public/Get-VPASAccountDetails.ps1
|
<#
.Synopsis GET ACCOUNT DETAILS CREATED BY: Vadim Melamed, EMAIL: vpasmodule@gmail.com .DESCRIPTION USE THIS FUNCTION TO GET DETAILS OF AN ACCOUNT IN CYBERARK .LINK https://vpasmodule.com/commands/Get-VPASAccountDetails .PARAMETER token HashTable of data containing various pieces of login information (PVWA, LoginToken, HeaderType, etc). If -token is not passed, function will use last known hashtable generated by New-VPASToken .PARAMETER safe Safe name that will be used to query for the target account if no AcctID is passed .PARAMETER username Username that will be used to query for the target account if no AcctID is passed .PARAMETER platform PlatformID that will be used to query for the target account if no AcctID is passed .PARAMETER address Address that will be used to query for the target account if no AcctID is passed .PARAMETER AcctID Unique ID that maps to a single account, passing this variable will skip any query functions .PARAMETER ExactMatch Returns accounts that match search query exactly (not a wildcard search) .PARAMETER HideWarning Hide any warning outputs from the console during the API session .PARAMETER InputParameters HashTable of values containing the parameters required to make the API call .PARAMETER SavedFilter Returns accounts based on a prebuilt search query Possible values: "Regular", "Recently", "New", "Link", "Deleted", "PolicyFailures", "AccessedByUsers", "ModifiedByUsers", "ModifiedByCPM", "DisabledPasswordByUser", "DisabledPasswordByCPM", "ScheduledForChange", "ScheduledForVerify", "ScheduledForReconcile", "SuccessfullyReconciled", "FailedChange", "FailedVerify", "FailedReconcile", "LockedOrNew", "Locked", "Favorites" .EXAMPLE $AccountDetailsJSON = Get-VPASAccountDetails -safe {SAFE VALUE} -username {USERNAME VALUE} .EXAMPLE $AccountDetailsJSON = Get-VPASAccountDetails -AcctID {ACCTID VALUE} .EXAMPLE $InputParameters = @{ AcctID = 3_12 } $AccountDetailsJSON = Get-VPASAccountDetails -InputParameters $InputParameters .EXAMPLE $InputParameters = @{ safe = "TargetSafeName" platform = "TargetPlatformID" username = "TargetUsername" address = "TargetAddress" ExactMatch = $true|$false HideWarning = $true|$false SavedFilter = "Regular"|"Recently"|"New"|"Link"|"Deleted"|"PolicyFailures"|"AccessedByUsers"|"ModifiedByUsers"|"ModifiedByCPM"|"DisabledPasswordByUser"|"DisabledPasswordByCPM"|"ScheduledForChange"|"ScheduledForVerify"|"ScheduledForReconcile"|"SuccessfullyReconciled"|"FailedChange"|"FailedVerify"|"FailedReconcile"|"LockedOrNew"|"Locked"|"Favorites" } $AccountDetailsJSON = Get-VPASAccountDetails -InputParameters $InputParameters .OUTPUTS If successful: { "categoryModificationTime": 1715701023, "platformId": "VPASDualControl", "safeName": "VPASRequestSafe", "id": "120_3", "name": "Operating System-VPASDualControl-vman.com-DomainAdmin01", "address": "vman.com", "userName": "DomainAdmin011", "secretType": "password", "secretManagement": { "automaticManagementEnabled": true, "lastModifiedTime": 1715222718 }, "createdTime": 1715222718 } --- $false if failed #> function Get-VPASAccountDetails{ [OutputType('System.Object','System.Collections.Hashtable',[bool])] [CmdletBinding(DefaultParameterSetName='Set1')] Param( [Parameter(Mandatory=$false,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true)] [String]$safe, [Parameter(Mandatory=$false,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true)] [String]$platform, [Parameter(Mandatory=$false,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true)] [String]$username, [Parameter(Mandatory=$false,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true)] [String]$address, [Parameter(Mandatory=$true,ParameterSetName='Set2',ValueFromPipelineByPropertyName=$true,HelpMessage="Unique AccountID that references the target account (for example: 3_12)")] [String]$AcctID, [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true)] [hashtable]$token, [Parameter(Mandatory=$false,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true)] [Switch]$ExactMatch, [Parameter(Mandatory=$false,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true)] [Switch]$HideWarning, [Parameter(Mandatory=$true,ParameterSetName='InputParameters',ValueFromPipelineByPropertyName=$true,HelpMessage="Hashtable