public/Update-VPASEPVUser.ps1
<#
.Synopsis UPDATE EPV USER CREATED BY: Vadim Melamed, EMAIL: vpasmodule@gmail.com .DESCRIPTION USE THIS FUNCTION TO UPDATE AN EPV USER .LINK https://vpasmodule.com/commands/Update-VPASEPVUser .PARAMETER token HashTable of data containing various pieces of login information (PVWA, LoginToken, HeaderType, etc). If -token is not passed, function will use last known hashtable generated by New-VPASToken .PARAMETER UpdateWorkStreet EPVUser new WorkStreet value .PARAMETER UpdateWorkCity EPVUser new WorkCity value .PARAMETER UpdateWorkState EPVUser new WorkState value .PARAMETER UpdateWorkZip EPVUser new WorkZip value .PARAMETER UpdateWorkCountry EPVUser new WorkCountry value .PARAMETER UpdateHomePage EPVUser new HomePage value .PARAMETER UpdateHomeEmail EPVUser new HomeEmail value .PARAMETER UpdateBusinessEmail EPVUser new BusinessEmail value .PARAMETER UpdateOtherEmail EPVUser new OtherEmail value .PARAMETER UpdateHomeNumber EPVUser new HomeNumber value .PARAMETER UpdateBusinessNumber EPVUser new BusinessNumber value .PARAMETER UpdateCellularNumber EPVUser new CellularNumber value .PARAMETER UpdateFaxNumber EPVUser new Faxnumber value .PARAMETER UpdatePagerNumber EPVUser new PagerNumber value .PARAMETER UpdateChangePassOnNextLogon Enable or Disable ChangePassOnNextLogon restriction Possible values: Yes, No .PARAMETER UpdatePasswordNeverExpires Enable ot Disable PasswordNeverExpires restriction Possible values: Yes, No .PARAMETER UpdateEnableUser Enable or Disable current state of EPVUser Possible values: Enable, Disable .PARAMETER UpdateDescription EPVUser new Descripion value .PARAMETER UpdateLocation EPVUser new Location value .PARAMETER UpdateStreet EPVUser new Street value .PARAMETER UpdateCity EPVUser new City value .PARAMETER UpdateState EPVUser new State value .PARAMETER UpdateZip EPVUser new Zip value .PARAMETER UpdateCountry EPVUser new Country value .PARAMETER UpdateTitle EPVUser new Title value .PARAMETER UpdateOrganization EPVUser new Organization value .PARAMETER UpdateDepartment EPVUser new Department value .PARAMETER UpdateProfession EPVUser new Profession value .PARAMETER UpdateFirstName EPVUser new FirstName value .PARAMETER UpdateMiddleName EPVUser new MiddleName value .PARAMETER UpdateLastName EPVUser new LastName value .PARAMETER EPVUsername Query for the target EPVUser via Username .PARAMETER EPVUserID Query for the target EPVUser via UserID .PARAMETER AddVaultAuthorization Add VaultAuthorization permissions in addition to current permissions to target EPVUser Possible values: AddUpdateUsers, AddSafes, AddNetworkAreas, ManageDirectoryMapping, ManageServerFileCategories, AuditUsers, BackupAllSafes, RestoreAllSafes, ResetUsersPasswords, ActivateUsers .PARAMETER DeleteVaultAuthorization Delete specific existing VaultAuthorizations from target EPVUser Possible values: AddUpdateUsers, AddSafes, AddNetworkAreas, ManageDirectoryMapping, ManageServerFileCategories, AuditUsers, BackupAllSafes, RestoreAllSafes, ResetUsersPasswords, ActivateUsers .PARAMETER InputParameters HashTable of values containing the parameters required to make the API call .EXAMPLE $UpdateEPVUserJSON = Update-VPASEPVUser -EPVUsername {USERNAME VALUE} -UpdateLocation {LOCATION VALUE} -UpdateChangePassOnNextLogon Yes .EXAMPLE $UpdateEPVUserJSON = Update-VPASEPVUser -EPVUserID {EPVUSERID VALUE} -UpdateWorkCity {WORK CITY VALUE} .EXAMPLE $InputParameters = @{ EPVUsername = "TargetEPVUsername" UpdateWorkStreet = "WorkStreet" UpdateWorkCity = "WorkCity" UpdateWorkState = "WorkState" UpdateWorkZip = "WorkZip" UpdateWorkCountry = "WorkCountry" UpdateHomePage = "HomePage" UpdateHomeEmail = "HomeEmail" UpdateBusinessEmail = "BuisnessEmail" UpdateOtherEmail = "OtherEmail" UpdateHomeNumber = "HomeNumber" UpdateBusinessNumber = "BusinessNumber" UpdateCellularNumber = "CellNumber" UpdateFaxNumber = "FaxNumber" UpdatePagerNumber = "PagerNumber" UpdateEnableUser = "Enable"|"Disable" UpdateChangePassOnNextLogon = "Yes"|"No" UpdatePasswordNeverExpires = "Yes"|"No" UpdateDescription = "Description" UpdateLocation = "Location" UpdateStreet = "Street" UpdateCity = "City" UpdateState = "State" UpdateZip = "Zip" UpdateCountry = "Country" UpdateTitle = "Title" UpdateOrganization = "Organization" UpdateDepartment = "Department" UpdateProfession = "Profession" UpdateFirstName = "FirstName" UpdateMiddleName = "Middlename" UpdateLastName = "LastName" AddVaultAuthorization = "AddUpdateUsers"|"AddSafes"|"AddNetworkAreas"|"ManageDirectoryMapping"|"ManageServerFileCategories"|"AuditUsers"|"BackupAllSafes"|"RestoreAllSafes"|"ResetUsersPasswords"|"ActivateUsers" DeleteVaultAuthorization = "AddUpdateUsers"|"AddSafes"|"AddNetworkAreas"|"ManageDirectoryMapping"|"ManageServerFileCategories"|"AuditUsers"|"BackupAllSafes"|"RestoreAllSafes"|"ResetUsersPasswords"|"ActivateUsers" } $UpdateEPVUserJSON = Update-VPASEPVUser -InputParameters $InputParameters .EXAMPLE $InputParameters = @{ EPVUserID = "22" UpdateWorkStreet = "WorkStreet" UpdateWorkCity = "WorkCity" UpdateWorkState = "WorkState" UpdateWorkZip = "WorkZip" UpdateWorkCountry = "WorkCountry" UpdateHomePage = "HomePage" UpdateHomeEmail = "HomeEmail" UpdateBusinessEmail = "BuisnessEmail" UpdateOtherEmail = "OtherEmail" UpdateHomeNumber = "HomeNumber" UpdateBusinessNumber = "BusinessNumber" UpdateCellularNumber = "CellNumber" UpdateFaxNumber = "FaxNumber" UpdatePagerNumber = "PagerNumber" UpdateEnableUser = "Enable"|"Disable" UpdateChangePassOnNextLogon = "Yes"|"No" UpdatePasswordNeverExpires = "Yes"|"No" UpdateDescription = "Description" UpdateLocation = "Location" UpdateStreet = "Street" UpdateCity = "City" UpdateState = "State" UpdateZip = "Zip" UpdateCountry = "Country" UpdateTitle = "Title" UpdateOrganization = "Organization" UpdateDepartment = "Department" UpdateProfession = "Profession" UpdateFirstName = "FirstName" UpdateMiddleName = "Middlename" UpdateLastName = "LastName" AddVaultAuthorization = "AddUpdateUsers"|"AddSafes"|"AddNetworkAreas"|"ManageDirectoryMapping"|"ManageServerFileCategories"|"AuditUsers"|"BackupAllSafes"|"RestoreAllSafes"|"ResetUsersPasswords"|"ActivateUsers" DeleteVaultAuthorization = "AddUpdateUsers"|"AddSafes"|"AddNetworkAreas"|"ManageDirectoryMapping"|"ManageServerFileCategories"|"AuditUsers"|"BackupAllSafes"|"RestoreAllSafes"|"ResetUsersPasswords"|"ActivateUsers" } $UpdateEPVUserJSON = Update-VPASEPVUser -InputParameters $InputParameters .OUTPUTS If successful: { "enableUser": true, "changePassOnNextLogon": false, "expiryDate": null, "suspended": false, "lastSuccessfulLoginDate": 1723779044, "unAuthorizedInterfaces": [ ], "authenticationMethod": [ "AuthTypePass" ], "passwordNeverExpires": false, "distinguishedName": "", "description": "New user for documentation", "businessAddress": { "workStreet": "42 Wallaby Way", "workCity": "Sydney", "workState": "", "workZip": "", "workCountry": "Australia" }, "internet": { "homePage": "", "homeEmail": "", "businessEmail": "", "otherEmail": "" }, "phones": { "homeNumber": "", "businessNumber": "", "cellularNumber": "", "faxNumber": "", "pagerNumber": "" }, "personalDetails": { "street": "", "city": "", "state": "", "zip": "", "country": "", "title": "", "organization": "", "department": "", "profession": "", "firstName": "", "middleName": "", "lastName": "" }, "id": 245, "username": "NewUser", "source": "CyberArk", "userType": "EPVUser", "componentUser": false, "groupsMembership": [ ], "vaultAuthorization": [ ], "location": "\\" } --- $false if failed #> function Update-VPASEPVUser{ [OutputType('System.Object',[bool])] [CmdletBinding(DefaultParameterSetName='Set1')] Param( [Parameter(Mandatory=$true,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true,HelpMessage="Enter target EPVUsername (for example: vman)")] [String]$EPVUsername, [Parameter(Mandatory=$true,ParameterSetName='Set2',ValueFromPipelineByPropertyName=$true,HelpMessage="Enter target EPVUserID (for example: 55)")] [String]$EPVUserID, [Parameter(Mandatory=$false,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true)] [Parameter(Mandatory=$false,ParameterSetName='Set2',ValueFromPipelineByPropertyName=$true)] [String]$UpdateWorkStreet, [Parameter(Mandatory=$false,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true)] [Parameter(Mandatory=$false,ParameterSetName='Set2',ValueFromPipelineByPropertyName=$true)] [String]$UpdateWorkCity, [Parameter(Mandatory=$false,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true)] [Parameter(Mandatory=$false,ParameterSetName='Set2',ValueFromPipelineByPropertyName=$true)] [String]$UpdateWorkState, [Parameter(Mandatory=$false,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true)] [Parameter(Mandatory=$false,ParameterSetName='Set2',ValueFromPipelineByPropertyName=$true)] [String]$UpdateWorkZip, [Parameter(Mandatory=$false,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true)] [Parameter(Mandatory=$false,ParameterSetName='Set2',ValueFromPipelineByPropertyName=$true)] [String]$UpdateWorkCountry, [Parameter(Mandatory=$false,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true)] [Parameter(Mandatory=$false,ParameterSetName='Set2',ValueFromPipelineByPropertyName=$true)] [String]$UpdateHomePage, [Parameter(Mandatory=$false,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true)] [Parameter(Mandatory=$false,ParameterSetName='Set2',ValueFromPipelineByPropertyName=$true)] [String]$UpdateHomeEmail, [Parameter(Mandatory=$false,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true)] [Parameter(Mandatory=$false,ParameterSetName='Set2',ValueFromPipelineByPropertyName=$true)] [String]$UpdateBusinessEmail, [Parameter(Mandatory=$false,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true)] [Parameter(Mandatory=$false,ParameterSetName='Set2',ValueFromPipelineByPropertyName=$true)] [String]$UpdateOtherEmail, [Parameter(Mandatory=$false,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true)] [Parameter(Mandatory=$false,ParameterSetName='Set2',ValueFromPipelineByPropertyName=$true)] [String]$UpdateHomeNumber, [Parameter(Mandatory=$false,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true)] [Parameter(Mandatory=$false,ParameterSetName='Set2',ValueFromPipelineByPropertyName=$true)] [String]$UpdateBusinessNumber, [Parameter(Mandatory=$false,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true)] [Parameter(Mandatory=$false,ParameterSetName='Set2',ValueFromPipelineByPropertyName=$true)] [String]$UpdateCellularNumber, [Parameter(Mandatory=$false,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true)] [Parameter(Mandatory=$false,ParameterSetName='Set2',ValueFromPipelineByPropertyName=$true)] [String]$UpdateFaxNumber, [Parameter(Mandatory=$false,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true)] [Parameter(Mandatory=$false,ParameterSetName='Set2',ValueFromPipelineByPropertyName=$true)] [String]$UpdatePagerNumber, [Parameter(Mandatory=$false,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true)] [Parameter(Mandatory=$false,ParameterSetName='Set2',ValueFromPipelineByPropertyName=$true)] [ValidateSet('Enable','Disable')] [String]$UpdateEnableUser, [Parameter(Mandatory=$false,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true)] [Parameter(Mandatory=$false,ParameterSetName='Set2',ValueFromPipelineByPropertyName=$true)] [ValidateSet('Yes','No')] [String]$UpdateChangePassOnNextLogon, [Parameter(Mandatory=$false,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true)] [Parameter(Mandatory=$false,ParameterSetName='Set2',ValueFromPipelineByPropertyName=$true)] [ValidateSet('Yes','No')] [String]$UpdatePasswordNeverExpires, [Parameter(Mandatory=$false,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true)] [Parameter(Mandatory=$false,ParameterSetName='Set2',ValueFromPipelineByPropertyName=$true)] [String]$UpdateDescription, [Parameter(Mandatory=$false,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true)] [Parameter(Mandatory=$false,ParameterSetName='Set2',ValueFromPipelineByPropertyName=$true)] [String]$UpdateLocation, [Parameter(Mandatory=$false,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true)] [Parameter(Mandatory=$false,ParameterSetName='Set2',ValueFromPipelineByPropertyName=$true)] [String]$UpdateStreet, [Parameter(Mandatory=$false,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true)] [Parameter(Mandatory=$false,ParameterSetName='Set2',ValueFromPipelineByPropertyName=$true)] [String]$UpdateCity, [Parameter(Mandatory=$false,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true)] [Parameter(Mandatory=$false,ParameterSetName='Set2',ValueFromPipelineByPropertyName=$true)] [String]$UpdateState, [Parameter(Mandatory=$false,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true)] [Parameter(Mandatory=$false,ParameterSetName='Set2',ValueFromPipelineByPropertyName=$true)] [String]$UpdateZip, [Parameter(Mandatory=$false,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true)] [Parameter(Mandatory=$false,ParameterSetName='Set2',ValueFromPipelineByPropertyName=$true)] [String]$UpdateCountry, [Parameter(Mandatory=$false,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true)] [Parameter(Mandatory=$false,ParameterSetName='Set2',ValueFromPipelineByPropertyName=$true)] [String]$UpdateTitle, [Parameter(Mandatory=$false,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true)] [Parameter(Mandatory=$false,ParameterSetName='Set2',ValueFromPipelineByPropertyName=$true)] [String]$UpdateOrganization, [Parameter(Mandatory=$false,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true)] [Parameter(Mandatory=$false,ParameterSetName='Set2',ValueFromPipelineByPropertyName=$true)] [String]$UpdateDepartment, [Parameter(Mandatory=$false,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true)] [Parameter(Mandatory=$false,ParameterSetName='Set2',ValueFromPipelineByPropertyName=$true)] [String]$UpdateProfession, [Parameter(Mandatory=$false,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true)] [Parameter(Mandatory=$false,ParameterSetName='Set2',ValueFromPipelineByPropertyName=$true)] [String]$UpdateFirstName, [Parameter(Mandatory=$false,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true)] [Parameter(Mandatory=$false,ParameterSetName='Set2',ValueFromPipelineByPropertyName=$true)] [String]$UpdateMiddleName, [Parameter(Mandatory=$false,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true)] [Parameter(Mandatory=$false,ParameterSetName='Set2',ValueFromPipelineByPropertyName=$true)] [String]$UpdateLastName, [Parameter(Mandatory=$false,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true)] [Parameter(Mandatory=$false,ParameterSetName='Set2',ValueFromPipelineByPropertyName=$true)] [ValidateSet('AddUpdateUsers','AddSafes','AddNetworkAreas','ManageDirectoryMapping','ManageServerFileCategories','AuditUsers','BackupAllSafes','RestoreAllSafes','ResetUsersPasswords','ActivateUsers')] [String]$AddVaultAuthorization, [Parameter(Mandatory=$false,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true)] [Parameter(Mandatory=$false,ParameterSetName='Set2',ValueFromPipelineByPropertyName=$true)] [ValidateSet('AddUpdateUsers','AddSafes','AddNetworkAreas','ManageDirectoryMapping','ManageServerFileCategories','AuditUsers','BackupAllSafes','RestoreAllSafes','ResetUsersPasswords','ActivateUsers')] [String]$DeleteVaultAuthorization, [Parameter(Mandatory=$true,ParameterSetName='InputParameters',ValueFromPipelineByPropertyName=$true,HelpMessage="Hashtable