poweralto3

3.0.5

src/cmdlets/Get-PaAuthenticationProfile.ps1

function Get-PaAuthenticationProfile {
    [CmdletBinding()]
    Param (
        [Parameter(Mandatory=$False,Position=0)]
        [string]$Name,

        [Parameter(Mandatory=$False,Position=1)]
        [string]$Vsys = "shared",

        [Parameter(Mandatory=$False,Position=2)]
        [string]$Device
    )
    
    $VerbosePrefix = "Get-PaAuthenticationProfile:"

    if ($global:PaDeviceObject.Connected) {
        $InfoObject        = New-Object PaAuthenticationProfile
        $InfoObject.Name   = $Name
        $InfoObject.Vsys   = $Vsys
        $InfoObject.Device = $Device
        $Response          = Get-PaConfig $InfoObject.GetXpath()

        $ConfigNode = $InfoObject.ConfigNode

        $ReturnObject = @()
        foreach ($entry in $Response.response.result.$ConfigNode.entry) {
            $NewEntry      = New-Object PaAuthenticationProfile
            $ReturnObject += $NewEntry

            $NewEntry.Vsys   = $Vsys
            $NewEntry.Device = $Device

            $NewEntry.Name             = $entry.name
            $NewEntry.Type             = ($entry.method | Get-Member -MemberType Property)[0].Name
            $NewEntry.UserDomain       = $entry.'user-domain'
            $NewEntry.UsernameModifier = $entry.'username-modifier'
            $NewEntry.AllowList        = $entry.'allow-list'.member
            $NewEntry.FailedAttempts   = $entry.lockout.'failed-attempts'
            $NewEntry.LockoutTime      = $entry.lockout.'lockout-time'

            $NewEntry.ServerProfile         = $entry.method."$($NewEntry.Type)".'server-profile'

            switch ($NewEntry.Type) {
                "ldap" {
                    $NewEntry.LoginAttribute        = $entry.method.ldap.'login-attribute'
                    $NewEntry.PasswordExpiryWarning = $entry.method.ldap.'passwd-exp-days'
                    break
                }
                "radius" {
                    if ($entry.method.radius.checkgroup -eq 'yes') {
                        $NewEntry.RetrieveGroup = $true
                    }
                    break
                }
                "kerberos" {
                    $NewEntry.KerberosRealm = $entry.method.kerberos.realm
                    break
                }
            }
        }
        return $ReturnObject
    } else {
        Throw "$VerbosePrefix Not Connected, please use Get-PaConfig to connect before using other cmdlets."
    }
}