATED BY: Vadim Melamed, EMAIL: vpasmodule@gmail.com
5 | .DESCRIPTION
6 | Helper function to output text with the typewriter effect
7 | #>
8 | function Write-VPASTypewriter{
9 | [OutputType([bool])]
10 | [CmdletBinding()]
11 | Param(
12 | [Parameter(Mandatory=$true,ValueFromPipelineByPropertyName=$true)]
13 | [String]$str,
14 |
15 | [Parameter(Mandatory=$true,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true,HelpMessage="Enter type of string (C, G, M, E, Y, S, DY)")]
16 | [ValidateSet('C','G','M','E','Y','S','DY')]
17 | [String]$type,
18 |
19 | [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true)]
20 | [Switch]$NoNewLine,
21 |
22 | [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true)]
23 | [Switch]$ReadInput
24 | )
25 |
26 | Begin{
27 |
28 | }
29 | Process{
30 | if($type -eq "g"){
31 | $color = "Green"
32 | }
33 | elseif($type -eq "c"){
34 | $color = "Cyan"
35 | }
36 | elseif($type -eq "e"){
37 | $color = "Red"
38 | }
39 | elseif($type -eq "m"){
40 | $color = "Magenta"
41 | }
42 | elseif($type -eq "y"){
43 | $color = "Yellow"
44 | }
45 | elseif($type -eq "s"){
46 | $color = "Gray"
47 | }
48 | elseif($type -eq "dy"){
49 | $color = "DarkYellow"
50 | }
51 |
52 | if($str -eq "@@@"){ $str = "" }
53 | $Speed = 0
54 | foreach ($Char in $str.ToCharArray()) {
55 | Write-Host -NoNewline $Char -ForegroundColor $color
56 | Start-Sleep -Milliseconds $Speed
57 | }
58 | if(!$NoNewLine){
59 | write-host ""
60 | }
61 | }
62 | End{
63 |
64 | }
65 | }
66 |
--------------------------------------------------------------------------------
/VpasModule/14.4.1/public/Add-VPASAllowedReferrer.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .Synopsis
3 | ADD ALLOWED REFERRERS
4 | CREATED BY: Vadim Melamed, EMAIL: vpasmodule@gmail.com
5 | .DESCRIPTION
6 | USE THIS FUNCTION TO ADD ALLOWED REFERRERS TO CYBERARK
7 | .LINK
8 | https://vpasmodule.com/commands/Add-VPASAllowedReferrer
9 | .NOTES
10 | SelfHosted: TRUE
11 | PrivCloudStandard: TRUE
12 | SharedServices: TRUE
13 | .PARAMETER token
14 | HashTable of data containing various pieces of login information (PVWA, LoginToken, HeaderType, etc).
15 | If -token is not passed, function will use last known hashtable generated by New-VPASToken
16 | .PARAMETER ReferrerURL
17 | Target URL that will be whitelisted to allow the PVWA to redirect from
18 | .PARAMETER RegularExpression
19 | Define if the ReferrerURL will be treated as a regular expression
20 | .PARAMETER InputParameters
21 | HashTable of values containing the parameters required to make the API call
22 | .EXAMPLE
23 | $AddAllowedReferrerStatus = Add-VPASAllowedReferrer -ReferrerURL {REFERRERURL VALUE} -RegularExpression
24 | .EXAMPLE
25 | $InputParameters = @{
26 | ReferrerURL = "vpasmodule.com"
27 | RegularExpression = $true|$false
28 | }
29 | $AddAllowedReferrerStatus = Add-VPASAllowedReferrer -InputParameters $InputParameters
30 | .OUTPUTS
31 | $true if successful
32 | ---
33 | $false if failed
34 | #>
35 | function Add-VPASAllowedReferrer{
36 | [OutputType([bool])]
37 | [CmdletBinding(DefaultParameterSetName='Set1')]
38 | Param(
39 |
40 | [Parameter(Mandatory=$true,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true,HelpMessage="Enter new Referrer URL (for example: https://CompanySite.com/)")]
41 | [String]$ReferrerURL,
42 |
43 | [Parameter(Mandatory=$false,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true)]
44 | [Switch]$RegularExpression,
45 |
46 | [Parameter(Mandatory=$true,ParameterSetName='InputParameters',ValueFromPipelineByPropertyName=$true,HelpMessage="Hashtable of parameters required to make API call, refer to get-help -examples for valid inputs")]
47 | [hashtable]$InputParameters,
48 |
49 | [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true)]
50 | [hashtable]$token
51 | )
52 |
53 | Begin{
54 | $tokenval,$sessionval,$PVWA,$Header,$ISPSS,$IdentityURL,$EnableTextRecorder,$AuditTimeStamp,$NoSSL,$VaultVersion,$HideWarnings,$AuthenticatedAs,$SubDomain,$EnableTroubleshooting = Get-VPASSession -token $token
55 | $CommandName = $MyInvocation.MyCommand.Name
56 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType COMMAND
57 | }
58 | Process{
59 | try{
60 | if($PSCmdlet.ParameterSetName -eq "InputParameters"){
61 | $KeyHash = @{
62 | set1 = @{
63 | AcceptableKeys = @("ReferrerURL","RegularExpression")
64 | MandatoryKeys = @("ReferrerURL")
65 | }
66 | }
67 | $CheckSet = Test-VPASHashtableKeysHelper -InputHash $InputParameters -KeyHash $KeyHash
68 |
69 | if(!$CheckSet){
70 | $log = Write-VPASTextRecorder -inputval "FAILED TO FIND TARGET PARAMETER SET" -token $token -LogType MISC
71 | Write-Verbose "FAILED TO FIND TARGET PARAMETER SET"
72 | Write-VPASOutput -str "FAILED TO FIND TARGET PARAMETER SET...VIEW EXAMPLES BELOW:" -type E
73 | $examples = Write-VPASExampleHelper -CommandName $CommandName
74 | return $false
75 | }
76 | else{
77 | foreach($key in $InputParameters.Keys){
78 | Set-Variable -Name $key -Value $InputParameters.$key
79 | }
80 | }
81 | }
82 | }catch{
83 | $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR
84 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC
85 | Write-Verbose "FAILED TO ADD ALLOWED REFERRER"
86 | Write-VPASOutput -str $_ -type E
87 | return $false
88 | }
89 |
90 | try{
91 | write-verbose "INITIALIZING API PARAMETERS"
92 | $params = @{
93 | referrerURL = $ReferrerURL
94 | }
95 |
96 | if($RegularExpression){
97 | $params += @{
98 | regularExpression = "True"
99 | }
100 | }
101 | else{
102 | $params += @{
103 | regularExpression = "False"
104 | }
105 | }
106 | $log = Write-VPASTextRecorder -inputval $params -token $token -LogType PARAMS
107 | $params = $params | ConvertTo-Json
108 |
109 | if($NoSSL){
110 | Write-Verbose "NO SSL ENABLED, USING HTTP INSTEAD OF HTTPS"
111 | $uri = "http://$PVWA/passwordvault/api/Configuration/AccessRestriction/AllowedReferrers"
112 | }
113 | else{
114 | Write-Verbose "SSL ENABLED BY DEFAULT, USING HTTPS"
115 | $uri = "https://$PVWA/passwordvault/api/Configuration/AccessRestriction/AllowedReferrers"
116 | }
117 | $log = Write-VPASTextRecorder -inputval $uri -token $token -LogType URI
118 | $log = Write-VPASTextRecorder -inputval "POST" -token $token -LogType METHOD
119 |
120 | write-verbose "MAKING API CALL TO CYBERARK"
121 |
122 | if($sessionval){
123 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method POST -Body $params -ContentType "application/json" -WebSession $sessionval
124 | }
125 | else{
126 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method POST -Body $params -ContentType "application/json"
127 | }
128 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: TRUE" -token $token -LogType MISC
129 | Write-Verbose "SUCCESSFULLY ADDED ALLOWED REFERRER: $ReferrerURL"
130 | return $true
131 | }catch{
132 | $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR
133 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC
134 | Write-Verbose "UNABLE TO ADD ALLOWED REFERRER"
135 | Write-VPASOutput -str $_ -type E
136 | return $false
137 | }
138 | }
139 | End{
140 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType DIVIDER
141 | }
142 | }
143 |
--------------------------------------------------------------------------------
/VpasModule/14.4.1/public/Disable-VPASCustomTheme.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .Synopsis
3 | DISABLE CUSTOM THEME
4 | CREATED BY: Vadim Melamed, EMAIL: vpasmodule@gmail.com
5 | .DESCRIPTION
6 | USE THIS FUNCTION TO DISABLE A CUSTOM THEME IN CYBERARK AND REVERT BACK TO DEFAULT THEME
7 | .LINK
8 | https://vpasmodule.com/commands/Disable-VPASCustomTheme
9 | .NOTES
10 | SelfHosted: TRUE
11 | PrivCloudStandard: FALSE
12 | SharedServices: FALSE
13 | .PARAMETER token
14 | HashTable of data containing various pieces of login information (PVWA, LoginToken, HeaderType, etc).
15 | If -token is not passed, function will use last known hashtable generated by New-VPASToken
16 | .PARAMETER InputParameters
17 | HashTable of values containing the parameters required to make the API call
18 | .EXAMPLE
19 | $DisableThemeStatus = Disable-VPASCustomTheme
20 | .EXAMPLE
21 | $InputParameters = @{}
22 | $DisableThemeStatus = Disable-VPASCustomTheme -InputParameters $InputParameters
23 | .OUTPUTS
24 | $true if successful
25 | ---
26 | $false if failed
27 | #>
28 | function Disable-VPASCustomTheme{
29 | [OutputType([bool])]
30 | [CmdletBinding(DefaultParameterSetName='Set1')]
31 | Param(
32 | [Parameter(Mandatory=$true,ParameterSetName='InputParameters',ValueFromPipelineByPropertyName=$true,HelpMessage="Hashtable of parameters required to make API call, refer to get-help -examples for valid inputs")]
33 | [hashtable]$InputParameters,
34 |
35 | [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true)]
36 | [hashtable]$token
37 | )
38 |
39 | Begin{
40 | $tokenval,$sessionval,$PVWA,$Header,$ISPSS,$IdentityURL,$EnableTextRecorder,$AuditTimeStamp,$NoSSL,$VaultVersion,$HideWarnings,$AuthenticatedAs,$SubDomain,$EnableTroubleshooting = Get-VPASSession -token $token
41 | $CommandName = $MyInvocation.MyCommand.Name
42 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType COMMAND
43 | }
44 | Process{
45 | try{
46 | if($PSCmdlet.ParameterSetName -eq "InputParameters"){
47 | $KeyHash = @{
48 | set1 = @{
49 | AcceptableKeys = @()
50 | MandatoryKeys = @()
51 | }
52 | }
53 | $CheckSet = Test-VPASHashtableKeysHelper -InputHash $InputParameters -KeyHash $KeyHash
54 |
55 | if(!$CheckSet){
56 | $log = Write-VPASTextRecorder -inputval "FAILED TO FIND TARGET PARAMETER SET" -token $token -LogType MISC
57 | Write-Verbose "FAILED TO FIND TARGET PARAMETER SET"
58 | Write-VPASOutput -str "FAILED TO FIND TARGET PARAMETER SET...VIEW EXAMPLES BELOW:" -type E
59 | $examples = Write-VPASExampleHelper -CommandName $CommandName
60 | return $false
61 | }
62 | else{
63 | foreach($key in $InputParameters.Keys){
64 | Set-Variable -Name $key -Value $InputParameters.$key
65 | }
66 | }
67 | }
68 | }catch{
69 | $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR
70 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC
71 | Write-Verbose "FAILED TO RETRIEVE THEME DETAILS"
72 | Write-VPASOutput -str $_ -type E
73 | return $false
74 | }
75 |
76 | try{
77 | Write-Verbose "MAKING API CALL TO CYBERARK"
78 | if($NoSSL){
79 | Write-Verbose "NO SSL ENABLED, USING HTTP INSTEAD OF HTTPS"
80 | $uri = "http://$PVWA/PasswordVault/API/ActiveThemes/"
81 | }
82 | else{
83 | Write-Verbose "SSL ENABLED BY DEFAULT, USING HTTPS"
84 | $uri = "https://$PVWA/PasswordVault/API/ActiveThemes/"
85 | }
86 | $log = Write-VPASTextRecorder -inputval $uri -token $token -LogType URI
87 | $log = Write-VPASTextRecorder -inputval "DELETE" -token $token -LogType METHOD
88 |
89 | if($sessionval){
90 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method DELETE -ContentType "application/json" -WebSession $sessionval
91 | }
92 | else{
93 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method DELETE -ContentType "application/json"
94 | }
95 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: TRUE" -token $token -LogType MISC
96 | Write-Verbose "SUCCESSFULLY DISABLED CUSTOM THEME AND REVERETED BACK TO DEFAULT THEME"
97 | return $true
98 | }catch{
99 | $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR
100 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC
101 | Write-Verbose "UNABLE TO DISABLE CUSTOM THEME"
102 | Write-VPASOutput -str $_ -type E
103 | return $false
104 | }
105 | }
106 | End{
107 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType DIVIDER
108 | }
109 | }
110 |
--------------------------------------------------------------------------------
/VpasModule/14.4.1/public/Disable-VPASPlatform.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .Synopsis
3 | DEACTIVATE PLATFORM
4 | CREATED BY: Vadim Melamed, EMAIL: vpasmodule@gmail.com
5 | .DESCRIPTION
6 | USE THIS FUNCTION TO DEACTIVATE A PLATFORM (MAKE PLATFORM INACTIVE)
7 | .LINK
8 | https://vpasmodule.com/commands/Disable-VPASPlatform
9 | .NOTES
10 | SelfHosted: TRUE
11 | PrivCloudStandard: TRUE
12 | SharedServices: TRUE
13 | .PARAMETER token
14 | HashTable of data containing various pieces of login information (PVWA, LoginToken, HeaderType, etc).
