diff --git a/CHANGELOG.md b/CHANGELOG.md
index 2d1dbc39..a3556906 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -28,6 +28,7 @@ Documenation:
- Updates `README.md` documentation to include support for DellEMC VxRAIL. [GH-98](https://github.com/vmware/powershell-module-for-vmware-cloud-foundation-reporting/pull/98)
Chore:
+- Removes the password policy functions that were moved to `PowerValidatedSolutions` v2.0.0. [GH-100](https://github.com/vmware/powershell-module-for-vmware-cloud-foundation-reporting/pull/100)
- Updates `PowerValidatedSolutions` from v2.0.0 to v2.0.1. [GH-99](https://github.com/vmware/powershell-module-for-vmware-cloud-foundation-reporting/pull/99)
## [v1.0.6](https://github.com/vmware/powershell-module-for-vmware-cloud-foundation-reporting/releases/tag/v1.0.6)
diff --git a/README.md b/README.md
index 131c9648..cd776244 100644
--- a/README.md
+++ b/README.md
@@ -528,7 +528,7 @@ The `Invoke-VcfPasswordPolicyReport` cmdlet generates a password policy report.
3. Generate the report by running the command in the PowerShell console.
```powershell
- Invoke-VcfPasswordPolicy -sddcManagerFqdn $sddcManagerFqdn -sddcManagerUser $sddcManagerUser -sddcManagerPass $sddcManagerPass -reportPath $reportPath -allDomains
+ Invoke-VcfPasswordPolicy -sddcManagerFqdn $sddcManagerFqdn -sddcManagerUser $sddcManagerUser -sddcManagerPass $sddcManagerPass -sddcRootPass $sddcManagerRootPass -reportPath $reportPath -allDomains
```
4. Review the generated HTML report.
@@ -566,7 +566,7 @@ The `Invoke-VcfPasswordPolicyReport` cmdlet generates a password policy report.
3. Generate the report by running the command in the PowerShell console.
```powershell
- Invoke-VcfPasswordPolicy -sddcManagerFqdn $sddcManagerFqdn -sddcManagerUser $sddcManagerUser -sddcManagerPass $sddcManagerPass -reportPath $reportPath -workloadDomain $workloadDomain
+ Invoke-VcfPasswordPolicy -sddcManagerFqdn $sddcManagerFqdn -sddcManagerUser $sddcManagerUser -sddcManagerPass $sddcManagerPass -sddcRootPass $sddcManagerRootPass -reportPath $reportPath -workloadDomain $workloadDomain
```
4. Review the generated HTML report.
diff --git a/VMware.CloudFoundation.Reporting.psd1 b/VMware.CloudFoundation.Reporting.psd1
index 81185520..9ebb9fce 100644
--- a/VMware.CloudFoundation.Reporting.psd1
+++ b/VMware.CloudFoundation.Reporting.psd1
@@ -3,7 +3,7 @@
#
# Generated by: Gary Blake, Cloud Infrastructure Business Group (CIBG)
#
-# Generated on: 02/28/2023
+# Generated on: 03/01/2023
#
@{
@@ -12,13 +12,13 @@
RootModule = '.\VMware.CloudFoundation.Reporting.psm1'
# Version number of this module.
- ModuleVersion = '1.1.0.1001'
+ ModuleVersion = '1.1.0.1002'
# Supported PSEditions
# CompatiblePSEditions = @()
# ID used to uniquely identify this module
- GUID = '076a93a7-31c4-4896-b712-4e620cf919b6'
+ GUID = 'acae0d50-ff72-459c-9ab7-98d79dd59fd9'
# Author of this module
Author = 'Gary Blake, Ryan Johnson, Ivaylo Ivanov, Antony Stefanov - Cloud Infrastructure Business Group (CIBG)'
diff --git a/VMware.CloudFoundation.Reporting.psm1 b/VMware.CloudFoundation.Reporting.psm1
index 8de05007..aa0ed1ad 100644
--- a/VMware.CloudFoundation.Reporting.psm1
+++ b/VMware.CloudFoundation.Reporting.psm1
@@ -7213,947 +7213,6 @@ Export-ModuleMember -Function Request-EsxiSecurityConfiguration
#######################################################################################################################
-#######################################################################################################################
-############################### P A S S W O R D P O L I C Y F U N C T I O N S ##################################
-
-Function Publish-SddcManagerPasswordExpiration {
- <#
- .SYNOPSIS
- Publish password expiration policy for SDDC Manager.
-
- .DESCRIPTION
- The Publish-SddcManagerPasswordExpiration cmdlet returns password expiration policy for SDDC Manager.
- The cmdlet connects to the SDDC Manager using the -server, -user, and -password values:
- - Validates that network connectivity and authentication is possible to SDDC Manager
- - Validates that network connectivity and authentication is possible to vCenter Server
- - Collects password expiration policy for each local user of SDDC Manager
-
- .EXAMPLE
- Publish-SddcManagerPasswordExpiration -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -sddcRootPass VMw@re1! -allDomains
- This example will return password expiration policy for each local user of SDDC Manager
-
- .EXAMPLE
- Publish-SddcManagerPasswordExpiration -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -sddcRootPass VMw@re1! -workloadDomain sfo-w01
- This example will NOT return the password expiration policy for each local user of SDDC Manager as the Workload Domain provided is not the Management Domain
- #>
-
- Param (
- [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$server,
- [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$user,
- [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$pass,
- [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$sddcRootPass,
- [Parameter (ParameterSetName = 'All-WorkloadDomains', Mandatory = $true)] [ValidateNotNullOrEmpty()] [Switch]$allDomains,
- [Parameter (ParameterSetName = 'Specific-WorkloadDomain', Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$workloadDomain
- )
-
- Try {
- if (Test-VCFConnection -server $server) {
- if (Test-VCFAuthentication -server $server -user $user -pass $pass) {
- $localUsers = @("root","vcf","backup")
- $allSddcManagerPasswordExpirationObject = New-Object System.Collections.ArrayList
- if ($PsBoundParameters.ContainsKey('workloadDomain')) {
- if (Get-VCFWorkloadDomain | Where-Object {$_.name -eq $workloadDomain -and $_.type -eq "MANAGEMENT"}) {
- $userPasswordExpiration = Request-LocalUserPasswordExpiration -server $server -user $user -pass $pass -domain (Get-VCFWorkloadDomain | Where-Object {$_.type -eq "MANAGEMENT"}).name -vmName ($server.Split("."))[-0] -guestUser root -guestPassword $sddcRootPass -localUser $localUsers; $allSddcManagerPasswordExpirationObject += $userPasswordExpiration
- }
- } elseif ($PsBoundParameters.ContainsKey('allDomains')) {
- $allWorkloadDomains = Get-VCFWorkloadDomain
- foreach ($domain in $allWorkloadDomains ) {
- if ($domain | Where-Object {$_.type -eq "MANAGEMENT"}) {
- $userPasswordExpiration = Request-LocalUserPasswordExpiration -server $server -user $user -pass $pass -domain (Get-VCFWorkloadDomain | Where-Object {$_.type -eq "MANAGEMENT"}).name -vmName ($server.Split("."))[-0] -guestUser root -guestPassword $sddcRootPass -localUser $localUsers; $allSddcManagerPasswordExpirationObject += $userPasswordExpiration
- }
- }
- }
-
- if ($allSddcManagerPasswordExpirationObject.Count -eq 0) { $notManagement = $true }
- if ($notManagement) {
- $allSddcManagerPasswordExpirationObject = $allSddcManagerPasswordExpirationObject | ConvertTo-Html -Fragment -PreContent 'SDDC Manager - Password Expiration
' -PostContent 'Management Domain not requested.
