
function Get-CurrentPluginType { 'dns-01' }

function Add-DnsTxt {
        [Parameter(Mandatory, Position = 0)]
        [Parameter(Mandatory, Position = 1)]
        [Parameter(ParameterSetName='Secure', Mandatory, Position = 2)]
        [Parameter(ParameterSetName='DeprecatedInsecure', Mandatory, Position = 2)]
        [Parameter(ParameterSetName='DeprecatedInsecure', Mandatory, Position = 3)]

    # Until PS Core gets New-WebServiceProxy, this will be a Desktop only plugin
    if (-not $PSVersionTable.PSEdition -or $PSVersionTable.PSEdition -ne "Desktop") {
        throw "The BlueCat plugin requires Windows PowerShell and is not supported on PowerShell Core."

    # extract the plain text credentials
    if ('Secure' -eq $PSCmdlet.ParameterSetName) {
        $BlueCatUsername = $BlueCatCredential.UserName
        $BlueCatPassword = $BlueCatCredential.GetNetworkCredential().Password

    $proxy = Get-BlueCatWsdlProxy -Username $BlueCatUsername -Password $BlueCatPassword -Uri $BlueCatUri
    $view = Get-View -ConfigurationName $BlueCatConfig -ViewName $BlueCatView -BlueCatProxy $proxy
    $parentZone = Get-ParentZone -AbsoluteName $RecordName -ViewId $ -BlueCatProxy $proxy
    $props = HashtableToString -Hashtable @{parentZoneName = $parentZone.absoluteName}
    $proxy.addTxtRecord($, $RecordName, $TxtValue, -1, $props)

        Add a DNS TXT record to BlueCat.

        Use the BAM API to add a TXT record.

    .PARAMETER RecordName
        The fully qualified name of the TXT record.

    .PARAMETER TxtValue
        The value of the TXT record.

    .PARAMETER BlueCatCredential
        BlueCat Username and Password.

    .PARAMETER BlueCatUsername
        (DEPRECATED) BlueCat Username.

    .PARAMETER BlueCatPassword
        (DEPRECATED) BlueCat Password.

    .PARAMETER BlueCatUri
        BlueCat API uri.

    .PARAMETER BlueCatConfig
        BlueCat Configuration name.

    .PARAMETER BlueCatView
        BlueCat DNS View name.

    .PARAMETER BlueCatDeployTargets
        List of BlueCat servers to deploy.

    .PARAMETER ExtraParams
        This parameter can be ignored and is only used to prevent errors when splatting with more parameters than this function supports.

        $cred = Get-Credential
        Add-DnsTxt '' 'txt-value' -BlueCatCredential $cred -BlueCatUri 'https://FQDN//Services/API' -BlueCatConfig 'foobar' -BlueCatView 'foobaz'

        Adds a TXT record for the specified site with the specified value.


function Remove-DnsTxt {
        [Parameter(Mandatory, Position = 0)]
        [Parameter(Mandatory, Position = 1)]
        [Parameter(ParameterSetName='Secure', Mandatory, Position = 2)]
        [Parameter(ParameterSetName='DeprecatedInsecure', Mandatory, Position = 2)]
        [Parameter(ParameterSetName='DeprecatedInsecure', Mandatory, Position = 3)]

    # Until PS Core gets New-WebServiceProxy, this will be a Desktop only plugin
    if (-not $PSVersionTable.PSEdition -or $PSVersionTable.PSEdition -ne "Desktop") {
        throw "The BlueCat plugin requires Windows PowerShell and is not supported on PowerShell Core."

    # extract the plain text credentials
    if ('Secure' -eq $PSCmdlet.ParameterSetName) {
        $BlueCatUsername = $BlueCatCredential.UserName
        $BlueCatPassword = $BlueCatCredential.GetNetworkCredential().Password

    $proxy = Get-BlueCatWsdlProxy -Username $BlueCatUsername -Password $BlueCatPassword -Uri $BlueCatUri
    $view = Get-View -ConfigurationName $BlueCatConfig -ViewName $BlueCatView -BlueCatProxy $proxy
    $parentZone = Get-ParentZone -AbsoluteName $RecordName -ViewId $ -BlueCatProxy $proxy
    $txtRecordName = $RecordName -ireplace "\.?$([regex]::Escape($parentZone.absoluteName.TrimEnd('.')))$",''
    $txtRecords = $proxy.getEntitiesByName($, $txtRecordName, "TXTRecord", 0, [int16]::MaxValue)
    $txtRecords = $txtRecords | ForEach-Object { (ConvertPSObjectToHashtable -InputObject $_) + (StringToHashtable -String $ }
    $txtRecord = $txtRecords | Where-Object { $_.txt -eq $TxtValue }
    if (!$ {
        throw ("No text record found!")

        Remove a DNS TXT record from BlueCat.

        Use the BAM API to remove a TXT record.

    .PARAMETER RecordName
        The fully qualified name of the TXT record.

    .PARAMETER TxtValue
        The value of the TXT record.

    .PARAMETER BlueCatCredential
        BlueCat Username and Password.