15 | If -token is not passed, function will use last known hashtable generated by New-VPASToken
16 | .PARAMETER DeactivatePlatformID
17 | Unique PlatformID that will be deactivated
18 | .PARAMETER InputParameters
19 | HashTable of values containing the parameters required to make the API call
20 | .EXAMPLE
21 | $DeactivatePlatformStatus = Disable-VPASPlatform -DeactivatePlatformID {DEACTIVATE PLATFORMID VALUE}
22 | .EXAMPLE
23 | $InputParameters = @{
24 | DeactivatePlatformID = "TargetPlatformID"
25 | }
26 | $DeactivatePlatformStatus = Disable-VPASPlatform -InputParameters $InputParameters
27 | .OUTPUTS
28 | $true if successful
29 | ---
30 | $false if failed
31 | #>
32 | function Disable-VPASPlatform{
33 | [OutputType([bool])]
34 | [CmdletBinding(DefaultParameterSetName='Set1')]
35 | Param(
36 |
37 | [Parameter(Mandatory=$true,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true,HelpMessage="PlatformID of target platform to be disabled (for example: WinSeverLocal)")]
38 | [String]$DeactivatePlatformID,
39 |
40 | [Parameter(Mandatory=$true,ParameterSetName='InputParameters',ValueFromPipelineByPropertyName=$true,HelpMessage="Hashtable of parameters required to make API call, refer to get-help -examples for valid inputs")]
41 | [hashtable]$InputParameters,
42 |
43 | [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true)]
44 | [hashtable]$token
45 | )
46 |
47 | Begin{
48 | $tokenval,$sessionval,$PVWA,$Header,$ISPSS,$IdentityURL,$EnableTextRecorder,$AuditTimeStamp,$NoSSL,$VaultVersion,$HideWarnings,$AuthenticatedAs,$SubDomain,$EnableTroubleshooting = Get-VPASSession -token $token
49 | $CommandName = $MyInvocation.MyCommand.Name
50 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType COMMAND
51 | }
52 | Process{
53 | try{
54 | if($PSCmdlet.ParameterSetName -eq "InputParameters"){
55 | $KeyHash = @{
56 | set1 = @{
57 | AcceptableKeys = @("DeactivatePlatformID")
58 | MandatoryKeys = @("DeactivatePlatformID")
59 | }
60 | }
61 | $CheckSet = Test-VPASHashtableKeysHelper -InputHash $InputParameters -KeyHash $KeyHash
62 |
63 | if(!$CheckSet){
64 | $log = Write-VPASTextRecorder -inputval "FAILED TO FIND TARGET PARAMETER SET" -token $token -LogType MISC
65 | Write-Verbose "FAILED TO FIND TARGET PARAMETER SET"
66 | Write-VPASOutput -str "FAILED TO FIND TARGET PARAMETER SET...VIEW EXAMPLES BELOW:" -type E
67 | $examples = Write-VPASExampleHelper -CommandName $CommandName
68 | return $false
69 | }
70 | else{
71 | foreach($key in $InputParameters.Keys){
72 | Set-Variable -Name $key -Value $InputParameters.$key
73 | }
74 | }
75 | }
76 | }catch{
77 | $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR
78 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC
79 | Write-Verbose "FAILED TO DISABLE PLATFORM"
80 | Write-VPASOutput -str $_ -type E
81 | return $false
82 | }
83 |
84 | try{
85 |
86 | Write-Verbose "INVOKING PLATFORMID HELPER FUNCTION"
87 | $platID = Get-VPASPlatformIDHelper -token $token -platformID $DeactivatePlatformID
88 |
89 | if($platID -eq -1){
90 | $log = Write-VPASTextRecorder -inputval "COULD NOT FIND TARGET PLATFORMID" -token $token -LogType MISC
91 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC
92 | Write-Verbose "COULD NOT FIND TARGET PLATFORMID: $DeactivatePlatformID"
93 | Write-VPASOutput -str "COULD NOT FIND TARGET PLATFORMID: $DeactivatePlatformID" -type E
94 | return $false
95 | }
96 | else{
97 | Write-Verbose "FOUND PLATFORMID: $platID"
98 |
99 | Write-Verbose "MAKING API CALL TO CYBERARK"
100 | if($NoSSL){
101 | Write-Verbose "NO SSL ENABLED, USING HTTP INSTEAD OF HTTPS"
102 | $uri = "http://$PVWA/passwordvault/api/platforms/targets/$platID/deactivate/"
103 | }
104 | else{
105 | Write-Verbose "SSL ENABLED BY DEFAULT, USING HTTPS"
106 | $uri = "https://$PVWA/passwordvault/api/platforms/targets/$platID/deactivate/"
107 | }
108 | $log = Write-VPASTextRecorder -inputval $uri -token $token -LogType URI
109 | $log = Write-VPASTextRecorder -inputval "POST" -token $token -LogType METHOD
110 |
111 | if($sessionval){
112 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method POST -ContentType "application/json" -WebSession $sessionval
113 | }
114 | else{
115 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method POST -ContentType "application/json"
116 | }
117 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: TRUE" -token $token -LogType MISC
118 | Write-Verbose "SUCCESSFULLY DEACTIVATED $DeactivatePlatformID"
119 | Write-Verbose "RETURNING TRUE"
120 | return $true
121 | }
122 | }catch{
123 | $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR
124 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC
125 | Write-Verbose "UNABLE TO DEACTIVATE $DeactivatePlatformID"
126 | Write-VPASOutput -str $_ -type E
127 | return $false
128 | }
129 | }
130 | End{
131 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType DIVIDER
132 | }
133 | }
--------------------------------------------------------------------------------
/VpasModule/14.4.1/public/Enable-VPASCustomTheme.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .Synopsis
3 | ENABLE CUSTOM THEME
4 | CREATED BY: Vadim Melamed, EMAIL: vpasmodule@gmail.com
5 | .DESCRIPTION
6 | USE THIS FUNCTION TO ENABLE A CUSTOM THEME IN CYBERARK
7 | .LINK
8 | https://vpasmodule.com/commands/Enable-VPASCustomTheme
9 | .NOTES
10 | SelfHosted: TRUE
11 | PrivCloudStandard: FALSE
12 | SharedServices: FALSE
13 | .PARAMETER token
14 | HashTable of data containing various pieces of login information (PVWA, LoginToken, HeaderType, etc).
15 | If -token is not passed, function will use last known hashtable generated by New-VPASToken
16 | .PARAMETER ThemeName
17 | Unique identifier of the target theme
18 | .PARAMETER InputParameters
19 | HashTable of values containing the parameters required to make the API call
20 | .EXAMPLE
21 | $EnableThemeStatus = Enable-VPASCustomTheme -ThemeName {THEME NAME VALUE}
22 | .EXAMPLE
23 | $InputParameters = @{
24 | ThemeName = "vpasdark"
25 | }
26 | $EnableThemeStatus = Enable-VPASCustomTheme -InputParameters $InputParameters
27 | .OUTPUTS
28 | $true if successful
29 | ---
30 | $false if failed
31 | #>
32 | function Enable-VPASCustomTheme{
33 | [OutputType([bool])]
34 | [CmdletBinding(DefaultParameterSetName='Set1')]
35 | Param(
36 | [Parameter(Mandatory=$true,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true,HelpMessage="Enter theme name (for example: vpasdark)")]
37 | [String]$ThemeName,
38 |
39 | [Parameter(Mandatory=$true,ParameterSetName='InputParameters',ValueFromPipelineByPropertyName=$true,HelpMessage="Hashtable of parameters required to make API call, refer to get-help -examples for valid inputs")]
40 | [hashtable]$InputParameters,
41 |
42 | [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true)]
43 | [hashtable]$token
44 | )
45 |
46 | Begin{
47 | $tokenval,$sessionval,$PVWA,$Header,$ISPSS,$IdentityURL,$EnableTextRecorder,$AuditTimeStamp,$NoSSL,$VaultVersion,$HideWarnings,$AuthenticatedAs,$SubDomain,$EnableTroubleshooting = Get-VPASSession -token $token
48 | $CommandName = $MyInvocation.MyCommand.Name
49 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType COMMAND
50 | }
51 | Process{
52 | try{
53 | if($PSCmdlet.ParameterSetName -eq "InputParameters"){
54 | $KeyHash = @{
55 | set1 = @{
56 | AcceptableKeys = @("ThemeName")
57 | MandatoryKeys = @("ThemeName")
58 | }
59 | }
60 | $CheckSet = Test-VPASHashtableKeysHelper -InputHash $InputParameters -KeyHash $KeyHash
61 |
62 | if(!$CheckSet){
63 | $log = Write-VPASTextRecorder -inputval "FAILED TO FIND TARGET PARAMETER SET" -token $token -LogType MISC
64 | Write-Verbose "FAILED TO FIND TARGET PARAMETER SET"
65 | Write-VPASOutput -str "FAILED TO FIND TARGET PARAMETER SET...VIEW EXAMPLES BELOW:" -type E
66 | $examples = Write-VPASExampleHelper -CommandName $CommandName
67 | return $false
68 | }
69 | else{
70 | foreach($key in $InputParameters.Keys){
71 | Set-Variable -Name $key -Value $InputParameters.$key
72 | }
73 | }
74 | }
75 | }catch{
76 | $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR
77 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC
78 | Write-Verbose "FAILED TO RETRIEVE THEME DETAILS"
79 | Write-VPASOutput -str $_ -type E
80 | return $false
81 | }
82 |
83 | try{
84 | write-verbose "INITIALIZING API PARAMETERS"
85 | $params = @{
86 | themeName = $ThemeName
87 | }
88 | $log = Write-VPASTextRecorder -inputval $params -token $token -LogType PARAMS
89 | $params = $params | ConvertTo-Json
90 |
91 | Write-Verbose "MAKING API CALL TO CYBERARK"
92 | if($NoSSL){
93 | Write-Verbose "NO SSL ENABLED, USING HTTP INSTEAD OF HTTPS"
94 | $uri = "http://$PVWA/PasswordVault/API/ActiveThemes/"
95 | }
96 | else{
97 | Write-Verbose "SSL ENABLED BY DEFAULT, USING HTTPS"
98 | $uri = "https://$PVWA/PasswordVault/API/ActiveThemes/"
99 | }
100 | $log = Write-VPASTextRecorder -inputval $uri -token $token -LogType URI
101 | $log = Write-VPASTextRecorder -inputval "POST" -token $token -LogType METHOD
102 |
103 | if($sessionval){
104 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method POST -Body $params -ContentType "application/json" -WebSession $sessionval
105 | }
106 | else{
107 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method POST -Body $params -ContentType "application/json"
108 | }
109 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: TRUE" -token $token -LogType MISC
110 | Write-Verbose "SUCCESSFULLY ENABLED CUSTOM THEME: $ThemeName"
111 | return $true
112 | }catch{
113 | $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR
114 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC
115 | Write-Verbose "UNABLE TO ENABLE CUSTOM THEME"
116 | Write-VPASOutput -str $_ -type E
117 | return $false
118 | }
119 | }
120 | End{
121 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType DIVIDER
122 | }
123 | }
124 |
--------------------------------------------------------------------------------
/VpasModule/14.4.1/public/Enable-VPASGroupPlatform.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .Synopsis
3 | ACTIVATE GROUP PLATFORM
4 | CREATED BY: Vadim Melamed, EMAIL: vpasmodule@gmail.com
5 | .DESCRIPTION
6 | USE THIS FUNCTION TO ACTIVATE A GROUP PLATFORM (MAKE GROUP PLATFORM ACTIVE)
7 | .LINK
8 | https://vpasmodule.com/commands/Enable-VPASGroupPlatform
9 | .NOTES
10 | SelfHosted: TRUE
11 | PrivCloudStandard: TRUE
12 | SharedServices: TRUE
13 | .PARAMETER token
14 | HashTable of data containing various pieces of login information (PVWA, LoginToken, HeaderType, etc).