'
- } else {
- $allSddcManagerPasswordExpirationObject = $allSddcManagerPasswordExpirationObject | Sort-Object 'Workload Domain', 'Virtual Machine', 'Local User' | ConvertTo-Html -Fragment -PreContent 'SDDC Manager - Password Expiration
' -As Table
- }
- $allSddcManagerPasswordExpirationObject = Convert-CssClass -htmldata $allSddcManagerPasswordExpirationObject
- $allSddcManagerPasswordExpirationObject
- }
- }
- } Catch {
- Debug-CatchWriter -object $_
- }
-}
-Export-ModuleMember -Function Publish-SddcManagerPasswordExpiration
-
-Function Publish-SddcManagerPasswordComplexity {
- <#
- .SYNOPSIS
- Publish password complexity policy for SDDC Manager.
-
- .DESCRIPTION
- The Publish-SddcManagerPasswordComplexity cmdlet returns password complexity policy for SDDC Manager.
- The cmdlet connects to the SDDC Manager using the -server, -user, and -password values:
- - Validates that network connectivity and authentication is possible to SDDC Manager
- - Validates that network connectivity and authentication is possible to vCenter Server
- - Collects password complexity policy for SDDC Manager
-
- .EXAMPLE
- Publish-SddcManagerPasswordComplexity -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -sddcRootPass VMw@re1! -allDomains
- This example will return password complexity policy for SDDC Manager
-
- .EXAMPLE
- Publish-SddcManagerPasswordComplexity -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -sddcRootPass VMw@re1! -workloadDomain sfo-w01
- This example will NOT return the password complexity policy for SDDC Manager as the Workload Domain provided is not the Management Domain
- #>
-
- Param (
- [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$server,
- [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$user,
- [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$pass,
- [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$sddcRootPass,
- [Parameter (ParameterSetName = 'All-WorkloadDomains', Mandatory = $true)] [ValidateNotNullOrEmpty()] [Switch]$allDomains,
- [Parameter (ParameterSetName = 'Specific-WorkloadDomain', Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$workloadDomain
- )
-
- Try {
- if (Test-VCFConnection -server $server) {
- if (Test-VCFAuthentication -server $server -user $user -pass $pass) {
- $sddcManagerPasswordComplexityObject = New-Object System.Collections.ArrayList
- if ($PsBoundParameters.ContainsKey('workloadDomain')) {
- if (Get-VCFWorkloadDomain | Where-Object {$_.name -eq $workloadDomain -and $_.type -eq "MANAGEMENT"}) {
- $sddcManagerPasswordComplexity = Request-SddcManagerPasswordComplexity -server $server -user $user -pass $pass -rootPass $sddcRootPass; $sddcManagerPasswordComplexityObject += $sddcManagerPasswordComplexity
- }
- } elseif ($PsBoundParameters.ContainsKey('allDomains')) {
- $allWorkloadDomains = Get-VCFWorkloadDomain
- foreach ($domain in $allWorkloadDomains ) {
- if ($domain | Where-Object {$_.type -eq "MANAGEMENT"}) {
- $sddcManagerPasswordComplexity = Request-SddcManagerPasswordComplexity -server $server -user $user -pass $pass -rootPass $sddcRootPass; $sddcManagerPasswordComplexityObject += $sddcManagerPasswordComplexity
- }
- }
- }
-
- if ($sddcManagerPasswordComplexityObject.Count -eq 0) { $notManagement = $true }
- if ($notManagement) {
- $sddcManagerPasswordComplexityObject = $sddcManagerPasswordComplexityObject | ConvertTo-Html -Fragment -PreContent 'SDDC Manager - Password Complexity
' -PostContent 'Management Domain not requested.
'
- } else {
- $sddcManagerPasswordComplexityObject = $sddcManagerPasswordComplexityObject | Sort-Object 'Virtual Machine' | ConvertTo-Html -Fragment -PreContent 'SDDC Manager - Password Complexity
' -As Table
- }
- $sddcManagerPasswordComplexityObject = Convert-CssClass -htmldata $sddcManagerPasswordComplexityObject
- $sddcManagerPasswordComplexityObject
- }
- }
- } Catch {
- Debug-CatchWriter -object $_
- }
-}
-Export-ModuleMember -Function Publish-SddcManagerPasswordComplexity
-
-Function Publish-SddcManagerAccountLockout {
- <#
- .SYNOPSIS
- Publish password complexity policy for SDDC Manager.
-
- .DESCRIPTION
- The Publish-SddcManagerAccountLockout cmdlet returns account lockout policy for SDDC Manager.
