Functions/User/Set-PASUser.ps1
|
function Set-PASUser { <# .SYNOPSIS Updates a vault user .DESCRIPTION Updates an existing user in the vault .PARAMETER UserName The name of the user to update in the vault .PARAMETER NewPassword The password to set on the account. Must meet the password complexity requirements .PARAMETER Email The user's email address .PARAMETER FirstName The user's first name .PARAMETER LastName The user's last name .PARAMETER ChangePasswordOnTheNextLogon Whether or not user will be forced to change password on next logon .PARAMETER ExpiryDate Expiry Date to set on account. .PARAMETER UserTypeName The User Type .PARAMETER Disabled Whether or not the user will be enabled or disabled. .PARAMETER Location The Vault Location for the user .EXAMPLE set-pasuser -UserName Bill -Disabled $true Disables vault user Bill #> [CmdletBinding(SupportsShouldProcess)] param( [parameter( Mandatory = $true, ValueFromPipelinebyPropertyName = $true )] [string]$UserName, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $false )] [securestring]$NewPassword, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $false )] [string]$Email, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $false )] [string]$FirstName, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $false )] [string]$LastName, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $false )] [boolean]$ChangePasswordOnTheNextLogon, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $false )] [datetime]$ExpiryDate, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $false )] [string]$UserTypeName, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $false )] [boolean]$Disabled, [parameter( Mandatory = $false, ValueFromPipelinebyPropertyName = $false )] [string]$Location ) BEGIN { }#begin PROCESS { #Get request parameters $boundParameters = $PSBoundParameters | Get-PASParameter -ParametersToRemove UserName #deal with newPassword SecureString If ($PSBoundParameters.ContainsKey("NewPassword")) { #Include decoded password in request $boundParameters["NewPassword"] = $(ConvertTo-InsecureString -SecureString $NewPassword) } If ($PSBoundParameters.ContainsKey("ExpiryDate")) { #Convert ExpiryDate to string in Required format $Date = (Get-Date $ExpiryDate -Format MM/dd/yyyy).ToString() #Include date string in request $boundParameters["ExpiryDate"] = $Date } #Create URL for request $URI = "$Script:BaseURI/WebServices/PIMServices.svc/Users/$($UserName | Get-EscapedString)" #create request body $body = $boundParameters | ConvertTo-Json if ($PSCmdlet.ShouldProcess($UserName, "Update User Properties")) { #send request to web service $result = Invoke-PASRestMethod -Uri $URI -Method PUT -Body $Body -WebSession $Script:WebSession if ($result) { $result | Add-ObjectDetail -typename psPAS.CyberArk.Vault.User } } }#process END { }#end } |