Resolve merge conflicts

CHANGELOG.md

@@ -4,6 +4,14 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [3.2.0]() - 2023-01-12
+### Added
+- New-OMEDirectoryService
+- Get-OMEDirectoryService
+- Get-OMEDirectoryServiceSearch
+- Get-OMERole
+- Invoke-OMEDirectoryServiceImportGroup
+
 ## [3.1.1]() - 2023-01-06
 ### Fixed
 - Fixed issue on commandlet Get-OMEDevice where NetworkAddress is not reported correctly on the MX7000 platform

DellOpenManage/Classes/AccountProvider.psm1

@@ -0,0 +1,17 @@
+Class AccountProvider {
+    [Int]$Id
+    [String]$Name
+    [String]$ServerType
+    [String[]]$ServerName
+    [String[]]$DnsServer
+    [String]$GroupDomain
+    [Int]$ServerPort
+    [Int]$NetworkTimeOut
+    [Int]$SearchTimeOut
+    [Boolean]$CertificateValidation
+    [String]$BindDN
+    [String]$BaseDistinguishedName
+    [String]$AttributeUserLogin
+    [String]$AttributeGroupMembership
+    [String]$SearchFilter
+}

DellOpenManage/Classes/DirectoryGroup.psm1

@@ -0,0 +1,8 @@
+Class DirectoryGroup {
+    [String]$CommonName
+    [String]$GroupType
+    [String]$DistinguishedName
+    [String[]]$DomainComponent
+    [String]$ObjectGuid
+    [String]$ObjectSid
+}

DellOpenManage/Classes/Role.psm1

@@ -0,0 +1,9 @@
+Class Role {
+    [String]$Id
+    [String]$Description
+    [String]$Name
+    [String[]]$OemPrivileges
+    [String[]]$AssignedPrivileges
+    [Boolean]$IsPredefined
+    [Boolean]$IsScopeSupported
+}

DellOpenManage/DellOpenManage.psd1

@@ -3,7 +3,7 @@
 #
 # Generated by: Trevor Squillario <[email protected]>
 #
-# Generated on: 1/6/2023
+# Generated on: 1/12/2023
 #
 
 @{
@@ -12,7 +12,7 @@
 RootModule = 'DellOpenManage.psm1'
 
 # Version number of this module.
-ModuleVersion = '3.1.1'
+ModuleVersion = '3.2.0'
 
 # Supported PSEditions
 # CompatiblePSEditions = @()

DellOpenManage/Private/New-AccountProviderFromJson.ps1

@@ -0,0 +1,23 @@
+using module ..\Classes\AccountProvider.psm1
+function New-AccountProviderFromJson {
+    Param(
+        [PSCustomObject]$AccountProvider
+    )
+    return [AccountProvider]@{
+        Id = $AccountProvider.Id
+        Name = $AccountProvider.Name
+        ServerType = $AccountProvider.ServerType
+        ServerName = $AccountProvider.ServerName
+        DnsServer = $AccountProvider.DnsServer
+        GroupDomain = $AccountProvider.GroupDomain
+        ServerPort = $AccountProvider.ServerPort
+        NetworkTimeOut = $AccountProvider.NetworkTimeOut
+        SearchTimeOut = $AccountProvider.SearchTimeOut
+        CertificateValidation = $AccountProvider.CertificateValidation
+        BindDN = $AccountProvider.BindDN
+        BaseDistinguishedName = $AccountProvider.BaseDistinguishedName
+        AttributeUserLogin = $AccountProvider.AttributeUserLogin
+        AttributeGroupMembership = $AccountProvider.AttributeGroupMembership
+        SearchFilter = $AccountProvider.SearchFilter
+    }
+}

DellOpenManage/Private/New-DirectoryGroupFromJson.ps1

@@ -0,0 +1,15 @@
+using module ..\Classes\DirectoryGroup.psm1
+function New-DirectoryGroupFromJson {
+    Param(
+        [PSCustomObject]$DirectoryGroup
+    )
+    return [DirectoryGroup]@{
+        CommonName = $DirectoryGroup.CommonName
+        GroupType = $DirectoryGroup.GroupType
+        DistinguishedName = $DirectoryGroup.DistinguishedName
+        DomainComponent = $DirectoryGroup.DomainComponent
+        ObjectGuid = $DirectoryGroup.ObjectGuid
+        ObjectSid = $DirectoryGroup.ObjectSid
+    }
+}
+