- The cmdlet connects to the SDDC Manager using the -server, -user, and -password values:
- - Validates that network connectivity and authentication is possible to SDDC Manager
- - Validates that network connectivity and authentication is possible to vCenter Server
- - Collects account lockout policy forSDDC Manager
-
- .EXAMPLE
- Publish-SddcManagerAccountLockout -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -sddcRootPass VMw@re1! -allDomains
- This example will return account lockout policy for SDDC Manager
-
- .EXAMPLE
- Publish-SddcManagerAccountLockout -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -sddcRootPass VMw@re1! -workloadDomain sfo-w01
- This example will NOT return the account lockout policy for SDDC Manager as the Workload Domain provided is not the Management Domain
- #>
-
- Param (
- [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$server,
- [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$user,
- [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$pass,
- [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$sddcRootPass,
- [Parameter (ParameterSetName = 'All-WorkloadDomains', Mandatory = $true)] [ValidateNotNullOrEmpty()] [Switch]$allDomains,
- [Parameter (ParameterSetName = 'Specific-WorkloadDomain', Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$workloadDomain
- )
-
- Try {
- if (Test-VCFConnection -server $server) {
- if (Test-VCFAuthentication -server $server -user $user -pass $pass) {
- $sddcManagerAccountLockoutObject = New-Object System.Collections.ArrayList
- if ($PsBoundParameters.ContainsKey('workloadDomain')) {
- if (Get-VCFWorkloadDomain | Where-Object {$_.name -eq $workloadDomain -and $_.type -eq "MANAGEMENT"}) {
- $sddcManagerAccountlockout = Request-SddcManagerAccountLockout -server $server -user $user -pass $pass -rootPass $sddcRootPass; $sddcManagerAccountLockoutObject += $sddcManagerAccountlockout
- }
- } elseif ($PsBoundParameters.ContainsKey('allDomains')) {
- $allWorkloadDomains = Get-VCFWorkloadDomain
- foreach ($domain in $allWorkloadDomains ) {
- if ($domain | Where-Object {$_.type -eq "MANAGEMENT"}) {
- $sddcManagerAccountlockout = Request-SddcManagerAccountLockout -server $server -user $user -pass $pass -rootPass $sddcRootPass; $sddcManagerAccountLockoutObject += $sddcManagerAccountlockout
- }
- }
- }
-
- if ($sddcManagerAccountLockoutObject.Count -eq 0) { $notManagement = $true }
- if ($notManagement) {
- $sddcManagerAccountLockoutObject = $sddcManagerAccountLockoutObject | ConvertTo-Html -Fragment -PreContent 'SDDC Manager - Account Lockout
' -PostContent 'Management Domain not requested.
'
- } else {
- $sddcManagerAccountLockoutObject = $sddcManagerAccountLockoutObject | Sort-Object 'Virtual Machine' | ConvertTo-Html -Fragment -PreContent 'SDDC Manager - Account Lockout
' -As Table
- }
- $sddcManagerAccountLockoutObject = Convert-CssClass -htmldata $sddcManagerAccountLockoutObject
- $sddcManagerAccountLockoutObject
- }
- }
- } Catch {
- Debug-CatchWriter -object $_
- }
-}
-Export-ModuleMember -Function Publish-SddcManagerAccountLockout
-
-Function Publish-SsoPasswordExpiration {
- <#
- .SYNOPSIS
- Publish password expiration policy for vCenter Single Sign-On.
-
- .DESCRIPTION
- The Publish-SsoPasswordExpiration cmdlet returns password expiration policy for vCenter Single Sign-On.
- The cmdlet connects to the SDDC Manager using the -server, -user, and -password values:
- - Validates that network connectivity and authentication is possible to SDDC Manager
- - Validates that network connectivity and authentication is possible to vCenter Server
- - Collects password expiration policy for vCenter Single Sign-On
-
- .EXAMPLE
- Publish-SsoPasswordExpiration -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -allDomains
- This example will return password expiration policy for vCenter Single Sign-On
-
- .EXAMPLE
- Publish-SsoPasswordExpiration -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -workloadDomain sfo-w01
- This example will NOT return the password expiration policy vCenter Single Sign-On
- #>
-
- Param (
- [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$server,
- [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$user,
- [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$pass,
- [Parameter (ParameterSetName = 'All-WorkloadDomains', Mandatory = $true)] [ValidateNotNullOrEmpty()] [Switch]$allDomains,
- [Parameter (ParameterSetName = 'Specific-WorkloadDomain', Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$workloadDomain
- )
-
- Try {
- if (Test-VCFConnection -server $server) {
- if (Test-VCFAuthentication -server $server -user $user -pass $pass) {
- $ssoPasswordExpirationObject = New-Object System.Collections.ArrayList
- if ($PsBoundParameters.ContainsKey('workloadDomain')) {
- if (Get-VCFWorkloadDomain | Where-Object {$_.name -eq $workloadDomain -and $_.type -eq "MANAGEMENT"}) {
- $ssoPasswordExpiration = Request-SsoPasswordExpiration -server $server -user $user -pass $pass -domain $workloadDomain; $ssoPasswordExpirationObject += $ssoPasswordExpiration
- }
- } elseif ($PsBoundParameters.ContainsKey('allDomains')) {
- $allWorkloadDomains = Get-VCFWorkloadDomain
- foreach ($domain in $allWorkloadDomains ) {
- if ($domain | Where-Object {$_.type -eq "MANAGEMENT"}) {
- $ssoPasswordExpiration = Request-SsoPasswordExpiration -server $server -user $user -pass $pass -domain $domain.name; $ssoPasswordExpirationObject += $ssoPasswordExpiration
- }
- }
- }
-
- if ($ssoPasswordExpirationObject.Count -eq 0) { $notManagement = $true }
- if ($notManagement) {
- $ssoPasswordExpirationObject = $ssoPasswordExpirationObject | ConvertTo-Html -Fragment -PreContent 'vCenter Single Sign-On - Password Expiration
' -PostContent 'Management Domain not requested.
'
- } else {
- $ssoPasswordExpirationObject = $ssoPasswordExpirationObject | Sort-Object 'Workload Domain' | ConvertTo-Html -Fragment -PreContent 'vCenter Single Sign-On - Password Expiration
' -As Table
- }
- $ssoPasswordExpirationObject = Convert-CssClass -htmldata $ssoPasswordExpirationObject
- $ssoPasswordExpirationObject
- }
- }
- } Catch {
- Debug-CatchWriter -object $_
- }
-}
-Export-ModuleMember -Function Publish-SsoPasswordExpiration
-
-Function Publish-SsoPasswordComplexity {
- <#
- .SYNOPSIS
- Publish password complexity policy for vCenter Single Sign-On.
-
- .DESCRIPTION
- The Publish-SsoPasswordComplexity cmdlet returns password complexity policy for vCenter Single Sign-On.
