public/Get-VPASAllDiscoveredAccounts.ps1
|
<#
.Synopsis GET ALL DISCOVERED ACCOUNTS CREATED BY: Vadim Melamed, EMAIL: vpasmodule@gmail.com .DESCRIPTION USE THIS FUNCTION TO GET ALL DISCOVERED ACCOUNTS IN THE PENDING SAFE LIST .LINK https://vpasmodule.com/commands/Get-VPASAllDiscoveredAccounts .PARAMETER token HashTable of data containing various pieces of login information (PVWA, LoginToken, HeaderType, etc). If -token is not passed, function will use last known hashtable generated by New-VPASToken .PARAMETER InputParameters HashTable of values containing the parameters required to make the API call .EXAMPLE $AllDiscoveredAccountsJSON = Get-VPASAllDiscoveredAccounts .EXAMPLE $InputParameters = @{} $AllDiscoveredAccountsJSON = Get-VPASAllDiscoveredAccounts -InputParameters $InputParameters .OUTPUTS If successful: { "count": 12, "value": [ ... { "id": "19_13", "name": "components.vman.com-PSMTestUser-468fa034-7bb4-4fbd-baeb-fce59e29077b", "userName": "PSMTestUser", "address": "components.vman.com", "discoveryDateTime": 1724216091, "accountEnabled": true, "osGroups": "Administrators, Users", "platformType": "Windows Server Local", "domain": "vman.com", "lastLogonDateTime": 1724215358, "lastPasswordSetDateTime": 1722475482, "passwordNeverExpires": true, "osVersion": "Windows Server 2022 Standard Evaluation", "privileged": true, "userDisplayName": "PSMTestUser", "passwordExpirationDateTime": 0, "osFamily": "Server", "organizationalUnit": "CN=COMPONENTS,CN=Computers,DC=vman,DC=com", "additionalProperties": "@{AccountType=Local; CreationMethod=AutoDetected}", "platformTypeAccountProperties": "@{SID=S-1-5-21-3557626459-4054859972-1988515847-1006}", "numberOfDependencies": 0 }, { "id": "19_15", "name": "vman.com-vmanda-aa06b546-f19d-4716-a89b-d3bedfbb6858", "userName": "vmanda", "address": "vman.com", "discoveryDateTime": 1724216092, "accountEnabled": true, "osGroups": "Administrators, Remote Desktop Users", "platformType": "Windows Domain", "domain": "vman.com", "lastLogonDateTime": 1724213492, "lastPasswordSetDateTime": 1718764060, "passwordNeverExpires": true, "osVersion": "Windows Server 2022 Standard Evaluation", "privileged": true, "userDisplayName": "vmanda", "passwordExpirationDateTime": 0, "osFamily": "Server", "organizationalUnit": "CN=vmanda,CN=Users,DC=vman,DC=com", "additionalProperties": "@{AccountType=Domain; CreationMethod=AutoDetected}", "platformTypeAccountProperties": "@{SID=S-1-5-21-859712872-1750767134-752027284-1104}", "numberOfDependencies": 0 }, ... ] } --- $false if failed #> function Get-VPASAllDiscoveredAccounts{ [OutputType([bool],'System.Collections.Hashtable')] [CmdletBinding(DefaultParameterSetName='Set1')] Param( [Parameter(Mandatory=$true,ParameterSetName='InputParameters',ValueFromPipelineByPropertyName=$true,HelpMessage="Hashtable of parameters required to make API call, refer to get-help -examples for valid inputs")] [hashtable]$InputParameters, [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true)] [hashtable]$token ) Begin{ $tokenval,$sessionval,$PVWA,$Header,$ISPSS,$IdentityURL,$EnableTextRecorder,$AuditTimeStamp,$NoSSL,$VaultVersion,$HideWarnings,$AuthenticatedAs,$SubDomain,$EnableTroubleshooting = Get-VPASSession -token $token $CommandName = $MyInvocation.MyCommand.Name $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType COMMAND } Process{ try{ if($PSCmdlet.ParameterSetName -eq "InputParameters"){ $KeyHash = @{ set1 = @{ AcceptableKeys = @() MandatoryKeys = @() } } $CheckSet = Test-VPASHashtableKeysHelper -InputHash $InputParameters -KeyHash $KeyHash if(!$CheckSet){ $log = Write-VPASTextRecorder -inputval "FAILED TO FIND TARGET PARAMETER SET" -token $token -LogType MISC Write-Verbose "FAILED TO FIND TARGET PARAMETER SET" Write-VPASOutput -str "FAILED TO FIND TARGET PARAMETER SET...VIEW EXAMPLES BELOW:" -type E $examples = Write-VPASExampleHelper -CommandName $CommandName return $false } else{ foreach($key in $InputParameters.Keys){ Set-Variable -Name $key -Value $InputParameters.$key } } } }catch{ $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC Write-Verbose "FAILED TO RETRIEVE DISCOVERED ACCOUNTS" Write-VPASOutput -str $_ -type E return $false } try{ if($NoSSL){ Write-Verbose "NO SSL ENABLED, USING HTTP INSTEAD OF HTTPS" $uri = "http://$PVWA/passwordvault/api/DiscoveredAccounts?offset=0&limit=1000" } else{ Write-Verbose "SSL ENABLED BY DEFAULT, USING HTTPS" $uri = "https://$PVWA/passwordvault/api/DiscoveredAccounts?offset=0&limit=1000" } $output = @{ count = 0 value = "" } $log = Write-VPASTextRecorder -inputval $uri -token $token -LogType URI $log = Write-VPASTextRecorder -inputval "GET" -token $token -LogType METHOD write-verbose "MAKING API CALL TO CYBERARK" if($sessionval){ $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json" -WebSession $sessionval } else{ $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json" } $output.count = $response.count $output.value = $response.value $nextlink = $response.nextLink while(![String]::IsNullOrEmpty($nextlink)){ if($NoSSL){ Write-Verbose "NO SSL ENABLED, USING HTTP INSTEAD OF HTTPS" $uri = "http://$PVWA/PasswordVault/$nextlink" } else{ Write-Verbose "SSL ENABLED BY DEFAULT, USING HTTPS" $uri = "https://$PVWA/PasswordVault/$nextlink" } $log = Write-VPASTextRecorder -inputval $uri -token $token -LogType URI $log = Write-VPASTextRecorder -inputval "GET" -token $token -LogType METHOD if($sessionval){ $newresponse = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json" -WebSession $sessionval } else{ $newresponse = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json" } $output.count = $newresponse.count $output.value += $newresponse.value $nextlink = $newresponse.nextLink } $result = $output $outputlog = $result | ConvertTo-Json | ConvertFrom-Json $log = Write-VPASTextRecorder -inputval $outputlog -token $token -LogType RETURNARRAY Write-Verbose "RETURNING JSON OBJECT" return $result }catch{ $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC Write-Verbose "UNABLE TO GET ALL DISCOVERED ACCOUNTS" Write-VPASOutput -str $_ -type E return $false } } End{ $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType DIVIDER } } |