of parameters required to make API call, refer to get-help -examples for valid inputs")] [hashtable]$InputParameters, [Parameter(Mandatory=$false,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true)] [ValidateSet('Regular','Recently','New','Link','Deleted','PolicyFailures','AccessedByUsers','ModifiedByUsers','ModifiedByCPM','DisabledPasswordByUser','DisabledPasswordByCPM','ScheduledForChange','ScheduledForVerify','ScheduledForReconcile','SuccessfullyReconciled','FailedChange','FailedVerify','FailedReconcile','LockedOrNew','Locked','Favorites')] [String]$SavedFilter ) Begin{ $tokenval,$sessionval,$PVWA,$Header,$ISPSS,$IdentityURL,$EnableTextRecorder,$AuditTimeStamp,$NoSSL,$VaultVersion,$HideWarnings,$AuthenticatedAs,$SubDomain,$EnableTroubleshooting = Get-VPASSession -token $token $CommandName = $MyInvocation.MyCommand.Name $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType COMMAND } Process{ try{ if($PSCmdlet.ParameterSetName -eq "InputParameters"){ $KeyHash = @{ set1 = @{ AcceptableKeys = @("safe","platform","username","address","ExactMatch","HideWarning","SavedFilter") MandatoryKeys = @() } set2 = @{ AcceptableKeys = @("AcctID") MandatoryKeys = @("AcctID") } } $CheckSet = Test-VPASHashtableKeysHelper -InputHash $InputParameters -KeyHash $KeyHash if(!$CheckSet){ $log = Write-VPASTextRecorder -inputval "FAILED TO FIND TARGET PARAMETER SET" -token $token -LogType MISC Write-Verbose "FAILED TO FIND TARGET PARAMETER SET" Write-VPASOutput -str "FAILED TO FIND TARGET PARAMETER SET...VIEW EXAMPLES BELOW:" -type E $examples = Write-VPASExampleHelper -CommandName $CommandName return $false } else{ foreach($key in $InputParameters.Keys){ Set-Variable -Name $key -Value $InputParameters.$key } } } }catch{ $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC Write-Verbose "FAILED TO GET ACCOUNT DETAILS" Write-VPASOutput -str $_ -type E return $false } try{ if(![String]::IsNullOrEmpty($SavedFilter)){ Write-Verbose "SELECTED SAVED FILTER" $searchQuery = $SavedFilter Write-verbose "MAKING API CALL TO CYBERARK" if($NoSSL){ Write-Verbose "NO SSL ENABLED, USING HTTP INSTEAD OF HTTPS" $uri = "http://$PVWA/PasswordVault/api/Accounts?limit=1000&savedFilter=$searchQuery" } else{ Write-Verbose "SSL ENABLED BY DEFAULT, USING HTTPS" $uri = "https://$PVWA/PasswordVault/api/Accounts?limit=1000&savedFilter=$searchQuery" } $log = Write-VPASTextRecorder -inputval $uri -token $token -LogType URI $log = Write-VPASTextRecorder -inputval "GET" -token $token -LogType METHOD $output = @{ count = 0 value = "" } if($sessionval){ $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json" -WebSession $sessionval } else{ $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json" } $log = Write-VPASTextRecorder -inputval $response -token $token -LogType RETURNARRAY $output.count = $response.count $output.value = $response.value $nextlink = $response.nextLink while(![String]::IsNullOrEmpty($nextlink)){ if($NoSSL){ Write-Verbose "NO SSL ENABLED, USING HTTP INSTEAD OF HTTPS" $uri = "http://$PVWA/PasswordVault/$nextlink" } else{ Write-Verbose "SSL ENABLED BY DEFAULT, USING HTTPS" $uri = "https://$PVWA/PasswordVault/$nextlink" } $log = Write-VPASTextRecorder -inputval $uri -token $token -LogType URI $log = Write-VPASTextRecorder -inputval "GET" -token $token -LogType METHOD if($sessionval){ $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json" -WebSession $sessionval } else{ $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json" } $log = Write-VPASTextRecorder -inputval $response -token $token -LogType RETURN $output.count += $response.count $output.value += $response.value $nextlink = $response.nextLink } $result = $output Write-Verbose "PARSING DATA FROM CYBERARK" $counter = $result.count #------------------------------------- Write-Verbose "RETURNING ALL DATA FOR ACCOUNTS" $outputlog = $response return $result } else{ if([String]::IsNullOrEmpty($AcctID)){ Write-Verbose "NO ACCTID SUPPLIED" Write-Verbose "BUILDING SEARCH QUERY" $searchQuery = "$safe $platform $username $address" Write-verbose "MAKING