- The cmdlet connects to the SDDC Manager using the -server, -user, and -password values:
- - Validates that network connectivity and authentication is possible to SDDC Manager
- - Validates that network connectivity and authentication is possible to vCenter Server
- - Collects password complexity policy for vCenter Single Sign-On
-
- .EXAMPLE
- Publish-SsoPasswordComplexity -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -allDomains
- This example will return password complexity policy for vCenter Single Sign-On
-
- .EXAMPLE
- Publish-SsoPasswordComplexity -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -workloadDomain sfo-w01
- This example will NOT return the password complexity policy vCenter Single Sign-On
- #>
-
- Param (
- [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$server,
- [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$user,
- [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$pass,
- [Parameter (ParameterSetName = 'All-WorkloadDomains', Mandatory = $true)] [ValidateNotNullOrEmpty()] [Switch]$allDomains,
- [Parameter (ParameterSetName = 'Specific-WorkloadDomain', Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$workloadDomain
- )
-
- Try {
- if (Test-VCFConnection -server $server) {
- if (Test-VCFAuthentication -server $server -user $user -pass $pass) {
- $ssoPasswordComplexityObject = New-Object System.Collections.ArrayList
- if ($PsBoundParameters.ContainsKey('workloadDomain')) {
- if (Get-VCFWorkloadDomain | Where-Object {$_.name -eq $workloadDomain -and $_.type -eq "MANAGEMENT"}) {
- $ssoPasswordComplexity = Request-SsoPasswordComplexity -server $server -user $user -pass $pass -domain $workloadDomain; $ssoPasswordComplexityObject += $ssoPasswordComplexity
- }
- } elseif ($PsBoundParameters.ContainsKey('allDomains')) {
- $allWorkloadDomains = Get-VCFWorkloadDomain
- foreach ($domain in $allWorkloadDomains ) {
- if ($domain | Where-Object {$_.type -eq "MANAGEMENT"}) {
- $ssoPasswordComplexity = Request-SsoPasswordComplexity -server $server -user $user -pass $pass -domain $domain.name; $ssoPasswordComplexityObject += $ssoPasswordComplexity
- }
- }
- }
-
- if ($ssoPasswordComplexityObject.Count -eq 0) { $notManagement = $true }
- if ($notManagement) {
- $ssoPasswordComplexityObject = $ssoPasswordComplexityObject | ConvertTo-Html -Fragment -PreContent 'vCenter Single Sign-On - Password Complexity
' -PostContent 'Management Domain not requested.
'
- } else {
- $ssoPasswordComplexityObject = $ssoPasswordComplexityObject | Sort-Object 'Workload Domain' | ConvertTo-Html -Fragment -PreContent 'vCenter Single Sign-On - Password Complexity
' -As Table
- }
- $ssoPasswordComplexityObject = Convert-CssClass -htmldata $ssoPasswordComplexityObject
- $ssoPasswordComplexityObject
- }
- }
- } Catch {
- Debug-CatchWriter -object $_
- }
-}
-Export-ModuleMember -Function Publish-SsoPasswordComplexity
-
-Function Publish-SsoAccountLockout {
- <#
- .SYNOPSIS
- Publish account lockout policy for vCenter Single Sign-On.
-
- .DESCRIPTION
- The Publish-SsoAccountLockout cmdlet returns account lockout policy for vCenter Single Sign-On.
- The cmdlet connects to the SDDC Manager using the -server, -user, and -password values:
- - Validates that network connectivity and authentication is possible to SDDC Manager
- - Validates that network connectivity and authentication is possible to vCenter Server
- - Collects account lockout policy for vCenter Single Sign-On
-
- .EXAMPLE
- Publish-SsoAccountLockout -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -allDomains
- This example will return account lockout policy for vCenter Single Sign-On
-
- .EXAMPLE
- Publish-SsoAccountLockout -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -workloadDomain sfo-w01
- This example will NOT return the account lockout policy vCenter Single Sign-On
- #>
-
- Param (
- [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$server,
- [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$user,
- [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$pass,
- [Parameter (ParameterSetName = 'All-WorkloadDomains', Mandatory = $true)] [ValidateNotNullOrEmpty()] [Switch]$allDomains,
- [Parameter (ParameterSetName = 'Specific-WorkloadDomain', Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$workloadDomain
- )
-
- Try {
- if (Test-VCFConnection -server $server) {
- if (Test-VCFAuthentication -server $server -user $user -pass $pass) {
- $ssoAccountLockoutObject = New-Object System.Collections.ArrayList
- if ($PsBoundParameters.ContainsKey('workloadDomain')) {
- if (Get-VCFWorkloadDomain | Where-Object {$_.name -eq $workloadDomain -and $_.type -eq "MANAGEMENT"}) {
- $ssoAccountLockout = Request-SsoPasswordComplexity -server $server -user $user -pass $pass -domain $workloadDomain; $ssoAccountLockoutObject += $ssoAccountLockout
- }
- } elseif ($PsBoundParameters.ContainsKey('allDomains')) {
- $allWorkloadDomains = Get-VCFWorkloadDomain
- foreach ($domain in $allWorkloadDomains ) {
- if ($domain | Where-Object {$_.type -eq "MANAGEMENT"}) {
- $ssoAccountLockout = Request-SsoPasswordComplexity -server $server -user $user -pass $pass -domain $domain.name; $ssoAccountLockoutObject += $ssoAccountLockout
- }
- }
- }
-
- if ($ssoAccountLockoutObject.Count -eq 0) { $notManagement = $true }
- if ($notManagement) {
- $ssoAccountLockoutObject = $ssoAccountLockoutObject | ConvertTo-Html -Fragment -PreContent 'vCenter Single Sign-On - Account Lockout
' -PostContent 'Management Domain not requested.
'
- } else {
- $ssoAccountLockoutObject = $ssoAccountLockoutObject | Sort-Object 'Workload Domain' | ConvertTo-Html -Fragment -PreContent 'vCenter Single Sign-On - Account Lockout
' -As Table
- }
- $ssoAccountLockoutObject = Convert-CssClass -htmldata $ssoAccountLockoutObject
- $ssoAccountLockoutObject
- }
- }
- } Catch {
- Debug-CatchWriter -object $_
- }
-}
-Export-ModuleMember -Function Publish-SsoAccountLockout
-
-Function Publish-VcenterPasswordExpiration {
- <#
- .SYNOPSIS
- Publish password expiration policy for vCenter Server.
-
- .DESCRIPTION
- The Publish-VcenterPasswordExpiration cmdlet returns password expiration policy for SDDC Manager.