15 | If -token is not passed, function will use last known hashtable generated by New-VPASToken
16 | .PARAMETER ActivateGroupPlatformID
17 | Unique GroupPlatformID that will be activated
18 | .PARAMETER InputParameters
19 | HashTable of values containing the parameters required to make the API call
20 | .EXAMPLE
21 | $ActivateGroupPlatformStatus = Enable-VPASGroupPlatform -ActivateGroupPlatformID {ACTIVATE GROUP PLATFORMID VALUE}
22 | .EXAMPLE
23 | $InputParameters = @{
24 | ActivateGroupPlatformID = "TargetGroupPlatformID"
25 | }
26 | $ActivateGroupPlatformStatus = Enable-VPASGroupPlatform -InputParameters $InputParameters
27 | .OUTPUTS
28 | $true if successful
29 | ---
30 | $false if failed
31 | #>
32 | function Enable-VPASGroupPlatform{
33 | [OutputType([bool])]
34 | [CmdletBinding(DefaultParameterSetName='Set1')]
35 | Param(
36 |
37 | [Parameter(Mandatory=$true,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true,HelpMessage="PlatformID of target platform to be enabled (for example: GroupPlat)")]
38 | [String]$ActivateGroupPlatformID,
39 |
40 | [Parameter(Mandatory=$true,ParameterSetName='InputParameters',ValueFromPipelineByPropertyName=$true,HelpMessage="Hashtable of parameters required to make API call, refer to get-help -examples for valid inputs")]
41 | [hashtable]$InputParameters,
42 |
43 | [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true)]
44 | [hashtable]$token
45 | )
46 |
47 | Begin{
48 | $tokenval,$sessionval,$PVWA,$Header,$ISPSS,$IdentityURL,$EnableTextRecorder,$AuditTimeStamp,$NoSSL,$VaultVersion,$HideWarnings,$AuthenticatedAs,$SubDomain,$EnableTroubleshooting = Get-VPASSession -token $token
49 | $CommandName = $MyInvocation.MyCommand.Name
50 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType COMMAND
51 | }
52 | process{
53 | try{
54 | if($PSCmdlet.ParameterSetName -eq "InputParameters"){
55 | $KeyHash = @{
56 | set1 = @{
57 | AcceptableKeys = @("ActivateGroupPlatformID")
58 | MandatoryKeys = @("ActivateGroupPlatformID")
59 | }
60 | }
61 | $CheckSet = Test-VPASHashtableKeysHelper -InputHash $InputParameters -KeyHash $KeyHash
62 |
63 | if(!$CheckSet){
64 | $log = Write-VPASTextRecorder -inputval "FAILED TO FIND TARGET PARAMETER SET" -token $token -LogType MISC
65 | Write-Verbose "FAILED TO FIND TARGET PARAMETER SET"
66 | Write-VPASOutput -str "FAILED TO FIND TARGET PARAMETER SET...VIEW EXAMPLES BELOW:" -type E
67 | $examples = Write-VPASExampleHelper -CommandName $CommandName
68 | return $false
69 | }
70 | else{
71 | foreach($key in $InputParameters.Keys){
72 | Set-Variable -Name $key -Value $InputParameters.$key
73 | }
74 | }
75 | }
76 | }catch{
77 | $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR
78 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC
79 | Write-Verbose "FAILED TO ENABLE GROUP PLATFORM"
80 | Write-VPASOutput -str $_ -type E
81 | return $false
82 | }
83 |
84 | try{
85 |
86 | Write-Verbose "INVOKING GROUP PLATFORMID HELPER FUNCTION"
87 | $platID = Get-VPASGroupPlatformIDHelper -token $token -groupplatformID $ActivateGroupPlatformID
88 |
89 | if($platID -eq -1){
90 | $log = Write-VPASTextRecorder -inputval "COULD NOT FIND TARGET GROUP PLATFORMID" -token $token -LogType MISC
91 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC
92 | Write-Verbose "COULD NOT FIND TARGET GROUP PLATFORMID: $ActivateGroupPlatformID"
93 | Write-VPASOutput -str "COULD NOT FIND TARGET GROUP PLATFORMID: $ActivateGroupPlatformID" -type E
94 | return $false
95 | }
96 | else{
97 | Write-Verbose "FOUND PLATFORMID: $platID"
98 |
99 | Write-Verbose "MAKING API CALL TO CYBERARK"
100 | if($NoSSL){
101 | Write-Verbose "NO SSL ENABLED, USING HTTP INSTEAD OF HTTPS"
102 | $uri = "http://$PVWA/passwordvault/api/platforms/groups/$platID/activate/"
103 | }
104 | else{
105 | Write-Verbose "SSL ENABLED BY DEFAULT, USING HTTPS"
106 | $uri = "https://$PVWA/passwordvault/api/platforms/groups/$platID/activate/"
107 | }
108 | $log = Write-VPASTextRecorder -inputval $uri -token $token -LogType URI
109 | $log = Write-VPASTextRecorder -inputval "POST" -token $token -LogType METHOD
110 |
111 | if($sessionval){
112 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method POST -ContentType "application/json" -WebSession $sessionval
113 | }
114 | else{
115 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method POST -ContentType "application/json"
116 | }
117 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: TRUE" -token $token -LogType MISC
118 | Write-Verbose "SUCCESSFULLY ACTIVATED $ActivateGroupPlatformID"
119 | Write-Verbose "RETURNING TRUE"
120 | return $true
121 | }
122 | }catch{
123 | $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR
124 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC
125 | Write-Verbose "UNABLE TO ACTIVATE $ActivateGroupPlatformID"
126 | Write-VPASOutput -str $_ -type E
127 | return $false
128 | }
129 | }
130 | End{
131 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType DIVIDER
132 | }
133 | }
--------------------------------------------------------------------------------
/VpasModule/14.4.1/public/Enable-VPASPlatform.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .Synopsis
3 | ACTIVATE PLATFORM
4 | CREATED BY: Vadim Melamed, EMAIL: vpasmodule@gmail.com
5 | .DESCRIPTION
6 | USE THIS FUNCTION TO ACTIVATE A PLATFORM (MAKE PLATFORM ACTIVE)
7 | .LINK
8 | https://vpasmodule.com/commands/Enable-VPASPlatform
9 | .NOTES
10 | SelfHosted: TRUE
11 | PrivCloudStandard: TRUE
12 | SharedServices: TRUE
13 | .PARAMETER token
14 | HashTable of data containing various pieces of login information (PVWA, LoginToken, HeaderType, etc).
15 | If -token is not passed, function will use last known hashtable generated by New-VPASToken
16 | .PARAMETER ActivatePlatformID
17 | Unique PlatformID that will be activated
18 | .PARAMETER InputParameters
19 | HashTable of values containing the parameters required to make the API call
20 | .EXAMPLE
21 | $ActivatePlatformStatus = Enable-VPASPlatform -ActivatePlatformID {ACTIVATE PLATFORMID VALUE}
22 | .EXAMPLE
23 | $InputParameters = @{
24 | ActivatePlatformID = "TargetPlatformID"
25 | }
26 | $ActivatePlatformStatus = Enable-VPASPlatform -InputParameters $InputParameters
27 | .OUTPUTS
28 | $true if successful
29 | ---
30 | $false if failed
31 | #>
32 | function Enable-VPASPlatform{
33 | [OutputType([bool])]
34 | [CmdletBinding(DefaultParameterSetName='Set1')]
35 | Param(
36 |
37 | [Parameter(Mandatory=$true,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true,HelpMessage="PlatformID of target platform to be enabled (for example: WinSeverLocal)")]
38 | [String]$ActivatePlatformID,
39 |
40 | [Parameter(Mandatory=$true,ParameterSetName='InputParameters',ValueFromPipelineByPropertyName=$true,HelpMessage="Hashtable of parameters required to make API call, refer to get-help -examples for valid inputs")]
41 | [hashtable]$InputParameters,
42 |
43 | [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true)]
44 | [hashtable]$token
45 | )
46 |
47 | Begin{
48 | $tokenval,$sessionval,$PVWA,$Header,$ISPSS,$IdentityURL,$EnableTextRecorder,$AuditTimeStamp,$NoSSL,$VaultVersion,$HideWarnings,$AuthenticatedAs,$SubDomain,$EnableTroubleshooting = Get-VPASSession -token $token
49 | $CommandName = $MyInvocation.MyCommand.Name
50 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType COMMAND
51 | }
52 | Process{
53 | try{
54 | if($PSCmdlet.ParameterSetName -eq "InputParameters"){
55 | $KeyHash = @{
56 | set1 = @{
57 | AcceptableKeys = @("ActivatePlatformID")
58 | MandatoryKeys = @("ActivatePlatformID")
59 | }
60 | }
61 | $CheckSet = Test-VPASHashtableKeysHelper -InputHash $InputParameters -KeyHash $KeyHash
62 |
63 | if(!$CheckSet){
64 | $log = Write-VPASTextRecorder -inputval "FAILED TO FIND TARGET PARAMETER SET" -token $token -LogType MISC
65 | Write-Verbose "FAILED TO FIND TARGET PARAMETER SET"
66 | Write-VPASOutput -str "FAILED TO FIND TARGET PARAMETER SET...VIEW EXAMPLES BELOW:" -type E
67 | $examples = Write-VPASExampleHelper -CommandName $CommandName
68 | return $false
69 | }
70 | else{
71 | foreach($key in $InputParameters.Keys){
72 | Set-Variable -Name $key -Value $InputParameters.$key
73 | }
74 | }
75 | }
76 | }catch{
77 | $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR
78 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC
79 | Write-Verbose "FAILED TO ENABLE PLATFORM"
80 | Write-VPASOutput -str $_ -type E
81 | return $false
82 | }
83 |
84 | try{
85 |
86 | Write-Verbose "INVOKING PLATFORMID HELPER FUNCTION"
87 | $platID = Get-VPASPlatformIDHelper -token $token -platformID $ActivatePlatformID
88 |
89 | if($platID -eq -1){
90 | $log = Write-VPASTextRecorder -inputval "COULD NOT FIND TARGET PLATFORMID" -token $token -LogType MISC
91 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC
92 | Write-Verbose "COULD NOT FIND TARGET PLATFORMID: $ActivatePlatformID"
93 | Write-VPASOutput -str "COULD NOT FIND TARGET PLATFORMID: $ActivatePlatformID" -type E
94 | return $false
95 | }
96 | else{
97 | Write-Verbose "FOUND PLATFORMID: $platID"
98 |
99 | Write-Verbose "MAKING API CALL TO CYBERARK"
100 | if($NoSSL){
101 | Write-Verbose "NO SSL ENABLED, USING HTTP INSTEAD OF HTTPS"
102 | $uri = "http://$PVWA/passwordvault/api/platforms/targets/$platID/activate/"
103 | }
104 | else{
105 | Write-Verbose "SSL ENABLED BY DEFAULT, USING HTTPS"
106 | $uri = "https://$PVWA/passwordvault/api/platforms/targets/$platID/activate/"
107 | }
108 | $log = Write-VPASTextRecorder -inputval $uri -token $token -LogType URI
109 | $log = Write-VPASTextRecorder -inputval "POST" -token $token -LogType METHOD
110 |
111 | if($sessionval){
112 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method POST -ContentType "application/json" -WebSession $sessionval
113 | }
114 | else{
115 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method POST -ContentType "application/json"
116 | }
117 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: TRUE" -token $token -LogType MISC
118 | Write-Verbose "SUCCESSFULLY ACTIVATED $ActivatePlatformID"
119 | Write-Verbose "RETURNING TRUE"
120 | return $true
121 | }
122 | }catch{
123 | $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR
124 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC
125 | Write-Verbose "UNABLE TO ACTIVATE $ActivatePlatformID"
126 | Write-VPASOutput -str $_ -type E
127 | return $false
128 | }
129 | }
130 | End{
131 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType DIVIDER
132 | }
133 | }
--------------------------------------------------------------------------------
/VpasModule/14.4.1/public/Get-VPASAllDirectories.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .Synopsis
3 | GET ALL DIRECTORIES DETAILS
4 | CREATED BY: Vadim Melamed, EMAIL: vpasmodule@gmail.com
5 | .DESCRIPTION
6 | USE THIS FUNCTION TO GET ALL DIRECTORIES INTEGRATED WITH CYBERARK
7 | .LINK
8 | https://vpasmodule.com/commands/Get-VPASAllDirectories
9 | .NOTES
10 | SelfHosted: TRUE
11 | PrivCloudStandard: TRUE
12 | SharedServices: FALSE
13 | .PARAMETER token
14 | HashTable of data containing various pieces of login information (PVWA, LoginToken, HeaderType, etc).
