public/Get-VPASEPVUserTypes.ps1
|
<#
.Synopsis GET EPV USER TYPES CREATED BY: Vadim Melamed, EMAIL: vmelamed5@gmail.com .DESCRIPTION USE THIS FUNCTION TO GET THE VARIOUS TYPES OF EPV USERS .PARAMETER token HashTable of data containing various pieces of login information (PVWA, LoginToken, HeaderType, etc). If -token is not passed, function will use last known hashtable generated by New-VPASToken .EXAMPLE $EPVUserTypesJSON = Get-VPASEPVUserTypes .OUTPUTS If successful: { "UserTypes": [ { "UserTypeId": 34, "UserTypeName": "EPVUser", "IsComponentUser": false, "AllowedClientInterfaces": "EVD GUI HTTPGW IBVSDK NAPI PACLI PIMSu PSM PSMP PVWA WINCLIENT XAPI" }, { "UserTypeId": 86, "UserTypeName": "EPVUserLite", "IsComponentUser": false, "AllowedClientInterfaces": "EVD PACLI PIMSu PSM PSMP PVWA WINCLIENT" }, { "UserTypeId": 87, "UserTypeName": "BasicUser", "IsComponentUser": false, "AllowedClientInterfaces": "PVWA" }, { "UserTypeId": 35, "UserTypeName": "AIMAccount", "IsComponentUser": true, "AllowedClientInterfaces": "AIMApp PAPI" }, { "UserTypeId": 31, "UserTypeName": "CPM", "IsComponentUser": true, "AllowedClientInterfaces": "CPM" }, { "UserTypeId": 32, "UserTypeName": "PVWA", "IsComponentUser": true, "AllowedClientInterfaces": "PVWAApp" }, { "UserTypeId": 75, "UserTypeName": "PSMHTML5Gateway", "IsComponentUser": true, "AllowedClientInterfaces": "PSMGWApp" }, { "UserTypeId": 36, "UserTypeName": "PSM", "IsComponentUser": true, "AllowedClientInterfaces": "PSMApp" }, { "UserTypeId": 33, "UserTypeName": "AppProvider", "IsComponentUser": true, "AllowedClientInterfaces": "AppPrv" }, { "UserTypeId": 591, "UserTypeName": "ExtUser", "IsComponentUser": false, "AllowedClientInterfaces": "PIMSu PSM PSMP PVWA" }, { "UserTypeId": 590, "UserTypeName": "BizUser", "IsComponentUser": false, "AllowedClientInterfaces": "PVWA" }, { "UserTypeId": 504, "UserTypeName": "DRUser", "IsComponentUser": false, "AllowedClientInterfaces": "DR" }, { "UserTypeId": 37, "UserTypeName": "OPMProvider", "IsComponentUser": true, "AllowedClientInterfaces": "AppPrv" }, { "UserTypeId": 99, "UserTypeName": "CCPEndpoints", "IsComponentUser": false, "AllowedClientInterfaces": "" }, { "UserTypeId": 43, "UserTypeName": "PSMUser", "IsComponentUser": false, "AllowedClientInterfaces": "PSM PSMApp PSMP PVWA" }, { "UserTypeId": 72, "UserTypeName": "PSMPADBridge", "IsComponentUser": true, "AllowedClientInterfaces": "PSMPApp" }, { "UserTypeId": 70, "UserTypeName": "PSMPServer", "IsComponentUser": true, "AllowedClientInterfaces": "PSMPApp" }, { "UserTypeId": 56, "UserTypeName": "IBVUser", "IsComponentUser": false, "AllowedClientInterfaces": "CIFS DC EMAIL FEWA GUI IBVSDK SEGEMail SFEWebUI WINCLIENT" }, { "UserTypeId": 55, "UserTypeName": "AutoIBVUser", "IsComponentUser": true, "AllowedClientInterfaces": "DCA EVD FTP HTTPGW IBVSDK NAPI PACLI XAPI" }, { "UserTypeId": 51, "UserTypeName": "CIFS", "IsComponentUser": true, "AllowedClientInterfaces": "CIFS CIFSApp" }, { "UserTypeId": 52, "UserTypeName": "FTP", "IsComponentUser": true, "AllowedClientInterfaces": "FTP FTPApp" }, { "UserTypeId": 54, "UserTypeName": "SFE", "IsComponentUser": true, "AllowedClientInterfaces": "SFEAPP" }, { "UserTypeId": 58, "UserTypeName": "DCAUser", "IsComponentUser": true, "AllowedClientInterfaces": "DCA" }, { "UserTypeId": 60, "UserTypeName": "DCAInstance", "IsComponentUser": true, "AllowedClientInterfaces": "DCAAPP" }, { "UserTypeId": 65, "UserTypeName": "SecureEpClientUser", "IsComponentUser": false, "AllowedClientInterfaces": "CIFS DC DCA EMAIL FEWA FTP GUI HTTPGW IBVSDK NAPI PACLI SEGEMail SFEWebUI WINCLIENT XAPI" }, { "UserTypeId": 66, "UserTypeName": "ClientlessUser", "IsComponentUser": false, "AllowedClientInterfaces": "CIFS FEWA FTP HTTPGW IBVSDK SFEWebUI" }, { "UserTypeId": 67, "UserTypeName": "AdHocRecipient", "IsComponentUser": false, "AllowedClientInterfaces": "SFEWebUI" }, { "UserTypeId": 68, "UserTypeName": "SecureEmailUser", "IsComponentUser": false, "AllowedClientInterfaces": "EMAIL IBVSDK SEGEMail SFEWebUI" }, { "UserTypeId": 69, "UserTypeName": "SEG", "IsComponentUser": true, "AllowedClientInterfaces": "SEGApp" }, { "UserTypeId": 501, "UserTypeName": "AllUsers", "IsComponentUser": false, "AllowedClientInterfaces": "UNKNOWN WINCLIENT CIFS FTP PAPI PACLI XAPI CPM