- The cmdlet connects to the SDDC Manager using the -server, -user, and -password values:
- - Validates that network connectivity and authentication is possible to SDDC Manager
- - Validates that network connectivity and authentication is possible to vCenter Server
- - Collects password expiration policy for vCenter Server
-
- .EXAMPLE
- Publish-VcenterPasswordExpiration -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -allDomains
- This example will return password expiration policy for each vCenter Server
-
- .EXAMPLE
- Publish-VcenterPasswordExpiration -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -workloadDomain sfo-w01
- This example will return password expiration policy for a vCenter Server
- #>
-
- Param (
- [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$server,
- [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$user,
- [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$pass,
- [Parameter (ParameterSetName = 'All-WorkloadDomains', Mandatory = $true)] [ValidateNotNullOrEmpty()] [Switch]$allDomains,
- [Parameter (ParameterSetName = 'Specific-WorkloadDomain', Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$workloadDomain
- )
-
- Try {
- if (Test-VCFConnection -server $server) {
- if (Test-VCFAuthentication -server $server -user $user -pass $pass) {
- $vcenterPasswordExpirationObject = New-Object System.Collections.ArrayList
- if ($PsBoundParameters.ContainsKey('workloadDomain')) {
- $vcenterPasswordExpiration = Request-VcenterPasswordExpiration -server $server -user $user -pass $pass -domain $workloadDomain; $vcenterPasswordExpirationObject += $vcenterPasswordExpiration
- } elseif ($PsBoundParameters.ContainsKey('allDomains')) {
- $allWorkloadDomains = Get-VCFWorkloadDomain
- foreach ($domain in $allWorkloadDomains ) {
- $vcenterPasswordExpiration = Request-VcenterPasswordExpiration -server $server -user $user -pass $pass -domain $domain.name; $vcenterPasswordExpirationObject += $vcenterPasswordExpiration
- }
- }
-
- $vcenterPasswordExpirationObject = $vcenterPasswordExpirationObject | Sort-Object 'Workload Domain', 'Virtual Machine', 'Local User' | ConvertTo-Html -Fragment -PreContent 'vCenter Server - Password Expiration
' -As Table
- $vcenterPasswordExpirationObject = Convert-CssClass -htmldata $vcenterPasswordExpirationObject
- $vcenterPasswordExpirationObject
- }
- }
- } Catch {
- Debug-CatchWriter -object $_
- }
-}
-Export-ModuleMember -Function Publish-VcenterPasswordExpiration
-
-Function Publish-VcenterLocalPasswordExpiration {
- <#
- .SYNOPSIS
- Publish password expiration policy for each local user of vCenter Server.
-
- .DESCRIPTION
- The Publish-VcenterLocalPasswordExpiration cmdlet returns password expiration policy for SDDC Manager.
- The cmdlet connects to the SDDC Manager using the -server, -user, and -password values:
- - Validates that network connectivity and authentication is possible to SDDC Manager
- - Validates that network connectivity and authentication is possible to vCenter Server
- - Collects password expiration policy for each local user of vCenter Server
-
- .EXAMPLE
- Publish-VcenterLocalPasswordExpiration -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -allDomains
- This example will return password expiration policy for each local user of vCenter Server for all Workload Domains
-
- .EXAMPLE
- Publish-VcenterLocalPasswordExpiration -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -workloadDomain sfo-w01
- This example will return password expiration policy for each local user of vCenter Server
- #>
-
- Param (
- [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$server,
- [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$user,
- [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$pass,
- [Parameter (ParameterSetName = 'All-WorkloadDomains', Mandatory = $true)] [ValidateNotNullOrEmpty()] [Switch]$allDomains,
- [Parameter (ParameterSetName = 'Specific-WorkloadDomain', Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$workloadDomain
- )
-
- Try {
- if (Test-VCFConnection -server $server) {
- if (Test-VCFAuthentication -server $server -user $user -pass $pass) {
- $vcenterLocalPasswordExpirationObject = New-Object System.Collections.ArrayList
- if ($PsBoundParameters.ContainsKey('workloadDomain')) {
- $vcenterLocalPasswordExpiration = Request-VcenterRootPasswordExpiration -server $server -user $user -pass $pass -domain $workloadDomain; $vcenterLocalPasswordExpirationObject += $vcenterLocalPasswordExpiration
- } elseif ($PsBoundParameters.ContainsKey('allDomains')) {
- $allWorkloadDomains = Get-VCFWorkloadDomain
- foreach ($domain in $allWorkloadDomains ) {
- $vcenterLocalPasswordExpiration = Request-VcenterRootPasswordExpiration -server $server -user $user -pass $pass -domain $domain.name; $vcenterLocalPasswordExpirationObject += $vcenterLocalPasswordExpiration
- }
- }
-
- $vcenterLocalPasswordExpirationObject = $vcenterLocalPasswordExpirationObject | Sort-Object 'Workload Domain', 'Virtual Machine', 'Local User' | ConvertTo-Html -Fragment -PreContent 'vCenter Server - Password Expiration (Local Users)
' -As Table
- $vcenterLocalPasswordExpirationObject = Convert-CssClass -htmldata $vcenterLocalPasswordExpirationObject
- $vcenterLocalPasswordExpirationObject
- }
- }
- } Catch {
- Debug-CatchWriter -object $_
- }
-}
-Export-ModuleMember -Function Publish-VcenterLocalPasswordExpiration
-
-Function Publish-VcenterLocalPasswordComplexity {
- <#
- .SYNOPSIS
- Publish password complexity policy for each vCenter Server.
-
- .DESCRIPTION
- The Publish-VcenterLocalPasswordComplexity cmdlet returns password complexity policy for SDDC Manager.
- The cmdlet connects to the SDDC Manager using the -server, -user, and -password values:
- - Validates that network connectivity and authentication is possible to SDDC Manager
- - Validates that network connectivity and authentication is possible to vCenter Server
- - Collects password complexity policy for each vCenter Server
-
- .EXAMPLE
- Publish-VcenterLocalPasswordComplexity -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -allDomains
- This example will return password complexity policy for each vCenter Server for all Workload Domains
-
- .EXAMPLE
- Publish-VcenterLocalPasswordComplexity -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -workloadDomain sfo-w01
- This example will return password complexity policy for a vCenter Server
- #>
-
- Param (
- [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$server,
- [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$user,
- [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$pass,
- [Parameter (ParameterSetName = 'All-WorkloadDomains', Mandatory = $true)] [ValidateNotNullOrEmpty()] [Switch]$allDomains,
- [Parameter (ParameterSetName = 'Specific-WorkloadDomain', Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$workloadDomain
- )
-
- Try {
- if (Test-VCFConnection -server $server) {
- if (Test-VCFAuthentication -server $server -user $user -pass $pass) {
- $vcenterLocalPasswordComplexitynObject = New-Object System.Collections.ArrayList
- if ($PsBoundParameters.ContainsKey('workloadDomain')) {
- $vcenterLocalPasswordComplexity = Request-VcenterPasswordComplexity -server $server -user $user -pass $pass -domain $workloadDomain; $vcenterLocalPasswordComplexitynObject += $vcenterLocalPasswordComplexity
- } elseif ($PsBoundParameters.ContainsKey('allDomains')) {
- $allWorkloadDomains = Get-VCFWorkloadDomain
- foreach ($domain in $allWorkloadDomains ) {
- $vcenterLocalPasswordComplexity = Request-VcenterPasswordComplexity -server $server -user $user -pass $pass -domain $domain.name; $vcenterLocalPasswordComplexitynObject += $vcenterLocalPasswordComplexity
- }
- }
-
- $vcenterLocalPasswordComplexitynObject = $vcenterLocalPasswordComplexitynObject | Sort-Object 'Workload Domain', 'Virtual Machine' | ConvertTo-Html -Fragment -PreContent 'vCenter Server - Password Complexity (Local Users)
' -As Table
- $vcenterLocalPasswordComplexitynObject = Convert-CssClass -htmldata $vcenterLocalPasswordComplexitynObject
- $vcenterLocalPasswordComplexitynObject
- }
- }
- } Catch {
- Debug-CatchWriter -object $_
- }
-}
-Export-ModuleMember -Function Publish-VcenterLocalPasswordComplexity
-
-Function Publish-VcenterLocalAccountLockout {
- <#
- .SYNOPSIS
- Publish account lockout policy for each vCenter Server.