API CALL TO CYBERARK" if($NoSSL){ Write-Verbose "NO SSL ENABLED, USING HTTP INSTEAD OF HTTPS" $uri = "http://$PVWA/PasswordVault/api/Accounts?limit=1000&search=$searchQuery" } else{ Write-Verbose "SSL ENABLED BY DEFAULT, USING HTTPS" $uri = "https://$PVWA/PasswordVault/api/Accounts?limit=1000&search=$searchQuery" } $log = Write-VPASTextRecorder -inputval $uri -token $token -LogType URI $log = Write-VPASTextRecorder -inputval "GET" -token $token -LogType METHOD $output = @{ count = 0 value = "" } if($sessionval){ $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json" -WebSession $sessionval } else{ $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json" } $log = Write-VPASTextRecorder -inputval $response -token $token -LogType RETURNARRAY $output.count = $response.count $output.value = $response.value $nextlink = $response.nextLink while(![String]::IsNullOrEmpty($nextlink)){ if($NoSSL){ Write-Verbose "NO SSL ENABLED, USING HTTP INSTEAD OF HTTPS" $uri = "http://$PVWA/PasswordVault/$nextlink" } else{ Write-Verbose "SSL ENABLED BY DEFAULT, USING HTTPS" $uri = "https://$PVWA/PasswordVault/$nextlink" } $log = Write-VPASTextRecorder -inputval $uri -token $token -LogType URI $log = Write-VPASTextRecorder -inputval "GET" -token $token -LogType METHOD if($sessionval){ $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json" -WebSession $sessionval } else{ $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json" } $log = Write-VPASTextRecorder -inputval $response -token $token -LogType RETURN $output.count += $response.count $output.value += $response.value $nextlink = $response.nextLink } if($ExactMatch){ Write-Verbose "PARSING DATA FROM CYBERARK" $newoutput = @{} $arr = @() $newcount = 0 foreach($rec in $output.value){ $curMatch = $true $recSafeName = $rec.safeName $recPlatform = $rec.platformId $recAddress = $rec.address $recUsername = $rec.userName if(![String]::IsNullOrEmpty($safe)){ if($safe -ne $recSafeName){ $curMatch = $false }} if(![String]::IsNullOrEmpty($platform)){ if($platform -ne $recPlatform){ $curMatch = $false }} if(![String]::IsNullOrEmpty($address)){ if($address -ne $recAddress){ $curMatch = $false }} if(![String]::IsNullOrEmpty($username)){ if($username -ne $recUsername){ $curMatch = $false }} if($curMatch){ $newcount += 1 $arr += $rec } } $newoutput = @{ count = $newcount value = $arr } $result = $newoutput } else{ $result = $output Write-Verbose "PARSING DATA FROM CYBERARK" } $counter = $result.count if($counter -gt 1){ if(!$HideWarning){ Write-VPASOutput -str "MULTIPLE ENTRIES FOUND, ADD MORE SEARCH FIELDS TO NARROW DOWN RESULTS" -type M } Write-Verbose "MULTIPLE RECORDS WERE RETURNED, ADD MORE SEARCH FIELDS TO NARROW DOWN RESULTS" } elseif($counter -eq 0){ Write-Verbose "NO ACCOUNTS FOUND WITH SPECIFIED PARAMETERS" if(!$HideWarning){ Write-VPASOutput -str "NO ACCOUNTS FOUND" -type M } $log = Write-VPASTextRecorder -inputval "NO ACCOUNTS FOUND" -token $token -LogType MISC $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC return $false } #------------------------------------- Write-Verbose "RETURNING ALL DATA FOR ACCOUNTS" $outputlog = $response return $result } else{ Write-Verbose "ACCTID SUPPLIED, SKIPPING SEARCH QUERY" if($NoSSL){ Write-Verbose "NO SSL ENABLED, USING HTTP INSTEAD OF HTTPS" $uri = "http://$PVWA/PasswordVault/api/Accounts/$AcctID" } else{ Write-Verbose "SSL ENABLED BY DEFAULT, USING HTTPS" $uri = "https://$PVWA/PasswordVault/api/Accounts/$AcctID" } $log = Write-VPASTextRecorder -inputval $uri -token $token -LogType URI $log = Write-VPASTextRecorder -inputval "GET" -token $token -LogType METHOD if($sessionval){ $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json" -WebSession $sessionval } else{ $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json" } $outputlog = $response $log = Write-VPASTextRecorder -inputval $outputlog -token $token -LogType RETURN return $response } } }catch{ $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC Write-Verbose "COULD NOT GET ACCOUNT DETAILS" if(!$HideWarning){ Write-VPASOutput -str $_ -type E } return $false } } End{ $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType DIVIDER } } |