of parameters required to make API call, refer to get-help -examples for valid inputs")] [hashtable]$InputParameters, [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true)] [hashtable]$token ) Begin{ $tokenval,$sessionval,$PVWA,$Header,$ISPSS,$IdentityURL,$EnableTextRecorder,$AuditTimeStamp,$NoSSL,$VaultVersion,$HideWarnings,$AuthenticatedAs,$SubDomain,$EnableTroubleshooting = Get-VPASSession -token $token $CommandName = $MyInvocation.MyCommand.Name $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType COMMAND } Process{ try{ if($PSCmdlet.ParameterSetName -eq "InputParameters"){ $KeyHash = @{ set1 = @{ AcceptableKeys = @("EPVUsername","UpdateWorkStreet","UpdateWorkCity","UpdateWorkState","UpdateWorkZip","UpdateWorkCountry","UpdateHomePage","UpdateHomeEmail","UpdateBusinessEmail","UpdateOtherEmail","UpdateHomeNumber","UpdateBusinessNumber","UpdateCellularNumber","UpdateFaxNumber","UpdatePagerNumber","UpdateEnableUser","UpdateChangePassOnNextLogon","UpdatePasswordNeverExpires","UpdateDescription","UpdateLocation","UpdateStreet","UpdateCity","UpdateState","UpdateZip","UpdateCountry","UpdateTitle","UpdateOrganization","UpdateDepartment","UpdateProfession","UpdateFirstName","UpdateMiddleName","UpdateLastName","AddVaultAuthorization","DeleteVaultAuthorization") MandatoryKeys = @("EPVUsername") } set2 = @{ AcceptableKeys = @("EPVUserID","UpdateWorkStreet","UpdateWorkCity","UpdateWorkState","UpdateWorkZip","UpdateWorkCountry","UpdateHomePage","UpdateHomeEmail","UpdateBusinessEmail","UpdateOtherEmail","UpdateHomeNumber","UpdateBusinessNumber","UpdateCellularNumber","UpdateFaxNumber","UpdatePagerNumber","UpdateEnableUser","UpdateChangePassOnNextLogon","UpdatePasswordNeverExpires","UpdateDescription","UpdateLocation","UpdateStreet","UpdateCity","UpdateState","UpdateZip","UpdateCountry","UpdateTitle","UpdateOrganization","UpdateDepartment","UpdateProfession","UpdateFirstName","UpdateMiddleName","UpdateLastName","AddVaultAuthorization","DeleteVaultAuthorization") MandatoryKeys = @("EPVUserID") } } $CheckSet = Test-VPASHashtableKeysHelper -InputHash $InputParameters -KeyHash $KeyHash if(!$CheckSet){ $log = Write-VPASTextRecorder -inputval "FAILED TO FIND TARGET PARAMETER SET" -token $token -LogType MISC Write-Verbose "FAILED TO FIND TARGET PARAMETER SET" Write-VPASOutput -str "FAILED TO FIND TARGET PARAMETER SET...VIEW EXAMPLES BELOW:" -type E $examples = Write-VPASExampleHelper -CommandName $CommandName return $false } else{ foreach($key in $InputParameters.Keys){ Set-Variable -Name $key -Value $InputParameters.$key } } } }catch{ $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC Write-Verbose "FAILED TO RETRIEVE USER" Write-VPASOutput -str $_ -type E return $false } try{ if($EPVUsername){ $LookupBy = "Username" $LookupVal = $EPVUsername } if($EPVUserID){ $LookupBy = "UserID" $LookupVal = $EPVUserID } if($LookupBy -eq "Username"){ Write-Verbose "INVOKING HELPER FUNCTION" $searchQuery = "$LookupVal" $UserID = Get-VPASEPVUserIDHelper -token $token -username $searchQuery } elseif($LookupBy -eq "UserID"){ Write-Verbose "SUPPLIED USERID: $LookupVal, SKIPPING HELPER FUNCTION" $UserID = $LookupVal } Write-Verbose "GETTING CURRENT DETAILS FOR $LookupBy : $LookupVal" if($NoSSL){ $uri = "http://$PVWA/PasswordVault/api/Users/$UserID" } else{ $uri = "https://$PVWA/PasswordVault/api/Users/$UserID" } Write-Verbose "MAKING API CALL TO CYBERARK" if($sessionval){ $CurVals = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json" -WebSession $sessionval } else{ $CurVals = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json" } Write-Verbose "SUCCESSFULLY RETRIEVED CURRENT DETAILS FOR $LookupBy : $LookupVal" write-verbose "PARSING THROUGH CURRENT VALUES" $curVaultAuthorizations = @() $temp = $CurVals.vaultAuthorization foreach($rec in $temp){ $curVaultAuthorizations += $rec } $curUsername = $CurVals.username $curUserType = $CurVals.userType $curLocation = $CurVals.location $curEnableUser = $CurVals.enableUser $curAuthenticationMethod = $CurVals.authenticationMethod $curChangePassOnNextLogon = $CurVals.changePassOnNextLogon $curPasswordNeverExpires = $CurVals.passwordNeverExpires $curDistinguishedName = $CurVals.distinguishedName $curBusinessAddress = @{} $curWorkStreet = $CurVals.businessAddress.workStreet $curWorkCity = $CurVals.businessAddress.workCity $curWorkState = $CurVals.businessAddress.workState $curWorkZip = $CurVals.businessAddress.workZip $curWorkCountry = $CurVals.businessAddress.workCountry $curBusinessAddress = @{ workStreet = $curWorkStreet workCity = $curWorkCity workState = $curWorkState workZip = $curWorkZip workCountry = $curWorkCountry } $curInternet = @{} $curHomePage = $CurVals.internet.homePage $curHomeEmail = $CurVals.internet.homeEmail $curBusinessEmail = $CurVals.internet.businessEmail $curOtherEmail = $CurVals.internet.otherEmail $curInternet = @{ homePage = $curHomePage homeEmail = $curHomeEmail businessEmail = $curBusinessEmail otherEmail = $curOtherEmail } $curPhones = @{} $curHomeNumber = $CurVals.phones.homeNumber $curBusinessNumber = $CurVals.phones.businessNumber $curCellularNumber = $CurVals.phones.cellularNumber $curFaxNumber = $CurVals.phones.faxNumber $curPagerNumber = $CurVals.phones.pagerNumber $curPhones = @{ homeNumber = $curHomeNumber businessNumber = $curBusinessNumber cellularNumber = $curCellularNumber faxNumber = $curFaxNumber pagerNumber = $curPagerNumber } $curDescription = $CurVals.description $curPersonalDetails = @{} $curStreet = $CurVals.personalDetails.street $curCity = $CurVals.personalDetails.city $curState = $CurVals.personalDetails.state $curZip = $CurVals.personalDetails.zip $curCountry = $CurVals.personalDetails.country $curTitle = $CurVals.personalDetails.title $curOrganization = $CurVals.personalDetails.organization $curDepartment = $CurVals.personalDetails.department $curProfession = $CurVals.personalDetails.profession $curFirstName = $CurVals.personalDetails.firstName $curMiddleName = $CurVals.personalDetails.middleName $curLastName = $CurVals.personalDetails.lastName $curPersonalDetails = @{ street = $curStreet city = $curCity state = $curState zip = $curZip country = $curCountry title = $curTitle organization = $curOrganization department = $curDepartment profession = $curProfession firstName = $curFirstName middleName = $curMiddleName lastName = $curLastName } $curSuspended = $CurVals.suspended $curID = $CurVals.id $curSource = $CurVals.source $curComponentUser = $CurVals.componentUser write-verbose "REPLACING CURRENT VALUES WITH UPDATED VALUES" #WORK SECTION if([String]::IsNullOrEmpty($UpdateWorkStreet)){ Write-Verbose "VALUE FOR WORK STREET EMPTY, SKIPPING" } else{ $curBusinessAddress.workStreet = $UpdateWorkStreet } if([String]::IsNullOrEmpty($UpdateWorkCity)){ Write-Verbose "VALUE FOR WORK CITY EMPTY, SKIPPING" } else{ $curBusinessAddress.workCity = $UpdateWorkCity } if([String]::IsNullOrEmpty($UpdateWorkState)){ Write-Verbose "VALUE FOR WORK STATE EMPTY, SKIPPING" } else{ $curBusinessAddress.workState = $UpdateWorkState } if([String]::IsNullOrEmpty($UpdateWorkZip)){ Write-Verbose "VALUE FOR WORK ZIP EMPTY, SKIPPING" } else{ $curBusinessAddress.workZip = $UpdateWorkZip } if([String]::IsNullOrEmpty($UpdateWorkCountry)){ Write-Verbose "VALUE FOR WORK COUNTRY EMPTY, SKIPPING" } else{ $curBusinessAddress.workCountry = $UpdateWorkCountry } #INTERNET if([String]::IsNullOrEmpty($UpdateHomePage)){ Write-Verbose "VALUE FOR HOME PAGE EMPTY, SKIPPING" } else{ $curInternet.homePage = $UpdateHomePage } if([String]::IsNullOrEmpty($UpdateHomeEmail)){ Write-Verbose "VALUE FOR HOME EMAIL EMPTY, SKIPPING" } else{ $curInternet.homeEmail = $UpdateHomeEmail } if([String]::IsNullOrEmpty($UpdateBusinessEmail)){ Write-Verbose "VALUE FOR BUSINESS EMAIL EMPTY, SKIPPING" } else{ $curInternet.businessEmail = $UpdateBusinessEmail } if([String]::IsNullOrEmpty($UpdateOtherEmail)){ Write-Verbose "VALUE FOR OTHER EMAIL EMPTY, SKIPPING" } else{ $curInternet.otherEmail = $UpdateOtherEmail } #PHONES if([String]::IsNullOrEmpty($UpdateHomeNumber)){ Write-Verbose "VALUE FOR HOME NUMBER EMPTY, SKIPPING" } else{ $curPhones.homeNumber = $UpdateHomeNumber } if([String]::IsNullOrEmpty($UpdateBusinessNumber)){ Write-Verbose "VALUE FOR BUSINESS NUMBER EMPTY, SKIPPING" } else{ $curPhones.businessNumber = $UpdateBusinessNumber } if([String]::IsNullOrEmpty($UpdateCellularNumber)){ Write-Verbose "VALUE FOR CELLULAR NUMBER EMPTY, SKIPPING" } else{ $curPhones.cellularNumber = $UpdateCellularNumber } if([String]::IsNullOrEmpty($UpdateFaxNumber)){ Write-Verbose "VALUE FOR FAX NUMBER EMPTY, SKIPPING" } else{ $curPhones.faxNumber = $UpdateFaxNumber } if([String]::IsNullOrEmpty($UpdatePagerNumber)){ Write-Verbose "VALUE FOR PAGER NUMBER EMPTY, SKIPPING" } else{ $curPhones.pagerNumber = $UpdatePagerNumber } if([String]::IsNullOrEmpty($UpdateDescription)){ Write-Verbose "VALUE FOR DESCRIPTION EMPTY, SKIPPING" } else{ $curDescription = $UpdateDescription } #PERSONAL DETAILS if([String]::IsNullOrEmpty($UpdateStreet)){ Write-Verbose "VALUE FOR STREET EMPTY, SKIPPING" } else{ $curPersonalDetails.street = $UpdateStreet } if([String]::IsNullOrEmpty($UpdateCity)){ Write-Verbose "VALUE FOR CITY EMPTY, SKIPPING" } else{ $curPersonalDetails.city = $UpdateCity } if([String]::IsNullOrEmpty($UpdateState)){ Write-Verbose "VALUE FOR STATE EMPTY, SKIPPING" } else{ $curPersonalDetails.state = $UpdateState } if([String]::IsNullOrEmpty($UpdateZip)){ Write-Verbose "VALUE FOR ZIP EMPTY, SKIPPING" } else{ $curPersonalDetails.zip = $UpdateZip } if([String]::IsNullOrEmpty($UpdateCountry)){ Write-Verbose "VALUE FOR COUNTRY EMPTY, SKIPPING" } else{ $curPersonalDetails.country = $UpdateCountry } if([String]::IsNullOrEmpty($UpdateTitle)){ Write-Verbose "VALUE FOR TITLE EMPTY, SKIPPING" } else{ $curPersonalDetails.title = $UpdateTitle } if([String]::IsNullOrEmpty($UpdateOrganization)){ Write-Verbose "VALUE FOR ORGANIZATION EMPTY, SKIPPING" } else{ $curPersonalDetails.organization = $UpdateOrganization } if([String]::IsNullOrEmpty($UpdateDepartment)){ Write-Verbose "VALUE FOR DEPARTMENT EMPTY, SKIPPING" } else{ $curPersonalDetails.department = $UpdateDepartment } if([String]::IsNullOrEmpty($UpdateProfession)){ Write-Verbose "VALUE FOR PROFESSION EMPTY, SKIPPING" } else{ $curPersonalDetails.profession = $UpdateProfession } if([String]::IsNullOrEmpty($UpdateFirstName)){ Write-Verbose "VALUE FOR FIRST NAME EMPTY, SKIPPING" } else{ $curPersonalDetails.firstName = $UpdateFirstName } if([String]::IsNullOrEmpty($UpdateMiddleName)){ Write-Verbose "VALUE FOR MIDDLE NAME EMPTY, SKIPPING" } else{ $curPersonalDetails.middleName = $UpdateMiddleName } if([String]::IsNullOrEmpty($UpdateLastName)){ Write-Verbose "VALUE FOR LAST NAME EMPTY, SKIPPING" } else{ $curPersonalDetails.lastName = $UpdateLastName } #MISC if([String]::IsNullOrEmpty($UpdatePasswordNeverExpires)){ Write-Verbose "VALUE FOR PASSWORD NEVER EXPIRES EMPTY, SKIPPING" } elseif($UpdatePasswordNeverExpires -eq "Yes"){ $curPasswordNeverExpires = $true } elseif($UpdatePasswordNeverExpires -eq "No"){ $curPasswordNeverExpires = $false } if([String]::IsNullOrEmpty($UpdateChangePassOnNextLogon)){ Write-Verbose "VALUE FOR CHANGE PASS ON NEXT LOGON EMPTY, SKIPPING" } elseif($UpdateChangePassOnNextLogon -eq "Yes"){ $curChangePassOnNextLogon = $true } elseif($UpdateChangePassOnNextLogon -eq "No"){ $curChangePassOnNextLogon = $false } if([String]::IsNullOrEmpty($UpdateEnableUser)){ Write-Verbose "VALUE FOR ENABLE USER EMPTY, SKIPPING" } elseif($UpdateEnableUser -eq "Enable"){ $curEnableUser = $true } elseif($UpdateEnableUser -eq "Disable"){ $curEnableUser = $false } $locationstr = "\" if([String]::IsNullOrEmpty($UpdateLocation)){ Write-Verbose "VALUE FOR LOCATION EMPTY, SKIPPING" } else{ $locationstr += $UpdateLocation $curLocation = $locationstr } if([String]::IsNullOrEmpty($AddVaultAuthorization)){ Write-Verbose "VALUE FOR ADDING VAULT AUTHORIZATIONS EMPTY, SKIPPING" } else{ if($curVaultAuthorizations.Contains($AddVaultAuthorization)){ Write-Verbose "USER ALREADY HAS THIS PERMISSION, SKIPPING" } else{ $curVaultAuthorizations += $AddVaultAuthorization } } if([String]::IsNullOrEmpty($DeleteVaultAuthorization)){ Write-Verbose "VALUE FOR DELETING VAULT AUTHORIZATIONS EMPTY, SKIPPING" } else{ if($curVaultAuthorizations.Contains($DeleteVaultAuthorization)){ $newVaultAuths = @() foreach($rec in $curVaultAuthorizations){ if($rec -eq $DeleteVaultAuthorization){ #DO NOTHING } else{ $newVaultAuths += $rec } } $curVaultAuthorizations = $newVaultAuths } else{ write-verbose "USER DOES NOT HAVE THIS PERMISSION, SKIPPING" } } write-verbose "PARAMETERS HAVE BEEN UPDATED, ADDING TO API PARAMETERS" $params = @{ enableUser = $curEnableUser changePassOnNextLogon = $curChangePassOnNextLogon suspended = $curSuspended passwordNeverExpires = $curPasswordNeverExpires distinguishedName = $curDistinguishedName description = $curDescription businessAddress = $curBusinessAddress internet = $curInternet phones = $curPhones personalDetails = $curPersonalDetails id = $curID username = $curUsername source = $curSource usertype = $curUserType componentUser = $curComponentUser vaultAuthorization = $curVaultAuthorizations location = $curLocation authenticationMethod = $curAuthenticationMethod } $log = Write-VPASTextRecorder -inputval $params -token $token -LogType PARAMS $params = $params | ConvertTo-Json write-verbose "FINISHED PARSING API PARAMETERS" if($NoSSL){ Write-Verbose "NO SSL ENABLED, USING HTTP INSTEAD OF HTTPS" $uri = "http://$PVWA/PasswordVault/api/Users/$UserID" } else{ Write-Verbose "SSL ENABLED BY DEFAULT, USING HTTPS" $uri = "https://$PVWA/PasswordVault/api/Users/$UserID" } $log = Write-VPASTextRecorder -inputval $uri -token $token -LogType URI $log = Write-VPASTextRecorder -inputval "PUT" -token $token -LogType METHOD Write-Verbose "MAKING API CALL TO CYBERARK" if($sessionval){ $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method PUT -Body $params -ContentType "application/json" -WebSession $sessionval } else{ $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method PUT -Body $params -ContentType "application/json" } $outputlog = $response $log = Write-VPASTextRecorder -inputval $outputlog -token $token -LogType RETURN Write-Verbose "SUCCESSFULLY UPDATED $LookupBy : $LookupVal" Write-verbose "RETURNING JSON OBJECT" return $response }catch{ $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC Write-Verbose "UNABLE TO UPDATE $LookupBy : $LookupVal" Write-VPASOutput -str $_ -type E return $false } } End{ $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType DIVIDER } } |