Scripts/ActiveDirectory/New-CohesityActiveDirectory.ps1

function New-CohesityActiveDirectory {
    <#
        .SYNOPSIS
        Add active directory to the cohesity cluster.
        .DESCRIPTION
        After a Cohesity Cluster has been joined to an Active Directory domain,
        the users and groups in the domain can be authenticated on the Cohesity Cluster
        using their Active Directory credentials.
 
        .NOTES
        Published by Cohesity
        .LINK
        https://cohesity.github.io/cohesity-powershell-module/#/README
        .EXAMPLE
        New-CohesityActiveDirectory -DomainName cohesity.com -MachineAccounts "Test"
        .EXAMPLE
        New-CohesityActiveDirectory -DomainName cohesity.com -MachineAccounts "Test" -Credential (New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList "Administrator", (ConvertTo-SecureString -AsPlainText "secret" -Force))
    #>

    [CmdletBinding(SupportsShouldProcess = $True, ConfirmImpact = "High")]
    Param(
        [Parameter(Mandatory = $true)]
        [ValidateNotNullOrEmpty()]
        # Specifies the fully qualified domain name (FQDN) of an Active Directory.
        $DomainName,
        [Parameter(Mandatory = $true)]
        [ValidateNotNull()]
        [System.Management.Automation.PSCredential]
        [System.Management.Automation.Credential()]
        # Specifies the Active Directory credential.
        $Credential,
        [Parameter(Mandatory = $true)]
        # Array of Machine Accounts. Specifies an array of computer names used to identify the Cohesity Cluster on the domain.
        [string[]]$MachineAccounts
    )
    Begin {
        if (-not (Test-Path -Path "$HOME/.cohesity")) {
            throw "Failed to authenticate. Please connect to the Cohesity Cluster using 'Connect-CohesityCluster'"
        }
        $session = Get-Content -Path $HOME/.cohesity | ConvertFrom-Json

        $server = $session.ClusterUri

        $token = $session.Accesstoken.Accesstoken
    }

    Process {
        if ($PSCmdlet.ShouldProcess($DomainName)) {

            $UserName = $Credential.UserName
            $PlainPassword = $Credential.GetNetworkCredential().Password

            $url = $server + '/irisservices/api/v1/public/activeDirectory'

            $headers = @{'Authorization' = 'Bearer ' + $token}
            $payload = @{
                domainName                 = $DomainName
                machineAccounts            = @($MachineAccounts)
                preferredDomainControllers = @(@{domainName = $DomainName})
                trustedDomainsEnabled      = $false
                userIdMapping              = @{ }
                userName                   = $UserName
                password                   = $PlainPassword
            }
            $payloadJson = $payload | ConvertTo-Json
            $resp = Invoke-RestApi -Method Post -Uri $url -Headers $headers -Body $payloadJson
            if ($resp) {
                $resp
            }
            else {
                $errorMsg = "Failed to create, active directory configuration"
                Write-Output $errorMsg
                CSLog -Message $errorMsg
            }
        }
    }
    End {
    }
}