DellOpenManage/Private/New-RoleFromJson.ps1

@@ -0,0 +1,15 @@
+using module ..\Classes\Role.psm1
+function New-RoleFromJson {
+    Param(
+        [PSCustomObject]$Role
+    )
+    return [Role]@{
+        Id = $Role.Id
+        Description = $Role.Description
+        Name = $Role.Name
+        OemPrivileges = $Role.OemPrivileges
+        AssignedPrivileges = $Role.AssignedPrivileges
+        IsPredefined = $Role.IsPredefined
+        IsScopeSupported = $Role.IsScopeSupported
+    }
+}

DellOpenManage/Public/OME/Get-OMEDirectoryService.ps1

@@ -0,0 +1,96 @@
+
+function Get-OMEDirectoryService {
+<#
+Copyright (c) 2023 Dell EMC Corporation
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+#>
+
+<#
+ .SYNOPSIS
+   Get list of directory services that provide user authentication
+
+ .DESCRIPTION
+   This script uses the OME REST API.
+   Note that the credentials entered are not stored to disk.
+.PARAMETER Name
+    String containing group name to search
+.PARAMETER DirectoryType
+    Directory type (Default="AD", "LDAP")
+.EXAMPLE
+    Get-OMEDirectoryService -DirectoryType "AD" | Format-Table
+
+    Get all by type
+.EXAMPLE
+    Get-OMEDirectoryService -DirectoryType "AD" -Name "OSE.LOCAL" -Verbose | Format-Table
+
+    Get by name of type AD
+.EXAMPLE
+    Get-OMEDirectoryService -DirectoryType "LDAP" -Name "OSE.LOCAL" -Verbose | Format-Table
+    
+    Get by name of type LDAP
+#>   
+
+[CmdletBinding()]
+param(
+    [Parameter(Mandatory=$false)]
+    [String]$Name,
+
+    [Parameter(Mandatory=$false)]
+	[ValidateSet("AD", "LDAP")]
+    [String] $DirectoryType = "AD"
+)
+
+Begin {}
+Process {
+    if (!$(Confirm-IsAuthenticated)){
+        Return
+    }
+    Try {
+        if ($SessionAuth.IgnoreCertificateWarning) { Set-CertPolicy }
+        $BaseUri = "https://$($SessionAuth.Host)"
+        $Headers = @{}
+        $ContentType = "application/json"
+        $Headers."X-Auth-Token" = $SessionAuth.Token
+
+        $AccountProviderUrl = ""
+        if ($DirectoryType -eq "AD") {
+            $AccountProviderUrl = $BaseUri  + "/api/AccountService/ExternalAccountProvider/ADAccountProvider"
+        } else {
+            $AccountProviderUrl = $BaseUri  + "/api/AccountService/ExternalAccountProvider/LDAPAccountProvider"
+        }
+        $AccountProviders = @()
+        Write-Verbose $AccountProviderUrl
+        $AccountProviderResponse = Invoke-WebRequest -Uri $AccountProviderUrl -UseBasicParsing -Method Get -Headers $Headers -ContentType $ContentType
+        if ($AccountProviderResponse.StatusCode -in 200, 201) {
+            $AccountProviderData = $AccountProviderResponse.Content | ConvertFrom-Json
+            foreach ($AccountProvider in $AccountProviderData.value) {
+                $AccountProviders += New-AccountProviderFromJson -AccountProvider $AccountProvider
+            }
+        }
+        # OData filtering not supported on this API endpoint. Provide basic filtering ability.
+        if ($Name) { 
+            return $AccountProviders | Where-Object -Property "Name" -Match $Name
+        } else {
+            return $AccountProviders
+        }
+    }
+    Catch {
+        Resolve-Error $_
+    }
+
+}
+
+End {}
+
+}