DC DR HTTPGW PVWA CABACKUP DCA NAPI FEWA CAUnlock AppPrv CACrypt ENE SFEWebUI SFEAPP GUI FTPApp CIFSApp PVWAApp DCAAPP AIMApp IBVSDK EVD EMAIL PIMSu PSMApp SEGEMail SEGAppPSMP PSMPApp PTAApp PSM PSMGWApp APIGW Discover xRayAdmin PSMWeb EPMUser Synchrnzr CCP DAP DAPApp Telemetry IDptivApp " }, { "UserTypeId": 502, "UserTypeName": "DR_USER", "IsComponentUser": false, "AllowedClientInterfaces": "DR" }, { "UserTypeId": 10, "UserTypeName": "Built-InAdmins", "IsComponentUser": false, "AllowedClientInterfaces": "UNKNOWN WINCLIENT CIFS FTP PAPI PACLI XAPI CPM DC DR HTTPGW PVWA CABACKUP DCA NAPI FEWA CAUnlock AppPrv CACrypt ENE SFEWebUI SFEAPP GUI FTPApp CIFSApp PVWAApp DCAAPP AIMApp IBVSDK EVD EMAIL PIMSu PSMApp SEGEMail SEGAppPSMP PSMPApp PTAApp PSM PSMGWApp APIGW Discover xRayAdmin PSMWeb EPMUser Synchrnzr CCP DAP DAPApp Telemetry IDptivApp " }, { "UserTypeId": 11, "UserTypeName": "ENE", "IsComponentUser": true, "AllowedClientInterfaces": "ENE" }, { "UserTypeId": 74, "UserTypeName": "PTA", "IsComponentUser": true, "AllowedClientInterfaces": "PTAApp PVWA" }, { "UserTypeId": 84, "UserTypeName": "Telemetry", "IsComponentUser": true, "AllowedClientInterfaces": "PVWA Telemetry" }, { "UserTypeId": 85, "UserTypeName": "IDaptive", "IsComponentUser": true, "AllowedClientInterfaces": "IDptivApp PVWA" }, { "UserTypeId": 76, "UserTypeName": "DiscoveryApp", "IsComponentUser": true, "AllowedClientInterfaces": "Discover PVWA" }, { "UserTypeId": 77, "UserTypeName": "xRayAdminApp", "IsComponentUser": true, "AllowedClientInterfaces": "NAPI PACLI PVWA XAPI xRayAdmin" }, { "UserTypeId": 78, "UserTypeName": "PSMWeb", "IsComponentUser": true, "AllowedClientInterfaces": "PSMWeb PVWA" }, { "UserTypeId": 79, "UserTypeName": "EPMUser", "IsComponentUser": true, "AllowedClientInterfaces": "EPMUser PVWA" }, { "UserTypeId": 83, "UserTypeName": "DAPService", "IsComponentUser": true, "AllowedClientInterfaces": "DAPApp PVWA" } ] } --- $false if failed #> function Get-VPASEPVUserTypes{ [OutputType('System.Object',[bool])] [CmdletBinding()] Param( [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true,Position=0)] [hashtable]$token ) Begin{ $tokenval,$sessionval,$PVWA,$Header,$ISPSS,$IdentityURL,$EnableTextRecorder,$AuditTimeStamp,$NoSSL,$VaultVersion,$HideWarnings,$AuthenticatedAs,$SubDomain = Get-VPASSession -token $token $CommandName = $MyInvocation.MyCommand.Name $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType COMMAND } Process{ Write-Verbose "SUCCESSFULLY PARSED PVWA VALUE" Write-Verbose "SUCCESSFULLY PARSED TOKEN VALUE" try{ if($ISPSS){ Write-VPASOutput -str "ISPSS does not support this API Call, returning false" -type E $log = Write-VPASTextRecorder -inputval "Standard Privilege Cloud does not support this API Call, returning false" -token $token -LogType MISC $log = Write-VPASTextRecorder -inputval $false -token $token -LogType RETURN return $false } elseif(!$ISPSS -and ($PVWA -match ".privilegecloud.cyberark.")){ Write-VPASOutput -str "Standard Privilege Cloud does not support this API Call, returning false" -type E $log = Write-VPASTextRecorder -inputval "Standard Privilege Cloud does not support this API Call, returning false" -token $token -LogType MISC $log = Write-VPASTextRecorder -inputval $false -token $token -LogType RETURN return $false } else{ if($NoSSL){ Write-Verbose "NO SSL ENABLED, USING HTTP INSTEAD OF HTTPS" $uri = "http://$PVWA/PasswordVault/API/UserTypes" } else{ Write-Verbose "SSL ENABLED BY DEFAULT, USING HTTPS" $uri = "https://$PVWA/PasswordVault/API/UserTypes" } $log = Write-VPASTextRecorder -inputval $uri -token $token -LogType URI $log = Write-VPASTextRecorder -inputval "GET" -token $token -LogType METHOD write-verbose "MAKING API CALL TO CYBERARK" if($sessionval){ $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json" -WebSession $sessionval } else{ $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json" } $log = Write-VPASTextRecorder -inputval $response -token $token -LogType RETURN Write-Verbose "RETURNING JSON OBJECT" return $response } }catch{ $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC Write-Verbose "UNABLE TO GET EPV USER TYPES" Write-VPASOutput -str $_ -type E return $false } } End{ $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType DIVIDER } } |