-
- .DESCRIPTION
- The Publish-VcenterLocalAccountLockout cmdlet returns account lockout policy for SDDC Manager.
- The cmdlet connects to the SDDC Manager using the -server, -user, and -password values:
- - Validates that network connectivity and authentication is possible to SDDC Manager
- - Validates that network connectivity and authentication is possible to vCenter Server
- - Collects password account lockout for each vCenter Server
-
- .EXAMPLE
- Publish-VcenterLocalAccountLockout -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -allDomains
- This example will return password account lockout for each vCenter Server for all Workload Domains
-
- .EXAMPLE
- Publish-VcenterLocalAccountLockout -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -workloadDomain sfo-w01
- This example will return password account lockout for a vCenter Server
- #>
-
- Param (
- [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$server,
- [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$user,
- [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$pass,
- [Parameter (ParameterSetName = 'All-WorkloadDomains', Mandatory = $true)] [ValidateNotNullOrEmpty()] [Switch]$allDomains,
- [Parameter (ParameterSetName = 'Specific-WorkloadDomain', Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$workloadDomain
- )
-
- Try {
- if (Test-VCFConnection -server $server) {
- if (Test-VCFAuthentication -server $server -user $user -pass $pass) {
- $vcenterLocalAccountLockoutObject = New-Object System.Collections.ArrayList
- if ($PsBoundParameters.ContainsKey('workloadDomain')) {
- $vcenterLocalAccountLockout = Request-VcenterAccountLockout -server $server -user $user -pass $pass -domain $workloadDomain; $vcenterLocalAccountLockoutObject += $vcenterLocalAccountLockout
- } elseif ($PsBoundParameters.ContainsKey('allDomains')) {
- $allWorkloadDomains = Get-VCFWorkloadDomain
- foreach ($domain in $allWorkloadDomains ) {
- $vcenterLocalAccountLockout = Request-VcenterAccountLockout -server $server -user $user -pass $pass -domain $domain.name; $vcenterLocalAccountLockoutObject += $vcenterLocalAccountLockout
- }
- }
-
- $vcenterLocalAccountLockoutObject = $vcenterLocalAccountLockoutObject | Sort-Object 'Workload Domain', 'Virtual Machine' | ConvertTo-Html -Fragment -PreContent 'vCenter Server - Account Lockout (Local Users)
' -As Table
- $vcenterLocalAccountLockoutObject = Convert-CssClass -htmldata $vcenterLocalAccountLockoutObject
- $vcenterLocalAccountLockoutObject
- }
- }
- } Catch {
- Debug-CatchWriter -object $_
- }
-}
-Export-ModuleMember -Function Publish-VcenterLocalAccountLockout
-
-Function Publish-NsxManagerPasswordExpiration {
- <#
- .SYNOPSIS
- Publish password expiration policy for NSX Local Manager.
-
- .DESCRIPTION
- The Publish-NsxManagerPasswordExpiration cmdlet returns password expiration policy for local users of NSX Local
- Manager. The cmdlet connects to the SDDC Manager using the -server, -user, and -password values:
- - Validates that network connectivity and authentication is possible to SDDC Manager
- - Validates that network connectivity and authentication is possible to vCenter Server
- - Collects password expiration policy for each local user of NSX Local Manager
-
- .EXAMPLE
- Publish-NsxManagerPasswordExpiration -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -allDomains
- This example will return password expiration policy for each local user of NSX Local Manager for all Workload Domains
-
- .EXAMPLE
- Publish-NsxManagerPasswordExpiration -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -workloadDomain sfo-w01
- This example will return password expiration policy for each local user of NSX Local Manager for a Workload Domain
- #>
-
- Param (
- [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$server,
- [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$user,
- [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$pass,
- [Parameter (ParameterSetName = 'All-WorkloadDomains', Mandatory = $true)] [ValidateNotNullOrEmpty()] [Switch]$allDomains,
- [Parameter (ParameterSetName = 'Specific-WorkloadDomain', Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$workloadDomain
- )
-
- Try {
- if (Test-VCFConnection -server $server) {
- if (Test-VCFAuthentication -server $server -user $user -pass $pass) {
- $localUsers = @("root","admin","audit","guestuser1","guestuser2")
- $nsxManagerPasswordExpirationObject = New-Object System.Collections.ArrayList
- if ($PsBoundParameters.ContainsKey('workloadDomain')) {
- if (($vcfNsxDetails = Get-NsxtServerDetail -fqdn $server -username $user -password $pass -domain $workloadDomain -listNodes)) {
- foreach ($nsxtManagerNode in $vcfNsxDetails.nodes) {
- $nsxPasswordExpiration = Request-LocalUserPasswordExpiration -server $server -user $user -pass $pass -domain $workloadDomain -vmName ($nsxtManagerNode.fqdn.Split("."))[-0] -guestUser $vcfNsxDetails.rootUser -guestPassword $vcfNsxDetails.rootPass -localUser $localUsers; $nsxManagerPasswordExpirationObject += $nsxPasswordExpiration
- }
- }
- } elseif ($PsBoundParameters.ContainsKey('allDomains')) {
- $allWorkloadDomains = Get-VCFWorkloadDomain
- foreach ($domain in $allWorkloadDomains ) {
- if (($vcfNsxDetails = Get-NsxtServerDetail -fqdn $server -username $user -password $pass -domain $domain.name -listNodes)) {
- foreach ($nsxtManagerNode in $vcfNsxDetails.nodes) {
- $nsxPasswordExpiration = Request-LocalUserPasswordExpiration -server $server -user $user -pass $pass -domain $domain.name -vmName ($nsxtManagerNode.fqdn.Split("."))[-0] -guestUser $vcfNsxDetails.rootUser -guestPassword $vcfNsxDetails.rootPass -localUser $localUsers; $nsxManagerPasswordExpirationObject += $nsxPasswordExpiration
- }
- }
- }
- }
-
- $nsxManagerPasswordExpirationObject = $nsxManagerPasswordExpirationObject | Sort-Object 'Workload Domain', 'Virtual Machine', 'Local User' | ConvertTo-Html -Fragment -PreContent 'NSX Manager - Password Expiration
' -As Table
- $nsxManagerPasswordExpirationObject = Convert-CssClass -htmldata $nsxManagerPasswordExpirationObject
- $nsxManagerPasswordExpirationObject
- }
- }
- } Catch {
- Debug-CatchWriter -object $_
- }
-}
-Export-ModuleMember -Function Publish-NsxManagerPasswordExpiration
-
-Function Publish-NsxManagerPasswordComplexity {
- <#
- .SYNOPSIS
- Publish password complexity policy for NSX Local Manager.