    .PARAMETER BlueCatUsername
        (DEPRECATED) BlueCat Username.

    .PARAMETER BlueCatPassword
        (DEPRECATED) BlueCat Password.

    .PARAMETER BlueCatUri
        BlueCat API uri.

    .PARAMETER BlueCatConfig
        BlueCat Configuration name.

    .PARAMETER BlueCatView
        BlueCat DNS View name.

    .PARAMETER BlueCatDeployTargets
        List of BlueCat servers to deploy.

    .PARAMETER ExtraParams
        This parameter can be ignored and is only used to prevent errors when splatting with more parameters than this function supports.

        $cred = Get-Credential
        Remove-DnsTxt '' 'txt-value' -BlueCatCredential $cred -BlueCatUri 'https://FQDN//Services/API' -BlueCatConfig 'foobar' -BlueCatView 'foobaz'

        Removes a TXT record for the specified site with the specified value.


function Save-DnsTxt {
        [Parameter(ParameterSetName='Secure', Mandatory, Position = 2)]
        [Parameter(ParameterSetName='DeprecatedInsecure', Mandatory, Position = 2)]
        [Parameter(ParameterSetName='DeprecatedInsecure', Mandatory, Position = 3)]

    # Until PS Core gets New-WebServiceProxy, this will be a Desktop only plugin
    if (-not $PSVersionTable.PSEdition -or $PSVersionTable.PSEdition -ne "Desktop") {
        throw "The BlueCat plugin requires Windows PowerShell and is not supported on PowerShell Core."

    # extract the plain text credentials
    if ('Secure' -eq $PSCmdlet.ParameterSetName) {
        $BlueCatUsername = $BlueCatCredential.UserName
        $BlueCatPassword = $BlueCatCredential.GetNetworkCredential().Password

    $proxy = Get-BlueCatWsdlProxy -Username $BlueCatUsername -Password $BlueCatPassword -Uri $BlueCatUri
    $config = $proxy.getEntityByName(0, $BlueCatConfig, "Configuration")
    Foreach ($ServerFQDN in $BlueCatDeployTargets) {
        $server = $proxy.getEntityByName($, $ServerFQDN, "Server")
        $props = HashtableToString -Hashtable @{"services" = "DNS"}
        $proxy.deployServerConfig($, $props)

        Deploy BlueCat changes to server(s).

        Use the BAM API to deploy DNS changes.

    .PARAMETER BlueCatCredential
        BlueCat Username and Password.

    .PARAMETER BlueCatUsername
        (DEPRECATED) BlueCat Username.

    .PARAMETER BlueCatPassword
        (DEPRECATED) BlueCat Password.

    .PARAMETER BlueCatUri
        BlueCat API uri.

    .PARAMETER BlueCatConfig
        BlueCat Configuration name.

    .PARAMETER BlueCatView
        BlueCat DNS View name.

    .PARAMETER BlueCatDeployTargets
        List of BlueCat servers to deploy.

    .PARAMETER ExtraParams
        This parameter can be ignored and is only used to prevent errors when splatting with more parameters than this function supports.

        Save-DnsTxt -BlueCatUsername 'xxxxxxxx' -BlueCatPassword 'xxxxxxxx' `
        -BlueCatUri 'https://FQDN//Services/API' -BlueCatConfig 'foobar' -BlueCatDeployTargets @('FQDN1', 'FQDN2', 'FQDN3')


# Helper Functions

function Get-BlueCatWsdlProxy {
    $wsdlProxy = New-WebServiceProxy -Uri "$($Uri)?wsdl"
    $wsdlProxy.url = $Uri
    $cookieContainer = New-Object System.Net.CookieContainer
    $wsdlProxy.CookieContainer = $cookieContainer
    $wsdlProxy.login($Username, $Password)
    return $wsdlProxy

function HashtableToString {

    $str = ""
    foreach ($i in $Hashtable.GetEnumerator()) {
        $str += "$($i.Name)=$($i.Value)|"
    return $str

function StringToHashtable {

    $hashtable = @{}
    $pairs = $String.split("|")
    foreach ($kv in $pairs) {
        $hashtable += ConvertFrom-StringData -StringData $kv
    return $hashtable

function ConvertPSObjectToHashtable {
    param (

    $hashtable = @{}
    foreach ($property in $InputObject.PSObject.Properties) {
        $hashtable[$property.Name] = $property.Value
    return $hashtable

function Get-View {
    param (

    $config = $BlueCatProxy.getEntityByName(0, $ConfigurationName, "Configuration")
    $BlueCatProxy.getEntityByName($, $ViewName, "View")

function Get-ParentZone {
    param (

    $zones = $AbsoluteName.split(".")
    $parentZone = @{ "id" = $ViewId }

    foreach ($el in $zones) {
        $zone = $BlueCatProxy.getEntityByName($, $el, "Zone")
        if (!$ {
        $parentZone = (ConvertPSObjectToHashtable -InputObject $zone) + (StringToHashtable -String $

    if (!$ {
        throw ("No parent zone found!")
    return $parentZone