15 | If -token is not passed, function will use last known hashtable generated by New-VPASToken
16 | .PARAMETER InputParameters
17 | HashTable of values containing the parameters required to make the API call
18 | .PARAMETER ExportToCSV
19 | Output results to a CSV file found in AppData\Local\VPASModuleOutputs directory
20 | .PARAMETER CSVDirectory
21 | Output directory where the exported CSV file will be saved to
22 | Default value: C:\Users\{CurrentUser}\AppData\Local\VPASModuleOutputs\ExportedCSVs
23 | .EXAMPLE
24 | $AllDirectoriesJSON = Get-VPASAllDirectories
25 | .EXAMPLE
26 | $InputParameters = @{
27 | ExportToCSV = $true|$false
28 | CSVDirectory = "C:\Temp"
29 | }
30 | $AllDirectoriesJSON = Get-VPASAllDirectories -InputParameters $InputParameters
31 | .OUTPUTS
32 | If successful:
33 | {
34 | "DomainName": "vman.com",
35 | "DomainBaseContext": "DC=vman,DC=com"
36 | }
37 | ---
38 | $false if failed
39 | #>
40 | function Get-VPASAllDirectories{
41 | [OutputType('System.Object',[bool])]
42 | [CmdletBinding(DefaultParameterSetName='Set1')]
43 | Param(
44 | [Parameter(Mandatory=$false,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true)]
45 | [Switch]$ExportToCSV,
46 |
47 | [Parameter(Mandatory=$false,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true)]
48 | [String]$CSVDirectory,
49 |
50 | [Parameter(Mandatory=$true,ParameterSetName='InputParameters',ValueFromPipelineByPropertyName=$true,HelpMessage="Hashtable of parameters required to make API call, refer to get-help -examples for valid inputs")]
51 | [hashtable]$InputParameters,
52 |
53 | [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true)]
54 | [hashtable]$token
55 | )
56 |
57 | Begin{
58 | $tokenval,$sessionval,$PVWA,$Header,$ISPSS,$IdentityURL,$EnableTextRecorder,$AuditTimeStamp,$NoSSL,$VaultVersion,$HideWarnings,$AuthenticatedAs,$SubDomain,$EnableTroubleshooting = Get-VPASSession -token $token
59 | $CommandName = $MyInvocation.MyCommand.Name
60 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType COMMAND
61 | }
62 | Process{
63 | try{
64 | if($PSCmdlet.ParameterSetName -eq "InputParameters"){
65 | $KeyHash = @{
66 | set1 = @{
67 | AcceptableKeys = @("ExportToCSV","CSVDirectory")
68 | MandatoryKeys = @()
69 | }
70 | }
71 | $CheckSet = Test-VPASHashtableKeysHelper -InputHash $InputParameters -KeyHash $KeyHash
72 |
73 | if(!$CheckSet){
74 | $log = Write-VPASTextRecorder -inputval "FAILED TO FIND TARGET PARAMETER SET" -token $token -LogType MISC
75 | Write-Verbose "FAILED TO FIND TARGET PARAMETER SET"
76 | Write-VPASOutput -str "FAILED TO FIND TARGET PARAMETER SET...VIEW EXAMPLES BELOW:" -type E
77 | $examples = Write-VPASExampleHelper -CommandName $CommandName
78 | return $false
79 | }
80 | else{
81 | foreach($key in $InputParameters.Keys){
82 | Set-Variable -Name $key -Value $InputParameters.$key
83 | }
84 | }
85 | }
86 | }catch{
87 | $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR
88 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC
89 | Write-Verbose "FAILED TO RETRIEVE DIRECTORIES"
90 | Write-VPASOutput -str $_ -type E
91 | return $false
92 | }
93 |
94 | try{
95 |
96 | if($NoSSL){
97 | Write-Verbose "NO SSL ENABLED, USING HTTP INSTEAD OF HTTPS"
98 | $uri = "http://$PVWA/PasswordVault/API/Configuration/LDAP/Directories/"
99 | }
100 | else{
101 | Write-Verbose "SSL ENABLED BY DEFAULT, USING HTTPS"
102 | $uri = "https://$PVWA/PasswordVault/API/Configuration/LDAP/Directories/"
103 | }
104 | $log = Write-VPASTextRecorder -inputval $uri -token $token -LogType URI
105 | $log = Write-VPASTextRecorder -inputval "GET" -token $token -LogType METHOD
106 |
107 | Write-Verbose "MAKING API CALL TO CYBERARK"
108 |
109 | if($sessionval){
110 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json" -WebSession $sessionval
111 | }
112 | else{
113 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json"
114 | }
115 | $outputlog = $response | ConvertTo-Json | ConvertFrom-Json
116 | $log = Write-VPASTextRecorder -inputval $outputlog -token $token -LogType RETURN
117 | Write-Verbose "SUCCESSFULLY RETRIEVED DETAILS FOR ALL DIRECTORIES"
118 | Write-Verbose "RETURNING JSON OBJECT"
119 | if($ExportToCSV){
120 | $runexport = Write-VPASExportCSV -Data $response -CommandName $CommandName -CSVDirectory $CSVDirectory
121 | }
122 | return $response
123 | }catch{
124 | $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR
125 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC
126 | Write-Verbose "UNABLE TO RETRIEVE ALL DIRECTORIES"
127 | Write-VPASOutput -str $_ -type E
128 | return $false
129 | }
130 | }
131 | End{
132 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType DIVIDER
133 | }
134 | }
135 |
--------------------------------------------------------------------------------
/VpasModule/14.4.1/public/Get-VPASIdentityCurrentUserDetails.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .Synopsis
3 | GET CURRENT LOGGED IN USER DETAILS IN IDENTITY
4 | CREATED BY: Vadim Melamed, EMAIL: vpasmodule@gmail.com
5 | .DESCRIPTION
6 | USE THIS FUNCTION TO RETRIEVE DETAILS OF THE CURRENT LOGGED IN USER IN IDENTITY
7 | .LINK
8 | https://vpasmodule.com/commands/Get-VPASIdentityCurrentUserDetails
9 | .NOTES
10 | SelfHosted: FALSE
11 | PrivCloudStandard: FALSE
12 | SharedServices: TRUE
13 | .PARAMETER token
14 | HashTable of data containing various pieces of login information (PVWA, LoginToken, HeaderType, etc).
15 | If -token is not passed, function will use last known hashtable generated by New-VPASToken
16 | .PARAMETER InputParameters
17 | HashTable of values containing the parameters required to make the API call
18 | .PARAMETER ExportToCSV
19 | Output results to a CSV file found in AppData\Local\VPASModuleOutputs directory
20 | .PARAMETER CSVDirectory
21 | Output directory where the exported CSV file will be saved to
22 | Default value: C:\Users\{CurrentUser}\AppData\Local\VPASModuleOutputs\ExportedCSVs
23 | .EXAMPLE
24 | $CurrentUserDetails = Get-VPASIdentityCurrentUserDetails
25 | .EXAMPLE
26 | $InputParameters = @{
27 | ExportToCSV = $true|$false
28 | CSVDirectory = "C:\Temp"
29 | }
30 | $CurrentUserDetails = Get-VPASIdentityCurrentUserDetails -InputParameters $InputParameters
31 | .OUTPUTS
32 | If successful:
33 | {
34 | "User": "vadim@vman.com",
35 | "UserUuid": "jlakjd789-1234-5678-abcd-4782jskfhkjsw7",
36 | "TenantId": "AA12345"
37 | }
38 | ---
39 | $false if failed
40 | #>
41 | function Get-VPASIdentityCurrentUserDetails{
42 | [OutputType('System.Object',[bool])]
43 | [CmdletBinding(DefaultParameterSetName='Set1')]
44 | Param(
45 | [Parameter(Mandatory=$false,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true)]
46 | [Switch]$ExportToCSV,
47 |
48 | [Parameter(Mandatory=$false,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true)]
49 | [String]$CSVDirectory,
50 |
51 | [Parameter(Mandatory=$true,ParameterSetName='InputParameters',ValueFromPipelineByPropertyName=$true,HelpMessage="Hashtable of parameters required to make API call, refer to get-help -examples for valid inputs")]
52 | [hashtable]$InputParameters,
53 |
54 | [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true)]
55 | [hashtable]$token
56 | )
57 |
58 | Begin{
59 | $tokenval,$sessionval,$PVWA,$Header,$ISPSS,$IdentityURL,$EnableTextRecorder,$AuditTimeStamp,$NoSSL,$VaultVersion,$HideWarnings,$AuthenticatedAs,$SubDomain,$EnableTroubleshooting = Get-VPASSession -token $token
60 | $CommandName = $MyInvocation.MyCommand.Name
61 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType COMMAND
62 | }
63 | Process{
64 | try{
65 | if($PSCmdlet.ParameterSetName -eq "InputParameters"){
66 | $KeyHash = @{
67 | set1 = @{
68 | AcceptableKeys = @("ExportToCSV","CSVDirectory")
69 | MandatoryKeys = @()
70 | }
71 | }
72 | $CheckSet = Test-VPASHashtableKeysHelper -InputHash $InputParameters -KeyHash $KeyHash
73 |
74 | if(!$CheckSet){
75 | $log = Write-VPASTextRecorder -inputval "FAILED TO FIND TARGET PARAMETER SET" -token $token -LogType MISC
76 | Write-Verbose "FAILED TO FIND TARGET PARAMETER SET"
77 | Write-VPASOutput -str "FAILED TO FIND TARGET PARAMETER SET...VIEW EXAMPLES BELOW:" -type E
78 | $examples = Write-VPASExampleHelper -CommandName $CommandName
79 | return $false
80 | }
81 | else{
82 | foreach($key in $InputParameters.Keys){
83 | Set-Variable -Name $key -Value $InputParameters.$key
84 | }
85 | }
86 | }
87 | }catch{
88 | $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR
89 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC
90 | Write-Verbose "FAILED RETRIEVE USER DETAILS"
91 | Write-VPASOutput -str $_ -type E
92 | return $false
93 | }
94 |
95 | try{
96 |
97 | if(!$IdentityURL){
98 | $log = Write-VPASTextRecorder -inputval "LOGIN TOKEN WAS NOT GENERATED THROUGH IDENTITY" -token $token -LogType MISC
99 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC
100 | Write-VPASOutput -str "LOGIN TOKEN WAS NOT GENERATED THROUGH IDENTITY, TERMINATING API CALL" -type E
101 | return $false
102 | }
103 |
104 | if($NoSSL){
105 | Write-Verbose "NO SSL ENABLED, USING HTTP INSTEAD OF HTTPS"
106 | $uri = "http://$IdentityURL/Security/WhoAmI"
107 | }
108 | else{
109 | Write-Verbose "SSL ENABLED BY DEFAULT, USING HTTPS"
110 | $uri = "https://$IdentityURL/Security/WhoAmI"
111 | }
112 | $log = Write-VPASTextRecorder -inputval $uri -token $token -LogType URI
113 | $log = Write-VPASTextRecorder -inputval "GET" -token $token -LogType METHOD
114 |
115 | if($sessionval){
116 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method POST -ContentType "application/json" -WebSession $sessionval
117 | }
118 | else{
119 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method POST -ContentType "application/json"
120 | }
121 | if($ExportToCSV){
122 | $runexport = Write-VPASExportCSV -Data $response.Result -CommandName $CommandName -CSVDirectory $CSVDirectory
123 | }
124 | Write-Verbose "PARSING DATA FROM CYBERARK"
125 | $outputlog = $response.Result
126 | $log = Write-VPASTextRecorder -inputval $outputlog -token $token -LogType RETURN
127 | return $response.Result
128 | }catch{
129 | $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR
130 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC
131 | Write-Verbose "FAILED TO GET CURRENT USER DETAILS"
132 | Write-VPASOutput -str $_ -type E
133 | return $false
134 | }
135 | }
136 | End{
137 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType DIVIDER
138 | }
139 | }
--------------------------------------------------------------------------------
/VpasModule/14.4.1/public/Get-VPASVaultVersion.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .Synopsis
3 | GET VAULT VERSION
4 | CREATED BY: Vadim Melamed, EMAIL: vpasmodule@gmail.com
5 | .DESCRIPTION
6 | USE THIS FUNCTION TO GET CURRENT VERSION OF THE VAULT
7 | .LINK
8 | https://vpasmodule.com/commands/Get-VPASVaultVersion
9 | .NOTES
10 | SelfHosted: TRUE
11 | PrivCloudStandard: TRUE
12 | SharedServices: TRUE
13 | .PARAMETER token
14 | HashTable of data containing various pieces of login information (PVWA, LoginToken, HeaderType, etc).