DellOpenManage/Public/OME/Get-OMEDirectoryServiceSearch.ps1

@@ -0,0 +1,109 @@
+using module ..\..\Classes\AccountProvider.psm1
+
+function Get-OMEDirectoryServiceSearch {
+<#
+Copyright (c) 2023 Dell EMC Corporation
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+#>
+
+<#
+ .SYNOPSIS
+   Search a directory service for groups
+
+ .DESCRIPTION
+   This script uses the OME REST API.
+   Note that the credentials entered are not stored to disk.
+.PARAMETER Name
+    String containing group name to search
+.PARAMETER DirectoryService
+    Object of type AccountProvider returned from Get-OMEDirectoryService commandlet
+.PARAMETER DirectoryType
+    Directory type (Default="AD", "LDAP")
+.PARAMETER UserName
+    Username to login to the Directory Service
+.PARAMETER Password
+    Password to login to the Directory Service
+.EXAMPLE
+   Get-OMEDirectoryServiceSearch -Name "Admin" -DirectoryService $(Get-OMEDirectoryService -DirectoryType "AD" -Name "LAB.LOCAL") -DirectoryType "AD" -UserName "[email protected]" -Password $(ConvertTo-SecureString 'calvin' -AsPlainText -Force) -Verbose | Format-Table
+#>   
+
+[CmdletBinding()]
+param(
+    [Parameter(Mandatory)]
+    $Name,
+
+    [Parameter(Mandatory)]
+    [AccountProvider]$DirectoryService,
+
+    [Parameter(Mandatory=$false)]
+	[ValidateSet("AD", "LDAP")]
+    [String] $DirectoryType = "AD",
+
+    [Parameter(Mandatory)]
+    [String]$UserName,
+
+    [Parameter(Mandatory)]
+    [SecureString]$Password
+)
+
+Begin {}
+Process {
+    if (!$(Confirm-IsAuthenticated)){
+        Return
+    }
+    Try {
+        if ($SessionAuth.IgnoreCertificateWarning) { Set-CertPolicy }
+        $BaseUri = "https://$($SessionAuth.Host)"
+        $Headers = @{}
+        $ContentType = "application/json"
+        $Headers."X-Auth-Token" = $SessionAuth.Token
+
+        $AccountProviderSearchUrl = $BaseUri  + "/api/AccountService/ExternalAccountProvider/Actions/ExternalAccountProvider.SearchGroups"
+        $SearchPayload ='{
+            "DirectoryServerId": 0,
+            "Type": "AD",
+            "UserName": "[email protected]",
+            "Password": "dell@123",
+            "CommonName": "Admin"
+           }' | ConvertFrom-Json
+
+        $SearchPayload.DirectoryServerId = $DirectoryService.Id
+        $SearchPayload.Type = $DirectoryType
+        $SearchPayload.UserName = $UserName
+        $PasswordText = (New-Object PSCredential "user", $Password).GetNetworkCredential().Password
+        $SearchPayload.Password = $PasswordText
+        $SearchPayload.CommonName = $Name
+        $SearchPayload = $SearchPayload | ConvertTo-Json -Depth 6
+        Write-Verbose $SearchPayload
+        Write-Verbose $AccountProviderSearchUrl
+
+        $SearchResult = @()
+        $AccountProviderSearchResponse = Invoke-WebRequest -Uri $AccountProviderSearchUrl -UseBasicParsing -Headers $Headers -ContentType $ContentType -Method POST -Body $SearchPayload
+        if ($AccountProviderSearchResponse.StatusCode -in 200, 201) {
+            $AccountProviderSearchData = $AccountProviderSearchResponse.Content | ConvertFrom-Json
+            foreach ($SearchData in $AccountProviderSearchData) {
+                $SearchResult += New-DirectoryGroupFromJson -DirectoryGroup $SearchData
+            }
+            return $SearchResult
+        }
+    }
+    Catch {
+        Resolve-Error $_
+    }
+
+}
+
+End {}
+
+}