-
- .DESCRIPTION
- The Publish-NsxManagerPasswordComplexity cmdlet returns password complexity policy for local users of NSX Local
- Manager. The cmdlet connects to the SDDC Manager using the -server, -user, and -password values:
- - Validates that network connectivity and authentication is possible to SDDC Manager
- - Validates that network connectivity and authentication is possible to vCenter Server
- - Collects password complexity policy for each local user of NSX Local Manager
-
- .EXAMPLE
- Publish-NsxManagerPasswordComplexity -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -allDomains
- This example will return password complexity policy for each local user of NSX Local Manager for all Workload Domains
-
- .EXAMPLE
- Publish-NsxManagerPasswordComplexity -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -workloadDomain sfo-w01
- This example will return password complexity policy for each local user of NSX Local Manager for a Workload Domain
- #>
-
- Param (
- [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$server,
- [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$user,
- [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$pass,
- [Parameter (ParameterSetName = 'All-WorkloadDomains', Mandatory = $true)] [ValidateNotNullOrEmpty()] [Switch]$allDomains,
- [Parameter (ParameterSetName = 'Specific-WorkloadDomain', Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$workloadDomain
- )
-
- Try {
- if (Test-VCFConnection -server $server) {
- if (Test-VCFAuthentication -server $server -user $user -pass $pass) {
- $nsxManagerPasswordComplexityObject = New-Object System.Collections.ArrayList
- if ($PsBoundParameters.ContainsKey('workloadDomain')) {
- $nsxPasswordComplexity = Request-NsxtManagerPasswordComplexity -server $server -user $user -pass $pass -domain $workloadDomain; $nsxManagerPasswordComplexityObject += $nsxPasswordComplexity
- } elseif ($PsBoundParameters.ContainsKey('allDomains')) {
- $allWorkloadDomains = Get-VCFWorkloadDomain
- foreach ($domain in $allWorkloadDomains ) {
- $nsxPasswordComplexity = Request-NsxtManagerPasswordComplexity -server $server -user $user -pass $pass -domain $domain.name; $nsxManagerPasswordComplexityObject += $nsxPasswordComplexity
- }
- }
-
- $nsxManagerPasswordComplexityObject = $nsxManagerPasswordComplexityObject | Sort-Object 'Workload Domain', 'Virtual Machine' | ConvertTo-Html -Fragment -PreContent 'NSX Manager - Password Complexity
' -As Table
- $nsxManagerPasswordComplexityObject = Convert-CssClass -htmldata $nsxManagerPasswordComplexityObject
- $nsxManagerPasswordComplexityObject
- }
- }
- } Catch {
- Debug-CatchWriter -object $_
- }
-}
-Export-ModuleMember -Function Publish-NsxManagerPasswordComplexity
-
-Function Publish-NsxManagerAccountLockout {
- <#
- .SYNOPSIS
- Publish account lockout policy for NSX Local Manager.
-
- .DESCRIPTION
- The Publish-NsxManagerAccountLockout cmdlet returns account lockout policy for local users of NSX Local
- Manager. The cmdlet connects to the SDDC Manager using the -server, -user, and -password values:
- - Validates that network connectivity and authentication is possible to SDDC Manager
- - Validates that network connectivity and authentication is possible to vCenter Server
- - Collects account lockout policy for each local user of NSX Local Manager
-
- .EXAMPLE
- Publish-NsxManagerAccountLockout -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -allDomains
- This example will return account lockout policy for each local user of NSX Local Manager for all Workload Domains
-
- .EXAMPLE
- Publish-NsxManagerAccountLockout -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -workloadDomain sfo-w01
- This example will return account lockout policy for each local user of NSX Local Manager for a Workload Domain
- #>
-
- Param (
- [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$server,
- [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$user,
- [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$pass,
- [Parameter (ParameterSetName = 'All-WorkloadDomains', Mandatory = $true)] [ValidateNotNullOrEmpty()] [Switch]$allDomains,
- [Parameter (ParameterSetName = 'Specific-WorkloadDomain', Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$workloadDomain
- )
-
- Try {
- if (Test-VCFConnection -server $server) {
- if (Test-VCFAuthentication -server $server -user $user -pass $pass) {
- $nsxManagerAccountLockoutObject = New-Object System.Collections.ArrayList
- if ($PsBoundParameters.ContainsKey('workloadDomain')) {
- $nsxAccountLockout = Request-NsxtManagerAccountLockout -server $server -user $user -pass $pass -domain $workloadDomain; $nsxManagerAccountLockoutObject += $nsxAccountLockout
- } elseif ($PsBoundParameters.ContainsKey('allDomains')) {
- $allWorkloadDomains = Get-VCFWorkloadDomain
- foreach ($domain in $allWorkloadDomains ) {
- $nsxAccountLockout = Request-NsxtManagerAccountLockout -server $server -user $user -pass $pass -domain $domain.name; $nsxManagerAccountLockoutObject += $nsxAccountLockout
- }
- }
-
- $nsxManagerAccountLockoutObject = $nsxManagerAccountLockoutObject | Sort-Object 'Workload Domain', 'Virtual Machine' | ConvertTo-Html -Fragment -PreContent 'NSX Manager - Account Lockout
' -As Table
- $nsxManagerAccountLockoutObject = Convert-CssClass -htmldata $nsxManagerAccountLockoutObject
- $nsxManagerAccountLockoutObject
- }
- }
- } Catch {
- Debug-CatchWriter -object $_
- }
-}
-Export-ModuleMember -Function Publish-NsxManagerAccountLockout
-
-Function Publish-NsxEdgePasswordExpiration {
- <#
- .SYNOPSIS
- Publish password expiration policy for NSX Edge.
