BitTitan.Runbooks.MSPComplete.psm1
|
<#
.SYNOPSIS Powershell module for common MSPComplete functions and resources. .NOTES Version: 0.2.0 Last updated: 18 September 2018 Copyright (c) BitTitan, Inc. All rights reserved. Licensed under the MIT License. #> # Enumeration for the various MSPComplete Entity types enum MSPCompleteEntityType { Customer CustomerGroup CustomerEndUser } <# .SYNOPSIS This function retrieves the administrative credential from a MSPComplete Endpoint. .DESCRIPTION This function retrieves the administrative credential from a MSPComplete Endpoint. There is no pre-processing required on the Endpoint, whether it is passed in using the MSPComplete platform or retrieved using Get-BT_Endpoint. .PARAMETER endpointId The ID of the MSPComplete Endpoint .PARAMETER endpoint The MSPComplete Endpoint .PARAMETER ticket The MSPComplete Customer Ticket .EXAMPLE $unmaskedEndpoint = Get-CredentialFromMSPCompleteEndpoint -EndpointId $Endpoint.Id .EXAMPLE $unmaskedEndpoint = Get-CredentialFromMSPCompleteEndpoint -Endpoint $Endpoint .EXAMPLE $unmaskedEndpoint = $Endpoint | Get-CredentialFromMSPCompleteEndpoint #> function Get-CredentialFromMSPCompleteEndpoint { param ( # The ID of the MSPComplete Endpoint [Parameter(Mandatory=$true, ParameterSetName="endpointId")] [String]$endpointId, # The MSPComplete Endpoint [Parameter(Mandatory=$true, ParameterSetName="endpoint", ValueFromPipeline=$true)] $endpoint, # The MSPComplete Customer Ticket [Parameter(Mandatory=$false)] $ticket = $mspc.CustomerTicket ) # Endpoint provided if ($PSCmdlet.ParameterSetName -eq "endpoint") { # Check if the Endpoint already has the credential as a property, return directly if ($null -ne $endpoint.Credential -and ![String]::IsNullOrWhiteSpace($endpoint.Credential.UserName) -and $null -ne $endpoint.Credential.Password) { Write-Information "Credential is present in endpoint." return $endpoint.Credential } # Check if the endpoint is already unmasked if (![String]::IsNullOrWhiteSpace($endpoint.AdministrativePassword) -and $endpoint.AdministrativePassword -ne "********") { Write-Information "Username and password are unmasked and present in endpoint." return (Get-CredentialFromUnmaskedMSPCompleteEndpoint -Endpoint $endpoint) } # Need to retrieve unmasked endpoint $endpointId = $endpoint.Id } # Retrieve unmasked endpoint $unmaskedEndpoint = Get-UnmaskedMSPCompleteEndpoint -EndpointId $endpointId -Ticket $ticket # Retrieve credential from unmasked endpoint return (Get-CredentialFromUnmaskedMSPCompleteEndpoint -Endpoint $unmaskedEndpoint) } <# .SYNOPSIS This function retrieves a copy of the given MSPComplete Endpoint with unmasked credentials. .DESCRIPTION This function retrieves a copy of the given MSPComplete Endpoint with unmasked credentials. .PARAMETER endpointId The ID of the MSPComplete Endpoint .PARAMETER endpoint The MSPComplete Endpoint .PARAMETER ticket The MSPComplete Customer Ticket .EXAMPLE $unmaskedEndpoint = Get-UnmaskedMSPCompleteEndpoint -EndpointId $Endpoint.Id .EXAMPLE $unmaskedEndpoint = Get-UnmaskedMSPCompleteEndpoint -Endpoint $Endpoint .EXAMPLE $unmaskedEndpoint = $Endpoint | Get-UnmaskedMSPCompleteEndpoint #> function Get-UnmaskedMSPCompleteEndpoint { param ( # The ID of the MSPComplete Endpoint [Parameter(Mandatory=$true, ParameterSetName="endpointId")] [String]$endpointId, # The MSPComplete Endpoint [Parameter(Mandatory=$true, ParameterSetName="endpoint", ValueFromPipeline=$true)] $endpoint, # The MSPComplete Customer Ticket [Parameter(Mandatory=$false)] $ticket = $mspc.CustomerTicket ) # Retrieve the endpoint ID if ($PSCmdlet.ParameterSetName -eq "endpoint") { $endpointId = $endpoint.Id } # Fetch the unmasked endpoint using the endpoint Id try { # Cast the Endpoint ID to Guid $endpointGuid = [GUID]($endpointId) # Get the unmasked endpoint using the endpoint ID $endpoint = Get-BT_Endpoint -Ticket $ticket -Id $endpointGuid -IsDeleted $False ` -ShouldUnmaskProperties $true | Select-Object -Property Name,Type -ExpandProperty Configuration } catch { Write-Error "Failed to retrieve the MSPComplete Endpoint with unmasked credentials. $($_.Exception.Message)" return $null } # Check the endpoint for valid credentials if ($endpoint.AdministrativeUserName -and $endpoint.AdministrativePassword) { Write-Information "Retrieved the MSPComplete Endpoint with unmasked credentials '$($endpoint.Name)'." return $endpoint } else { Write-Error ("The MSPComplete Endpoint '$($endpoint.Name)' has a blank or invalid username and/or password.") return $null } } <# .SYNOPSIS This function retrieves the administrative credential from an unmasked MSPComplete Endpoint. .DESCRIPTION This function retrieves the administrative credential from an unmasked MSPComplete Endpoint. .PARAMETER endpoint The unmasked MSPComplete Endpoint .EXAMPLE $credential = Get-CredentialFromUnmaskedMSPCompleteEndpoint -Endpoint $Endpoint .EXAMPLE $credential = $Endpoint | Get-CredentialFromUnmaskedMSPCompleteEndpoint #> function Get-CredentialFromUnmaskedMSPCompleteEndpoint { param ( # The unmasked MSPComplete Endpoint [Parameter(Mandatory=$true, ValueFromPipeline=$true)] $endpoint ) # Retrieve credential $credential = New-Object System.Management.Automation.PSCredential( $endpoint.AdministrativeUserName, ($endpoint.AdministrativePassword | ConvertTo-SecureString -AsPlainText -Force) ) return $credential } <# .SYNOPSIS This function retrieves the administrative credential in a form suitable for input parameters from an unmasked MSPComplete Endpoint. .DESCRIPTION This function retrieves the administrative credential in a form suitable for input parameters from an unmasked MSPComplete Endpoint. .PARAMETER endpoint The unmasked MSPComplete Endpoint .EXAMPLE $credential = Get-CredentialFromUnmaskedMSPCompleteEndpoint -Endpoint $Endpoint .EXAMPLE $credential = $Endpoint | Get-CredentialFromUnmaskedMSPCompleteEndpoint #> function Get-CredentialParamFromUnmaskedMSPCompleteEndpoint { param ( # The unmasked MSPComplete Endpoint [Parameter(Mandatory=$true, ValueFromPipeline=$true)] $endpoint ) # Retrieve credentials $credentialParam = @{ "username" = $endpoint.AdministrativeUserName; "password" = $endpoint.AdministrativePassword | ConvertTo-SecureString -AsPlainText -Force } return $credentialParam } |