15 | If -token is not passed, function will use last known hashtable generated by New-VPASToken
16 | .PARAMETER InputParameters
17 | HashTable of values containing the parameters required to make the API call
18 | .PARAMETER ExportToCSV
19 | Output results to a CSV file found in AppData\Local\VPASModuleOutputs directory
20 | .PARAMETER CSVDirectory
21 | Output directory where the exported CSV file will be saved to
22 | Default value: C:\Users\{CurrentUser}\AppData\Local\VPASModuleOutputs\ExportedCSVs
23 | .EXAMPLE
24 | $VaultVersionJSON = Get-VPASVaultVersion
25 | .EXAMPLE
26 | $InputParameters = @{
27 | ExportToCSV = $true|$false
28 | CSVDirectory = "C:\Temp"
29 | }
30 | $VaultVersionJSON = Get-VPASVaultVersion -InputParameters $InputParameters
31 | .OUTPUTS
32 | If successful:
33 | {
34 | "ExternalVersion": "14.2.0",
35 | "InternalVersion": "14.2.0.1",
36 | "ServerName": "Vault"
37 | }
38 | ---
39 | $false if failed
40 | #>
41 | function Get-VPASVaultVersion{
42 | [OutputType('System.Object',[bool])]
43 | [CmdletBinding(DefaultParameterSetName='Set1')]
44 | Param(
45 | [Parameter(Mandatory=$false,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true)]
46 | [Switch]$ExportToCSV,
47 |
48 | [Parameter(Mandatory=$false,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true)]
49 | [String]$CSVDirectory,
50 |
51 | [Parameter(Mandatory=$true,ParameterSetName='InputParameters',ValueFromPipelineByPropertyName=$true,HelpMessage="Hashtable of parameters required to make API call, refer to get-help -examples for valid inputs")]
52 | [hashtable]$InputParameters,
53 |
54 | [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true)]
55 | [hashtable]$token
56 | )
57 |
58 | Begin{
59 | $tokenval,$sessionval,$PVWA,$Header,$ISPSS,$IdentityURL,$EnableTextRecorder,$AuditTimeStamp,$NoSSL,$VaultVersion,$HideWarnings,$AuthenticatedAs,$SubDomain,$EnableTroubleshooting = Get-VPASSession -token $token
60 | $CommandName = $MyInvocation.MyCommand.Name
61 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType COMMAND
62 | }
63 | Process{
64 | try{
65 | if($PSCmdlet.ParameterSetName -eq "InputParameters"){
66 | $KeyHash = @{
67 | set1 = @{
68 | AcceptableKeys = @("ExportToCSV","CSVDirectory")
69 | MandatoryKeys = @()
70 | }
71 | }
72 | $CheckSet = Test-VPASHashtableKeysHelper -InputHash $InputParameters -KeyHash $KeyHash
73 |
74 | if(!$CheckSet){
75 | $log = Write-VPASTextRecorder -inputval "FAILED TO FIND TARGET PARAMETER SET" -token $token -LogType MISC
76 | Write-Verbose "FAILED TO FIND TARGET PARAMETER SET"
77 | Write-VPASOutput -str "FAILED TO FIND TARGET PARAMETER SET...VIEW EXAMPLES BELOW:" -type E
78 | $examples = Write-VPASExampleHelper -CommandName $CommandName
79 | return $false
80 | }
81 | else{
82 | foreach($key in $InputParameters.Keys){
83 | Set-Variable -Name $key -Value $InputParameters.$key
84 | }
85 | }
86 | }
87 | }catch{
88 | $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR
89 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC
90 | Write-Verbose "FAILED TO GET VAULT VERSION"
91 | Write-VPASOutput -str $_ -type E
92 | return $false
93 | }
94 |
95 | try{
96 |
97 | if($NoSSL){
98 | Write-Verbose "NO SSL ENABLED, USING HTTP INSTEAD OF HTTPS"
99 | $uri = "http://$PVWA/PasswordVault/WebServices/PIMServices.svc/Server"
100 | }
101 | else{
102 | Write-Verbose "SSL ENABLED BY DEFAULT, USING HTTPS"
103 | $uri = "https://$PVWA/PasswordVault/WebServices/PIMServices.svc/Server"
104 | }
105 | $log = Write-VPASTextRecorder -inputval $uri -token $token -LogType URI
106 | $log = Write-VPASTextRecorder -inputval "GET" -token $token -LogType METHOD
107 | write-verbose "MAKING API CALL TO CYBERARK"
108 |
109 | if($sessionval){
110 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json" -WebSession $sessionval
111 | }
112 | else{
113 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json"
114 | }
115 | if($ExportToCSV){
116 | $runexport = Write-VPASExportCSV -Data $response -CommandName $CommandName -CSVDirectory $CSVDirectory
117 | }
118 | $log = Write-VPASTextRecorder -inputval $response -token $token -LogType RETURN
119 | Write-Verbose "RETURNING JSON OBJECT"
120 | return $response
121 | }catch{
122 | $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR
123 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC
124 | Write-Verbose "UNABLE TO GET VAULT VERSION"
125 | Write-VPASOutput -str $_ -type E
126 | return $false
127 | }
128 | }
129 | End{
130 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType DIVIDER
131 | }
132 | }
133 |
--------------------------------------------------------------------------------
/VpasModule/14.4.1/public/Import-VPASConnectionComponent.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .Synopsis
3 | IMPORT CONNECTION COMPONENT TO CYBERARK
4 | CREATED BY: Vadim Melamed, EMAIL: vpasmodule@gmail.com
5 | .DESCRIPTION
6 | USE THIS FUNCTION TO IMPORT A CONNECTION COMPONENT TO CYBERARK
7 | .LINK
8 | https://vpasmodule.com/commands/Import-VPASConnectionComponent
9 | .NOTES
10 | SelfHosted: TRUE
11 | PrivCloudStandard: TRUE
12 | SharedServices: TRUE
13 | .PARAMETER token
14 | HashTable of data containing various pieces of login information (PVWA, LoginToken, HeaderType, etc).
15 | If -token is not passed, function will use last known hashtable generated by New-VPASToken
16 | .PARAMETER ZipPath
17 | The location of the zip file containing connection component details files
18 | .PARAMETER InputParameters
19 | HashTable of values containing the parameters required to make the API call
20 | .EXAMPLE
21 | $ImportConnectionComponentJSON = Import-VPASConnectionComponent -ZipPath {C:\ExampleDir\ExampleConnectionComponent.zip}
22 | .EXAMPLE
23 | $InputParameters = @{
24 | ZipPath = "C:\Temp\ImportPlatform.zip"
25 | }
26 | $ImportConnectionComponentJSON = Import-VPASConnectionComponent -InputParameters $InputParameters
27 | .OUTPUTS
28 | If successful:
29 | {
30 | "ConnectionComponentID": "PSM-VPASConnector"
31 | }
32 | ---
33 | $false if failed
34 | #>
35 | function Import-VPASConnectionComponent{
36 | [OutputType('System.Object',[bool])]
37 | [CmdletBinding(DefaultParameterSetName='Set1')]
38 | Param(
39 |
40 | [Parameter(Mandatory=$true,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true,HelpMessage="Enter zip file containing connection component details files (for example: C:\Temp\ImportCC.zip)")]
41 | [String]$ZipPath,
42 |
43 | [Parameter(Mandatory=$true,ParameterSetName='InputParameters',ValueFromPipelineByPropertyName=$true,HelpMessage="Hashtable of parameters required to make API call, refer to get-help -examples for valid inputs")]
44 | [hashtable]$InputParameters,
45 |
46 | [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true)]
47 | [hashtable]$token
48 | )
49 |
50 | Begin{
51 | $tokenval,$sessionval,$PVWA,$Header,$ISPSS,$IdentityURL,$EnableTextRecorder,$AuditTimeStamp,$NoSSL,$VaultVersion,$HideWarnings,$AuthenticatedAs,$SubDomain,$EnableTroubleshooting = Get-VPASSession -token $token
52 | $CommandName = $MyInvocation.MyCommand.Name
53 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType COMMAND
54 | }
55 | Process{
56 | try{
57 | if($PSCmdlet.ParameterSetName -eq "InputParameters"){
58 | $KeyHash = @{
59 | set1 = @{
60 | AcceptableKeys = @("ZipPath")
61 | MandatoryKeys = @("ZipPath")
62 | }
63 | }
64 | $CheckSet = Test-VPASHashtableKeysHelper -InputHash $InputParameters -KeyHash $KeyHash
65 |
66 | if(!$CheckSet){
67 | $log = Write-VPASTextRecorder -inputval "FAILED TO FIND TARGET PARAMETER SET" -token $token -LogType MISC
68 | Write-Verbose "FAILED TO FIND TARGET PARAMETER SET"
69 | Write-VPASOutput -str "FAILED TO FIND TARGET PARAMETER SET...VIEW EXAMPLES BELOW:" -type E
70 | $examples = Write-VPASExampleHelper -CommandName $CommandName
71 | return $false
72 | }
73 | else{
74 | foreach($key in $InputParameters.Keys){
75 | Set-Variable -Name $key -Value $InputParameters.$key
76 | }
77 | }
78 | }
79 | }catch{
80 | $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR
81 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC
82 | Write-Verbose "FAILED TO IMPORT CONNECTION COMPONENT"
83 | Write-VPASOutput -str $_ -type E
84 | return $false
85 | }
86 |
87 | try{
88 |
89 | $ZipPathArray = [System.IO.File]::ReadAllBytes($ZipPath)
90 | Write-Verbose "CONVERTED ZIP FILE TO BYTE ARRAY"
91 |
92 | Write-Verbose "INITIALIZING BODY PARAMETERS"
93 | $params = @{
94 | ImportFile = $ZipPathArray
95 | }
96 | $log = Write-VPASTextRecorder -inputval $params -token $token -LogType PARAMS
97 | $params = $params | ConvertTo-Json
98 |
99 | if($NoSSL){
100 | Write-Verbose "NO SSL ENABLED, USING HTTP INSTEAD OF HTTPS"
101 | $uri = "http://$PVWA/PasswordVault/API/ConnectionComponents/Import/"
102 | }
103 | else{
104 | Write-Verbose "SSL ENABLED BY DEFAULT, USING HTTPS"
105 | $uri = "https://$PVWA/PasswordVault/API/ConnectionComponents/Import/"
106 | }
107 | $log = Write-VPASTextRecorder -inputval $uri -token $token -LogType URI
108 | $log = Write-VPASTextRecorder -inputval "POST" -token $token -LogType METHOD
109 | Write-Verbose "MAKING API CALL TO CYBERARK"
110 |
111 | if($sessionval){
112 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Body $params -Method POST -ContentType "application/json" -WebSession $sessionval
113 | }
114 | else{
115 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Body $params -Method POST -ContentType "application/json"
116 | }
117 | $outputlog = $response
118 | $log = Write-VPASTextRecorder -inputval $outputlog -token $token -LogType RETURN
119 | Write-Verbose "SUCCESSFULLY IMPORTED $ZipPath"
120 | Write-Verbose "RETURNING NEW CONNECTION COMPONENT "
121 | return $response
122 |
123 | }catch{
124 | $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR
125 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC
126 | Write-Verbose "UNABLE TO IMPORT $ZipPath"
127 | Write-VPASOutput -str $_ -type E
128 | return $false
129 | }
130 | }
131 | End{
132 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType DIVIDER
133 | }
134 | }
135 |
--------------------------------------------------------------------------------
/VpasModule/14.4.1/public/Import-VPASPlatform.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .Synopsis
3 | IMPORT PLATFORM TO CYBERARK
4 | CREATED BY: Vadim Melamed, EMAIL: vpasmodule@gmail.com
5 | .DESCRIPTION
6 | USE THIS FUNCTION TO IMPORT A PLATFORM FROM CYBERARK
7 | .LINK
8 | https://vpasmodule.com/commands/Import-VPASPlatform
9 | .NOTES
10 | SelfHosted: TRUE
11 | PrivCloudStandard: TRUE
12 | SharedServices: TRUE
13 | .PARAMETER token
14 | HashTable of data containing various pieces of login information (PVWA, LoginToken, HeaderType, etc).
15 | If -token is not passed, function will use last known hashtable generated by New-VPASToken
16 | .PARAMETER ZipPath
17 | The location of the zip file containing platform details files
18 | .PARAMETER InputParameters
19 | HashTable of values containing the parameters required to make the API call
20 | .EXAMPLE
21 | $ImportPlatformJSON = Import-VPASPlatform -ZipPath {C:\ExampleDir\ExamplePlatform.zip}
22 | .EXAMPLE
23 | $InputParameters = @{
24 | ZipPath = "C:\Temp\ImportPlatform.zip"
25 | }
26 | $ImportPlatformJSON = Import-VPASPlatform -InputParameters $InputParameters
27 | .OUTPUTS
28 | If successful:
29 | {
30 | "PlatformID": "ExamplePlatform"
31 | }
32 | ---
33 | $false if failed
34 | #>
35 | function Import-VPASPlatform{
36 | [OutputType('System.Object',[bool])]
37 | [CmdletBinding(DefaultParameterSetName='Set1')]
38 | Param(
39 |
40 | [Parameter(Mandatory=$true,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true,HelpMessage="Enter zip file containing platform details files (for example: C:\Temp\ImportPlatform.zip)")]
41 | [String]$ZipPath,
42 |
43 | [Parameter(Mandatory=$true,ParameterSetName='InputParameters',ValueFromPipelineByPropertyName=$true,HelpMessage="Hashtable of parameters required to make API call, refer to get-help -examples for valid inputs")]
44 | [hashtable]$InputParameters,
45 |
46 | [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true)]
47 | [hashtable]$token
48 | )
49 |
50 | Begin{
51 | $tokenval,$sessionval,$PVWA,$Header,$ISPSS,$IdentityURL,$EnableTextRecorder,$AuditTimeStamp,$NoSSL,$VaultVersion,$HideWarnings,$AuthenticatedAs,$SubDomain,$EnableTroubleshooting = Get-VPASSession -token $token
52 | $CommandName = $MyInvocation.MyCommand.Name
53 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType COMMAND
54 | }
55 | Process{
56 | try{
57 | if($PSCmdlet.ParameterSetName -eq "InputParameters"){
58 | $KeyHash = @{
59 | set1 = @{
60 | AcceptableKeys = @("ZipPath")
61 | MandatoryKeys = @("ZipPath")
62 | }
63 | }
64 | $CheckSet = Test-VPASHashtableKeysHelper -InputHash $InputParameters -KeyHash $KeyHash
65 |
66 | if(!$CheckSet){
67 | $log = Write-VPASTextRecorder -inputval "FAILED TO FIND TARGET PARAMETER SET" -token $token -LogType MISC
68 | Write-Verbose "FAILED TO FIND TARGET PARAMETER SET"
69 | Write-VPASOutput -str "FAILED TO FIND TARGET PARAMETER SET...VIEW EXAMPLES BELOW:" -type E
70 | $examples = Write-VPASExampleHelper -CommandName $CommandName
71 | return $false
72 | }
73 | else{
74 | foreach($key in $InputParameters.Keys){
75 | Set-Variable -Name $key -Value $InputParameters.$key
76 | }
77 | }
78 | }
79 | }catch{
80 | $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR
81 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC
82 | Write-Verbose "FAILED TO IMPORT PLATFORM"
83 | Write-VPASOutput -str $_ -type E
84 | return $false
85 | }
86 |
87 | try{
88 |
89 | $ZipPathArray = [System.IO.File]::ReadAllBytes($ZipPath)
90 | Write-Verbose "CONVERTED ZIP FILE TO BYTE ARRAY"
91 |
92 | Write-Verbose "INITIALIZING BODY PARAMETERS"
93 | $params = @{
94 | ImportFile = $ZipPathArray
95 | }
96 | $log = Write-VPASTextRecorder -inputval $params -token $token -LogType PARAMS
97 | $params = $params | ConvertTo-Json
98 |
99 | if($NoSSL){
100 | Write-Verbose "NO SSL ENABLED, USING HTTP INSTEAD OF HTTPS"
101 | $uri = "http://$PVWA/PasswordVault/API/Platforms/Import/"
102 | }
103 | else{
104 | Write-Verbose "SSL ENABLED BY DEFAULT, USING HTTPS"
105 | $uri = "https://$PVWA/PasswordVault/API/Platforms/Import/"
106 | }
107 | $log = Write-VPASTextRecorder -inputval $uri -token $token -LogType URI
108 | $log = Write-VPASTextRecorder -inputval "POST" -token $token -LogType METHOD
109 | Write-Verbose "MAKING API CALL TO CYBERARK"
110 |
111 | if($sessionval){
112 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Body $params -Method POST -ContentType "application/json" -WebSession $sessionval
113 | }
114 | else{
115 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Body $params -Method POST -ContentType "application/json"
116 | }
117 | $outputlog = $response
118 | $log = Write-VPASTextRecorder -inputval $outputlog -token $token -LogType RETURN
119 | Write-Verbose "SUCCESSFULLY IMPORTED $ZipPath"
120 | Write-Verbose "RETURNING NEW PLATFORMID"
121 | return $response
122 |
123 | }catch{
124 | $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR
125 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC
126 | Write-Verbose "UNABLE TO IMPORT $ZipPath"
127 | Write-VPASOutput -str $_ -type E
128 | return $false
129 | }
130 | }
131 | End{
132 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType DIVIDER
133 | }
134 | }
135 |
--------------------------------------------------------------------------------
/VpasModule/14.4.1/public/Invoke-VPASCredentialProvider.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .Synopsis
3 | CREDENTIAL PROVIDER API CALL
4 | CREATED BY: Vadim Melamed, EMAIL: vpasmodule@gmail.com
5 | .DESCRIPTION
6 | USE THIS FUNCTION TO RETRIEVE ACCOUNT INFORMATION VIA CREDENTIAL PROVIDER
7 | .LINK
8 | https://vpasmodule.com/commands/Invoke-VPASCredentialProvider
9 | .NOTES
10 | SelfHosted: TRUE
11 | PrivCloudStandard: TRUE
12 | SharedServices: TRUE
13 | .PARAMETER ApplicationID
14 | The application ID that has access to the safe that will retrieve the account information
15 | .PARAMETER Safe
16 | Safe that the target account is located in
17 | .PARAMETER ObjectName
18 | Unique identifier of the target account
19 | .PARAMETER Folder
20 | A directory within a safe that the target account is located in
21 | Default value: root
22 | .PARAMETER Reason
23 | Purpose for pulling the account, for auditing and master policy restriction
24 | .PARAMETER SDKLocation
25 | Location or filepath to the CLIPasswordSDK that will be utilized to make the call
26 | Default value: 'C:\Program Files (x86)\CyberArk\ApplicationPasswordSdk\CLIPasswordSDK.exe'
27 | .EXAMPLE
28 | $CPResults = Invoke-VPASCredentialProvider -ApplicationID {APPLICATION ID VALUE} -Safe {SAFE VALUE} -ObjectName {OBJECT NAME VALUE} -Folder {FOLDER VALUE} -SDKLocation {SDKLOCATION VALUE}
29 | .OUTPUTS
30 | If successful:
31 | {
32 | "Content": "SuperSecretPassword",
33 | "ObjectName": "Operating System-WinDomain-vman.com-testdomainuser02",
34 | "PolicyID": "WinDomain",
35 | "Username": "testdomainuser02",
36 | "Address": "vman.com",
37 | "Safe": "NewSafeVpas"
38 | }
39 | ---
40 | $false if failed
41 | #>
42 | function Invoke-VPASCredentialProvider{
43 | [OutputType('System.Collections.Hashtable',[bool])]
44 | [CmdletBinding(DefaultParameterSetName='Set1')]
45 | Param(
46 |
47 | [Parameter(Mandatory=$true,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true,HelpMessage="ApplicationID that has access to the safe that will retrieve the account information")]
48 | [String]$ApplicationID,
49 |
50 | [Parameter(Mandatory=$true,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true,HelpMessage="Safe that the target account is located in")]
51 | [String]$Safe,
52 |
53 | [Parameter(Mandatory=$true,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true,HelpMessage="Unique identifier of the target account")]
54 | [String]$ObjectName,
55 |
56 | [Parameter(Mandatory=$false,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true,HelpMessage="A directory within a safe that the target account is located in (Default value: root)")]
57 | [String]$Folder,
58 |
59 | [Parameter(Mandatory=$true,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true,HelpMessage="Location or filepath to the CLIPasswordSDK that will be utilized to make the call (Default value: 'C:\Program Files (x86)\CyberArk\ApplicationPasswordSdk\CLIPasswordSDK.exe')")]
60 | [String]$SDKLocation,
61 |
62 | [Parameter(Mandatory=$false,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true,HelpMessage="Purpose for pulling the account, for auditing and master policy restriction")]
63 | [String]$Reason
64 | )
65 |
66 | Begin{
67 |
68 | }
69 | Process{
70 | try{
71 | if([String]::IsNullOrEmpty($Folder)){
72 | Write-Verbose "NO FOLDER PASSED, USING DEFAULT VALUE: root"
73 | $Folder = "root"
74 | }
75 | if([String]::IsNullOrEmpty($SDKLocation)){
76 | Write-Verbose "NO SDKLocation PASSED, USING DEFAULT VALUE: 'C:\Program Files (x86)\CyberArk\ApplicationPasswordSdk\CLIPasswordSDK.exe'"
77 | $SDKLocation = "C:\Program Files (x86)\CyberArk\ApplicationPasswordSdk\CLIPasswordSDK.exe"
78 | }
79 |
80 | Write-Verbose "BUILDING SDK COMMAND"
81 | Write-Verbose "$SDKLocation GetPassword /p AppDescs.AppID=$ApplicationID /p Reason=`"$Reason`" /p Query=`"Safe=$Safe;Folder=$Folder;Object=$ObjectName`" /o Password,passprops.UserName,passprops.Address,passprops.Safe,passprops.Object,passprops.PolicyID"
82 | $AllDetails = & $SDKLocation GetPassword /p AppDescs.AppID=$ApplicationID /p Reason="$Reason" /p Query="Safe=$Safe;Folder=$Folder;Object=$ObjectName" /o Password,passprops.UserName,passprops.Address,passprops.Safe,passprops.Object,passprops.PolicyID
83 | Write-Verbose "PARSING DATA"
84 |
85 | $AllDetailsSplit = $AllDetails -split ","
86 | $outputobj = @{
87 | Content = $AllDetailsSplit[0]
88 | Username = $AllDetailsSplit[1]
89 | Address = $AllDetailsSplit[2]
90 | Safe = $AllDetailsSplit[3]
91 | ObjectName = $AllDetailsSplit[4]
92 | PolicyID = $AllDetailsSplit[5]
93 | }
94 | Write-Verbose "RETURNING DATA"
95 | return $outputobj
96 | }catch{
97 | Write-Verbose "UNABLE TO RETRIEVE ACCOUNT DETAILS"
98 | Write-Host $_ -ForegroundColor Red
99 | return $false
100 | }
101 | }
102 | End{
103 |
104 | }
105 | }
106 |
--------------------------------------------------------------------------------
/VpasModule/14.4.1/public/Invoke-VPASUserLicenseReport.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .Synopsis
3 | GENERATE USER LICENSE REPORT
4 | CREATED BY: Vadim Melamed, EMAIL: vpasmodule@gmail.com
5 | .DESCRIPTION
6 | USE THIS FUNCTION TO GENERATE A USER LICENSE REPORT
7 | .LINK
8 | https://vpasmodule.com/commands/Invoke-VPASUserLicenseReport
9 | .NOTES
10 | SelfHosted: FALSE
11 | PrivCloudStandard: TRUE
12 | SharedServices: TRUE
13 | .PARAMETER token
14 | HashTable of data containing various pieces of login information (PVWA, LoginToken, HeaderType, etc).
15 | If -token is not passed, function will use last known hashtable generated by New-VPASToken
16 | .PARAMETER InputParameters
17 | HashTable of values containing the parameters required to make the API call
18 | .EXAMPLE
19 | $UserLicenseReport = Invoke-VPASUserLicenseReport
20 | .EXAMPLE
21 | $InputParameters = @{}
22 | $UserLicenseReport = Invoke-VPASUserLicenseReport -InputParameters $InputParameters
23 | .OUTPUTS
24 | If successful:
25 | {
26 | "componentName": "Privilege Cloud",
27 | "optionalSummary": {
28 | "name": "License consumption",
29 | "used": "8",
30 | "total": "25"
31 | },
32 | "licensesData": [
33 | {
34 | "licencesElements": " ",
35 | "licenseSubCategory": "User Types"
36 | }
37 | ]
38 | }
39 | ---
40 | $false if failed
41 | #>
42 | function Invoke-VPASUserLicenseReport{
43 | [OutputType('System.Object',[bool])]
44 | [CmdletBinding(DefaultParameterSetName='Set1')]
45 | Param(
46 | [Parameter(Mandatory=$true,ParameterSetName='InputParameters',ValueFromPipelineByPropertyName=$true,HelpMessage="Hashtable of parameters required to make API call, refer to get-help -examples for valid inputs")]
47 | [hashtable]$InputParameters,
48 |
49 | [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true,Position=0)]
50 | [hashtable]$token
51 | )
52 |
53 | Begin{
54 | $tokenval,$sessionval,$PVWA,$Header,$ISPSS,$IdentityURL,$EnableTextRecorder,$AuditTimeStamp,$NoSSL,$VaultVersion,$HideWarnings,$AuthenticatedAs,$SubDomain,$EnableTroubleshooting = Get-VPASSession -token $token
55 | $CommandName = $MyInvocation.MyCommand.Name
56 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType COMMAND
57 | }
58 | Process{
59 | try{
60 | if($PSCmdlet.ParameterSetName -eq "InputParameters"){
61 | $KeyHash = @{
62 | set1 = @{
63 | AcceptableKeys = @()
64 | MandatoryKeys = @()
65 | }
66 | }
67 | $CheckSet = Test-VPASHashtableKeysHelper -InputHash $InputParameters -KeyHash $KeyHash
68 |
69 | if(!$CheckSet){
70 | $log = Write-VPASTextRecorder -inputval "FAILED TO FIND TARGET PARAMETER SET" -token $token -LogType MISC
71 | Write-Verbose "FAILED TO FIND TARGET PARAMETER SET"
72 | Write-VPASOutput -str "FAILED TO FIND TARGET PARAMETER SET...VIEW EXAMPLES BELOW:" -type E
73 | $examples = Write-VPASExampleHelper -CommandName $CommandName
74 | return $false
75 | }
76 | else{
77 | foreach($key in $InputParameters.Keys){
78 | Set-Variable -Name $key -Value $InputParameters.$key
79 | }
80 | }
81 | }
82 | }catch{
83 | $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR
84 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC
85 | Write-Verbose "FAILED TO GENERATE REPORT"
86 | Write-VPASOutput -str $_ -type E
87 | return $false
88 | }
89 |
90 | try{
91 | if(!$ISPSS -and ($PVWA -notmatch ".privilegecloud.cyberark.")){
92 | Write-VPASOutput -str "SelfHosted solution does not support this API Call, returning false" -type E
93 | $log = Write-VPASTextRecorder -inputval "SelfHosted solution does not support this API Call, returning false" -token $token -LogType MISC
94 | $log = Write-VPASTextRecorder -inputval $false -token $token -LogType RETURN
95 | return $false
96 | }
97 | else{
98 | if($NoSSL){
99 | Write-Verbose "NO SSL ENABLED, USING HTTP INSTEAD OF HTTPS"
100 | $uri = "http://$PVWA/PasswordVault/api/licenses/pcloud/"
101 | }
102 | else{
103 | Write-Verbose "SSL ENABLED BY DEFAULT, USING HTTPS"
104 | $uri = "https://$PVWA/PasswordVault/api/licenses/pcloud/"
105 | }
106 | $log = Write-VPASTextRecorder -inputval $uri -token $token -LogType URI
107 | $log = Write-VPASTextRecorder -inputval "GET" -token $token -LogType METHOD
108 | write-verbose "MAKING API CALL TO CYBERARK"
109 |
110 | if($sessionval){
111 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json" -WebSession $sessionval
112 | }
113 | else{
114 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json"
115 | }
116 | $outputlog = $response
117 | $log = Write-VPASTextRecorder -inputval $outputlog -token $token -LogType RETURNARRAY
118 | Write-Verbose "RETURNING JSON OBJECT"
119 | return $response
120 | }
121 | }catch{
122 | $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR
123 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC
124 | Write-Verbose "UNABLE TO GENERATE USER LICENSE REPORT"
125 | Write-VPASOutput -str $_ -type E
126 | return $false
127 | }
128 | }
129 | End{
130 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType DIVIDER
131 | }
132 | }
133 |
--------------------------------------------------------------------------------
/VpasModule/14.4.1/public/Remove-VPASCustomTheme.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .Synopsis
3 | DELETE A CUSTOM THEME
4 | CREATED BY: Vadim Melamed, EMAIL: vpasmodule@gmail.com
5 | .DESCRIPTION
6 | USE THIS FUNCTION TO DELETE A CUSTOM THEME IN CYBERARK
7 | .LINK
8 | https://vpasmodule.com/commands/Remove-VPASCustomTheme
9 | .NOTES
10 | SelfHosted: TRUE
11 | PrivCloudStandard: FALSE
12 | SharedServices: FALSE
13 | .PARAMETER token
14 | HashTable of data containing various pieces of login information (PVWA, LoginToken, HeaderType, etc).
15 | If -token is not passed, function will use last known hashtable generated by New-VPASToken
16 | .PARAMETER ThemeName
17 | Unique identifier of the target theme
18 | .PARAMETER InputParameters
19 | HashTable of values containing the parameters required to make the API call
20 | .EXAMPLE
21 | $DeleteThemeStatus = Remove-VPASCustomTheme -ThemeName {THEME NAME VALUE}
22 | .EXAMPLE
23 | $InputParameters = @{
24 | ThemeName = "Default Light Copy"
25 | }
26 | $DeleteThemeStatus = Remove-VPASCustomTheme -InputParameters $InputParameters
27 | .OUTPUTS
28 | $true if successful
29 | ---
30 | $false if failed
31 | #>
32 | function Remove-VPASCustomTheme{
33 | [OutputType([bool])]
34 | [CmdletBinding(DefaultParameterSetName='Set1')]
35 | Param(
36 | [Parameter(Mandatory=$true,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true,HelpMessage="Enter theme name (for example: vpasdark)")]
37 | [String]$ThemeName,
38 |
39 | [Parameter(Mandatory=$true,ParameterSetName='InputParameters',ValueFromPipelineByPropertyName=$true,HelpMessage="Hashtable of parameters required to make API call, refer to get-help -examples for valid inputs")]
40 | [hashtable]$InputParameters,
41 |
42 | [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true)]
43 | [hashtable]$token
44 | )
45 |
46 | Begin{
47 | $tokenval,$sessionval,$PVWA,$Header,$ISPSS,$IdentityURL,$EnableTextRecorder,$AuditTimeStamp,$NoSSL,$VaultVersion,$HideWarnings,$AuthenticatedAs,$SubDomain,$EnableTroubleshooting = Get-VPASSession -token $token
48 | $CommandName = $MyInvocation.MyCommand.Name
49 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType COMMAND
50 | }
51 | Process{
52 | try{
53 | if($PSCmdlet.ParameterSetName -eq "InputParameters"){
54 | $KeyHash = @{
55 | set1 = @{
56 | AcceptableKeys = @("ThemeName")
57 | MandatoryKeys = @("ThemeName")
58 | }
59 | }
60 | $CheckSet = Test-VPASHashtableKeysHelper -InputHash $InputParameters -KeyHash $KeyHash
61 |
62 | if(!$CheckSet){
63 | $log = Write-VPASTextRecorder -inputval "FAILED TO FIND TARGET PARAMETER SET" -token $token -LogType MISC
64 | Write-Verbose "FAILED TO FIND TARGET PARAMETER SET"
65 | Write-VPASOutput -str "FAILED TO FIND TARGET PARAMETER SET...VIEW EXAMPLES BELOW:" -type E
66 | $examples = Write-VPASExampleHelper -CommandName $CommandName
67 | return $false
68 | }
69 | else{
70 | foreach($key in $InputParameters.Keys){
71 | Set-Variable -Name $key -Value $InputParameters.$key
72 | }
73 | }
74 | }
75 | }catch{
76 | $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR
77 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC
78 | Write-Verbose "FAILED TO RETRIEVE THEME DETAILS"
79 | Write-VPASOutput -str $_ -type E
80 | return $false
81 | }
82 |
83 | try{
84 | Write-Verbose "MAKING API CALL TO CYBERARK"
85 | if($NoSSL){
86 | Write-Verbose "NO SSL ENABLED, USING HTTP INSTEAD OF HTTPS"
87 | $uri = "http://$PVWA/PasswordVault/API/Themes/$ThemeName/"
88 | }
89 | else{
90 | Write-Verbose "SSL ENABLED BY DEFAULT, USING HTTPS"
91 | $uri = "https://$PVWA/PasswordVault/API/Themes/$ThemeName/"
92 | }
93 | $log = Write-VPASTextRecorder -inputval $uri -token $token -LogType URI
94 | $log = Write-VPASTextRecorder -inputval "DELETE" -token $token -LogType METHOD
95 |
96 | if($sessionval){
97 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method DELETE -ContentType "application/json" -WebSession $sessionval
98 | }
99 | else{
100 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method DELETE -ContentType "application/json"
101 | }
102 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: TRUE" -token $token -LogType MISC
103 | Write-Verbose "SUCCESSFULLY REMOVED CUSTOM THEME"
104 | return $true
105 | }catch{
106 | $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR
107 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC
108 | Write-Verbose "UNABLE TO REMOVE CUSTOM THEME"
109 | Write-VPASOutput -str $_ -type E
110 | return $false
111 | }
112 | }
113 | End{
114 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType DIVIDER
115 | }
116 | }
117 |
--------------------------------------------------------------------------------
/VpasModule/14.4.1/public/Remove-VPASDirectory.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .Synopsis
3 | DELETE DIRCECTORY
4 | CREATED BY: Vadim Melamed, EMAIL: vpasmodule@gmail.com
5 | .DESCRIPTION
6 | USE THIS FUNCTION TO DELETE DIRECTORY
7 | .LINK
8 | https://vpasmodule.com/commands/Remove-VPASDirectory
9 | .NOTES
10 | SelfHosted: TRUE
11 | PrivCloudStandard: TRUE
12 | SharedServices: FALSE
13 | .PARAMETER token
14 | HashTable of data containing various pieces of login information (PVWA, LoginToken, HeaderType, etc).
15 | If -token is not passed, function will use last known hashtable generated by New-VPASToken
16 | .PARAMETER confirm
17 | Remove the confirmation prompt asking to confirm the deletion of the selected DirectoryID
18 | .PARAMETER DirectoryID
19 | Unique DirectoryID that maps to the target Directory to be deleted
20 | .PARAMETER InputParameters
21 | HashTable of values containing the parameters required to make the API call
22 | .EXAMPLE
23 | $DeleteDirectoryStatus = Remove-VPASDirectory -DirectoryID {DIRECTORYID VALUE}
24 | .EXAMPLE
25 | $InputParameters = @{
26 | DirectoryID = "DeleteDirectoryID"
27 | confirm = $true|$false
28 | }
29 | $DeleteDirectoryStatus = Remove-VPASDirectory -InputParameters $InputParameters
30 | .OUTPUTS
31 | $true if successful
32 | ---
33 | $false if failed
34 | #>
35 | function Remove-VPASDirectory{
36 | [OutputType([bool])]
37 | [CmdletBinding(DefaultParameterSetName='Set1')]
38 | Param(
39 |
40 | [Parameter(Mandatory=$true,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true,HelpMessage="Enter target DirectoryID")]
41 | [String]$DirectoryID,
42 |
43 | [Parameter(Mandatory=$false,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true)]
44 | [Switch]$confirm,
45 |
46 | [Parameter(Mandatory=$true,ParameterSetName='InputParameters',ValueFromPipelineByPropertyName=$true,HelpMessage="Hashtable of parameters required to make API call, refer to get-help -examples for valid inputs")]
47 | [hashtable]$InputParameters,
48 |
49 | [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true)]
50 | [hashtable]$token
51 | )
52 |
53 | Begin{
54 | $tokenval,$sessionval,$PVWA,$Header,$ISPSS,$IdentityURL,$EnableTextRecorder,$AuditTimeStamp,$NoSSL,$VaultVersion,$HideWarnings,$AuthenticatedAs,$SubDomain,$EnableTroubleshooting = Get-VPASSession -token $token
55 | $CommandName = $MyInvocation.MyCommand.Name
56 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType COMMAND
57 | }
58 | Process{
59 |
60 | try{
61 | if($PSCmdlet.ParameterSetName -eq "InputParameters"){
62 | $KeyHash = @{
63 | set1 = @{
64 | AcceptableKeys = @("DirectoryID","confirm")
65 | MandatoryKeys = @("DirectoryID")
66 | }
67 | }
68 | $CheckSet = Test-VPASHashtableKeysHelper -InputHash $InputParameters -KeyHash $KeyHash
69 |
70 | if(!$CheckSet){
71 | $log = Write-VPASTextRecorder -inputval "FAILED TO FIND TARGET PARAMETER SET" -token $token -LogType MISC
72 | Write-Verbose "FAILED TO FIND TARGET PARAMETER SET"
73 | Write-VPASOutput -str "FAILED TO FIND TARGET PARAMETER SET...VIEW EXAMPLES BELOW:" -type E
74 | $examples = Write-VPASExampleHelper -CommandName $CommandName
75 | return $false
76 | }
77 | else{
78 | foreach($key in $InputParameters.Keys){
79 | Set-Variable -Name $key -Value $InputParameters.$key
80 | }
81 | }
82 | }
83 | }catch{
84 | $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR
85 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC
86 | Write-Verbose "FAILED TO REMOVE DIRECTORY"
87 | Write-VPASOutput -str $_ -type E
88 | return $false
89 | }
90 |
91 | try{
92 |
93 | $continueFlag = $false
94 | if(!$confirm){
95 | Write-VPASOutput -str "ARE YOU SURE YOU WANT TO DELETE $DirectoryID (THIS IS NOT REVERSABLE) [N]: " -type Y
96 | $choice = Read-Host
97 | Write-Verbose "PARSING USER INPUT"
98 |
99 | if([String]::IsNullOrEmpty($choice)){
100 | Write-Verbose "SETTING DEFAULT RESPONSE OF 'N'"
101 | $choice = "n"
102 | }
103 |
104 |
105 | $choice = $choice.ToLower()
106 | if($choice -eq "y"){
107 | $continueFlag = $true
108 | Write-Verbose "COMMAND WILL CONTINUE"
109 | }
110 | else{
111 | $continueFlag = $false
112 | Write-Verbose "COMMAND WILL STOP"
113 | }
114 | }
115 | else{
116 | $continueFlag = $true
117 | Write-Verbose "CONFIRM FLAG PASSED, SKIPPING CONFIRMATION"
118 | }
119 |
120 | if(!$continueFlag){
121 | Write-Verbose "EXITING COMMAND AND RETURNING FALSE"
122 | return $false
123 | }
124 |
125 | if($NoSSL){
126 | Write-Verbose "NO SSL ENABLED, USING HTTP INSTEAD OF HTTPS"
127 | $uri = "http://$PVWA/PasswordVault/API/Configuration/LDAP/Directories/$DirectoryID/"
128 | }
129 | else{
130 | Write-Verbose "SSL ENABLED BY DEFAULT, USING HTTPS"
131 | $uri = "https://$PVWA/PasswordVault/API/Configuration/LDAP/Directories/$DirectoryID/"
132 | }
133 |
134 | Write-Verbose "MAKING API CALL TO CYBERARK"
135 |
136 | if($sessionval){
137 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method DELETE -ContentType "application/json" -WebSession $sessionval
138 | }
139 | else{
140 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method DELETE -ContentType "application/json"
141 | }
142 | Write-Verbose "SUCCESSFULLY DELETED: $DirectoryID"
143 | Write-Verbose "RETURNING TRUE"
144 | return $response
145 | }catch{
146 | Write-Verbose "UNABLE TO DELETE DIRECTORY: $DirectoryID"
147 | Write-VPASOutput -str $_ -type E
148 | return $false
149 | }
150 | }
151 | End{
152 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType DIVIDER
153 | }
154 | }
155 |
--------------------------------------------------------------------------------
/VpasModule/14.4.1/public/Update-VPASCustomThemeDraft.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .Synopsis
3 | UPDATE A CUSTOM THEME DRAFT STATE
4 | CREATED BY: Vadim Melamed, EMAIL: vpasmodule@gmail.com
5 | .DESCRIPTION
6 | USE THIS FUNCTION TO UPDATE A CUSTOM THEME DRAFT STATE TO ACTIVE IN CYBERARK
7 | .LINK
8 | https://vpasmodule.com/commands/Update-VPASCustomThemeDraft
9 | .NOTES
10 | SelfHosted: TRUE
11 | PrivCloudStandard: FALSE
12 | SharedServices: FALSE
13 | .PARAMETER token
14 | HashTable of data containing various pieces of login information (PVWA, LoginToken, HeaderType, etc).
15 | If -token is not passed, function will use last known hashtable generated by New-VPASToken
16 | .PARAMETER ThemeName
17 | Unique identifier of the target theme
18 | .PARAMETER InputParameters
19 | HashTable of values containing the parameters required to make the API call
20 | .EXAMPLE
21 | $UpdateThemeDraftStatus = Update-VPASCustomThemeDraft -ThemeName {THEME NAME VALUE}
22 | .EXAMPLE
23 | $InputParameters = @{
24 | ThemeName = "Default Light Copy"
25 | }
26 | $UpdateThemeDraftStatus = Update-VPASCustomThemeDraft -InputParameters $InputParameters
27 | .OUTPUTS
28 | $true if successful
29 | ---
30 | $false if failed
31 | #>
32 | function Update-VPASCustomThemeDraft{
33 | [OutputType([bool])]
34 | [CmdletBinding(DefaultParameterSetName='Set1')]
35 | Param(
36 | [Parameter(Mandatory=$true,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true,HelpMessage="Enter theme name (for example: vpasdark)")]
37 | [String]$ThemeName,
38 |
39 | [Parameter(Mandatory=$true,ParameterSetName='InputParameters',ValueFromPipelineByPropertyName=$true,HelpMessage="Hashtable of parameters required to make API call, refer to get-help -examples for valid inputs")]
40 | [hashtable]$InputParameters,
41 |
42 | [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true)]
43 | [hashtable]$token
44 | )
45 |
46 | Begin{
47 | $tokenval,$sessionval,$PVWA,$Header,$ISPSS,$IdentityURL,$EnableTextRecorder,$AuditTimeStamp,$NoSSL,$VaultVersion,$HideWarnings,$AuthenticatedAs,$SubDomain,$EnableTroubleshooting = Get-VPASSession -token $token
48 | $CommandName = $MyInvocation.MyCommand.Name
49 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType COMMAND
50 | }
51 | Process{
52 | try{
53 | if($PSCmdlet.ParameterSetName -eq "InputParameters"){
54 | $KeyHash = @{
55 | set1 = @{
56 | AcceptableKeys = @("ThemeName")
57 | MandatoryKeys = @("ThemeName")
58 | }
59 | }
60 | $CheckSet = Test-VPASHashtableKeysHelper -InputHash $InputParameters -KeyHash $KeyHash
61 |
62 | if(!$CheckSet){
63 | $log = Write-VPASTextRecorder -inputval "FAILED TO FIND TARGET PARAMETER SET" -token $token -LogType MISC
64 | Write-Verbose "FAILED TO FIND TARGET PARAMETER SET"
65 | Write-VPASOutput -str "FAILED TO FIND TARGET PARAMETER SET...VIEW EXAMPLES BELOW:" -type E
66 | $examples = Write-VPASExampleHelper -CommandName $CommandName
67 | return $false
68 | }
69 | else{
70 | foreach($key in $InputParameters.Keys){
71 | Set-Variable -Name $key -Value $InputParameters.$key
72 | }
73 | }
74 | }
75 | }catch{
76 | $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR
77 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC
78 | Write-Verbose "FAILED TO RETRIEVE THEME DETAILS"
79 | Write-VPASOutput -str $_ -type E
80 | return $false
81 | }
82 |
83 | try{
84 | $params = @{
85 | themeName = $ThemeName
86 | }
87 | $log = Write-VPASTextRecorder -inputval $params -token $token -LogType PARAMS
88 | $params = $params | ConvertTo-Json
89 |
90 | Write-Verbose "MAKING API CALL TO CYBERARK"
91 | if($NoSSL){
92 | Write-Verbose "NO SSL ENABLED, USING HTTP INSTEAD OF HTTPS"
93 | $uri = "http://$PVWA/PasswordVault/API/Themes/$ThemeName/draft/"
94 | }
95 | else{
96 | Write-Verbose "SSL ENABLED BY DEFAULT, USING HTTPS"
97 | $uri = "https://$PVWA/PasswordVault/API/Themes/$ThemeName/draft/"
98 | }
99 | $log = Write-VPASTextRecorder -inputval $uri -token $token -LogType URI
100 | $log = Write-VPASTextRecorder -inputval "POST" -token $token -LogType METHOD
101 |
102 | if($sessionval){
103 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method POST -Body $params -ContentType "application/json" -WebSession $sessionval
104 | }
105 | else{
106 | $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method POST -Body $params -ContentType "application/json"
107 | }
108 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: TRUE" -token $token -LogType MISC
109 | Write-Verbose "SUCCESSFULLY UPDATED CUSTOM THEME DRAFT STATE"
110 | return $true
111 | }catch{
112 | $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR
113 | $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC
114 | Write-Verbose "UNABLE TO UPDATE CUSTOM THEME DRAFT STATE"
115 | Write-VPASOutput -str $_ -type E
116 | return $false
117 | }
118 | }
119 | End{
120 | $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType DIVIDER
121 | }
122 | }
123 |
--------------------------------------------------------------------------------
/VpasModule/14.4.1/public/Write-VPASOutput.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .Synopsis
3 | OUTPUT MESSAGES FOR VpasModule
4 | CREATED BY: Vadim Melamed, EMAIL: vpasmodule@gmail.com
5 | .DESCRIPTION
6 | OUTPUTS MESSAGES
7 | .LINK
8 | N/A
9 | .NOTES
10 | SelfHosted: TRUE
11 | PrivCloudStandard: TRUE
12 | SharedServices: TRUE
13 | .PARAMETER str
14 | Target string that will be displayed
15 | .PARAMETER type
16 | The type of the message (Red for errors, Yellow for user input, Magenta for extra information, etc.)
17 | Possible values: C, G, M, E, Y, S
18 | .PARAMETER Initialized
19 | Backend flag to not parse New-VPASToken variables
20 | .EXAMPLE
21 | $str = Write-VPASOutput -str "EXAMPLE ERROR MESSAGE" -type E
22 | .EXAMPLE
23 | $str = Write-VPASOutput -str "EXAMPLE RESPONSE MESSAGE" -type C
24 | .EXAMPLE
25 | $str = Write-VPASOutput -str "EXAMPLE GENERAL MESSAGE" -type M
26 | .EXAMPLE
27 | $str = Write-VPASOutput -str "EXAMPLE HEADER MESSAGE" -type G
28 | .EXAMPLE
29 | $str = Write-VPASOutput -str "EXAMPLE INPUT MESSAGE" -type Y
30 | .EXAMPLE
31 | $str = Write-VPASOutput -str "EXAMPLE SIMULATION MESSAGE" -type S
32 | .OUTPUTS
33 | String if successful
34 | ---
35 | $false if failed
36 | #>
37 | function Write-VPASOutput{
38 | [OutputType([String])]
39 | [CmdletBinding(DefaultParameterSetName='Set1')]
40 | Param(
41 | [Parameter(Mandatory=$true,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true,HelpMessage="Enter string to output")]
42 | [String]$str,
43 |
44 | [Parameter(Mandatory=$true,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true,HelpMessage="Enter type of string (C, G, M, E, Y, S, DY)")]
45 | [ValidateSet('C','G','M','E','Y','S','DY')]
46 | [String]$type,
47 |
48 | [Parameter(Mandatory=$false,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true)]
49 | [Switch]$Initialized
50 |
51 | )
52 | Begin{
53 | if($Initialized){
54 | $HideWarnings = $false
55 | }
56 | else{
57 | $tokenval,$sessionval,$PVWA,$Header,$ISPSS,$IdentityURL,$EnableTextRecorder,$AuditTimeStamp,$NoSSL,$VaultVersion,$HideWarnings,$AuthenticatedAs,$SubDomain,$EnableTroubleshooting = Get-VPASSession -token $token
58 | }
59 | }
60 | Process{
61 | if($type -eq "g"){
62 | write-host $str -ForegroundColor Green
63 | }
64 | elseif($type -eq "c"){
65 | if(!$HideWarnings){
66 | write-host $str -ForegroundColor Cyan
67 | }
68 | }
69 | elseif($type -eq "e"){
70 | if(!$HideWarnings){
71 | write-host $str -ForegroundColor Red
72 | }
73 | }
74 | elseif($type -eq "m"){
75 | if(!$HideWarnings){
76 | write-host $str -ForegroundColor Magenta
77 | }
78 | }
79 | elseif($type -eq "y"){
80 | write-host $str -ForegroundColor Yellow -NoNewline
81 | }
82 | elseif($type -eq "s"){
83 | write-host $str -ForegroundColor Gray
84 | }
85 | elseif($type -eq "dy"){
86 | write-host $str -ForegroundColor DarkYellow
87 | }
88 | }
89 | End{
90 |
91 | }
92 | }
93 |
--------------------------------------------------------------------------------
/VpasModule/LICENSE.md:
--------------------------------------------------------------------------------
1 | MIT License
2 |
3 | Copyright (c) 2021 - 2025 Vadim Melamed
4 |
5 | Permission is hereby granted, free of charge, to any person obtaining a copy
6 | of this software and associated documentation files (the "Software"), to deal
7 | in the Software without restriction, including without limitation the rights
8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 |
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 |
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 |
--------------------------------------------------------------------------------
/VpasModule/README.md:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 | A simplified PowerShell module to interact with CyberArk Web Services for Self Hosted, PrivilegeCloud Standard, and SharedServices (ISPSS) solutions as well as Identity/DPA/ConnectorManagement API suite
7 |
8 |
9 |
10 | Creator: Vadim Melamed
11 |
12 | Email: vpasmodule@gmail.com
13 |
14 |
15 |
16 |
17 | | PSGallery | CodeFactor |
18 | |---------------------------|---------------------------|
19 | | [![downloads][]][psgallery-site] | [![codefactor][]][codefactor-site]|
20 |
21 | [downloads]:https://img.shields.io/powershellgallery/dt/vpasmodule.svg?color=darkblue
22 | [psgallery-site]:https://www.powershellgallery.com/packages/VpasModule
23 | [codefactor-site]:https://www.codefactor.io/repository/github/vmelamed5/cyberark
24 | [codefactor]:https://www.codefactor.io/repository/github/vmelamed5/cyberark/badge
25 |
26 |
27 |
28 | ## Installation
29 |
30 | Install the module via [PowershellGallery](https://www.powershellgallery.com/packages/VpasModule/)
31 |
32 | ```powershell
33 | Install-Module VpasModule -scope CurrentUser
34 | ```
35 |
36 | ## Usage
37 |
38 | ```powershell
39 | # Step1) import vpasmodule
40 | Import-Module vpasmodule
41 |
42 | # Step2) Retrieve cyberark login token via New-VPASToken
43 | New-VPASToken -PVWA "MyPVWAServer.com" -AuthType cyberark
44 |
45 | # Step3) Run desired API calls
46 | $SafeDetails = Get-VPASSafes -searchQuery "TestSafe"
47 | $AllAccounts = Get-VPASAllAccounts
48 |
49 | # Step4: Invalidate cyberark login token via Remove-VPASToken
50 | Remove-VPASToken
51 | ```
52 |
53 | ## Supported Versions
54 | ```
55 | > v10.10 - SelfHosted
56 | > v11.X - SelfHosted
57 | > v12.X - SelfHosted
58 | > v13.X - SelfHosted + PrivilegeCloud
59 | > v14.X - SelfHosted + PrivilegeCloud + Identity
60 | ```
61 | ```
62 | > v14.4.1 (Current):
63 | - SelfHosted
64 | - PrivilegeCloudStandard
65 | - SharedServices (ISPSS)
66 | - Identity (WORK IN PROGRESS)
67 | - ConnectorManagement (WORK IN PROGRESS)
68 | - DynamicPrivilegedAccess (WORK IN PROGRESS)
69 | ```
70 |
71 | ## Documentation
72 | Find version specific README.md inside specific vpasmodule versions for more documentation on function syntax, examples, usages, etc.\
73 | \
74 | Please visit [VpasModule Website](https://vpasmodule.com/index.html) to stay up to date with any updates, changes, and various other features
75 |
76 |
--------------------------------------------------------------------------------