-
- .DESCRIPTION
- The Publish-NsxEdgePasswordExpiration cmdlet returns password expiration policy for local users of NSX Local
- Manager. The cmdlet connects to the SDDC Manager using the -server, -user, and -password values:
- - Validates that network connectivity and authentication is possible to SDDC Manager
- - Validates that network connectivity and authentication is possible to vCenter Server
- - Collects password expiration policy for each local user of NSX Edge
-
- .EXAMPLE
- Publish-NsxEdgePasswordExpiration -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -allDomains
- This example will return password expiration policy for each local user of NSX Edge nodes for all Workload Domains
-
- .EXAMPLE
- Publish-NsxEdgePasswordExpiration -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -workloadDomain sfo-w01
- This example will return password expiration policy for each local user of NSX Edge nodes for a Workload Domain
- #>
-
- Param (
- [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$server,
- [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$user,
- [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$pass,
- [Parameter (ParameterSetName = 'All-WorkloadDomains', Mandatory = $true)] [ValidateNotNullOrEmpty()] [Switch]$allDomains,
- [Parameter (ParameterSetName = 'Specific-WorkloadDomain', Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$workloadDomain
- )
-
- Try {
- if (Test-VCFConnection -server $server) {
- if (Test-VCFAuthentication -server $server -user $user -pass $pass) {
- $localUsers = @("root","admin","audit","guestuser1","guestuser2")
- $nsxEdgePasswordExpirationObject = New-Object System.Collections.ArrayList
- if ($PsBoundParameters.ContainsKey('workloadDomain')) {
- if (($vcfNsxDetails = Get-NsxtServerDetail -fqdn $server -username $user -password $pass -domain $workloadDomain)) {
- if (Test-NSXTConnection -server $vcfNsxDetails.fqdn) {
- if (Test-NSXTAuthentication -server $vcfNsxDetails.fqdn -user $vcfNsxDetails.adminUser -pass $vcfNsxDetails.adminPass) {
- $nsxtEdgeNodes = (Get-NsxtEdgeCluster | Where-Object {$_.member_node_type -eq "EDGE_NODE"})
- foreach ($nsxtEdgeNode in $nsxtEdgeNodes.members) {
- $nsxEdgePasswordExpiration = Request-LocalUserPasswordExpiration -server $server -user $user -pass $pass -domain $workloadDomain -vmName $nsxtEdgeNode.display_name -guestUser $vcfNsxDetails.rootUser -guestPassword $vcfNsxDetails.rootPass -localUser $localUsers; $nsxEdgePasswordExpirationObject += $nsxEdgePasswordExpiration
- }
- }
- }
- }
- } elseif ($PsBoundParameters.ContainsKey('allDomains')) {
- $allWorkloadDomains = Get-VCFWorkloadDomain
- foreach ($domain in $allWorkloadDomains ) {
- if (($vcfNsxDetails = Get-NsxtServerDetail -fqdn $server -username $user -password $pass -domain $domain.name)) {
- if (Test-NSXTConnection -server $vcfNsxDetails.fqdn) {
- if (Test-NSXTAuthentication -server $vcfNsxDetails.fqdn -user $vcfNsxDetails.adminUser -pass $vcfNsxDetails.adminPass) {
- $nsxtEdgeNodes = (Get-NsxtEdgeCluster | Where-Object {$_.member_node_type -eq "EDGE_NODE"})
- foreach ($nsxtEdgeNode in $nsxtEdgeNodes.members) {
- $nsxEdgePasswordExpiration = Request-LocalUserPasswordExpiration -server $server -user $user -pass $pass -domain $domain.name -vmName $nsxtEdgeNode.display_name -guestUser $vcfNsxDetails.rootUser -guestPassword $vcfNsxDetails.rootPass -localUser $localUsers; $nsxEdgePasswordExpirationObject += $nsxEdgePasswordExpiration
- }
- }
- }
- }
- }
- }
-
- $nsxEdgePasswordExpirationObject = $nsxEdgePasswordExpirationObject | Sort-Object 'Workload Domain', 'Virtual Machine', 'Local User' | ConvertTo-Html -Fragment -PreContent 'NSX Edge - Password Expiration
' -As Table
- $nsxEdgePasswordExpirationObject = Convert-CssClass -htmldata $nsxEdgePasswordExpirationObject
- $nsxEdgePasswordExpirationObject
- }
- }
- } Catch {
- Debug-CatchWriter -object $_
- }
-}
-Export-ModuleMember -Function Publish-NsxEdgePasswordExpiration
-
-Function Publish-NsxEdgePasswordComplexity {
- <#
- .SYNOPSIS
- Publish password complexity policy for NSX Edge.
-
- .DESCRIPTION
- The Publish-NsxEdgePasswordComplexity cmdlet returns password complexity policy for local users of NSX Local
- Manager. The cmdlet connects to the SDDC Manager using the -server, -user, and -password values:
- - Validates that network connectivity and authentication is possible to SDDC Manager
- - Validates that network connectivity and authentication is possible to vCenter Server
- - Collects password complexity policy for each local user of NSX Edge
-
- .EXAMPLE
- Publish-NsxEdgePasswordComplexity -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -allDomains
- This example will return password complexity policy for each local user of NSX Edge nodes for all Workload Domains
-
- .EXAMPLE
- Publish-NsxEdgePasswordComplexity -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -workloadDomain sfo-w01
- This example will return password complexity policy for each local user of NSX Edge nodes for a Workload Domain
- #>
-
- Param (
- [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$server,
- [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$user,
- [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$pass,
- [Parameter (ParameterSetName = 'All-WorkloadDomains', Mandatory = $true)] [ValidateNotNullOrEmpty()] [Switch]$allDomains,
- [Parameter (ParameterSetName = 'Specific-WorkloadDomain', Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$workloadDomain
- )
-
- Try {
- if (Test-VCFConnection -server $server) {
- if (Test-VCFAuthentication -server $server -user $user -pass $pass) {
- $nsxEdgePasswordComplexityObject = New-Object System.Collections.ArrayList
- if ($PsBoundParameters.ContainsKey('workloadDomain')) {
- $nsxEdgePasswordComplexity = Request-NsxtEdgePasswordComplexity -server $server -user $user -pass $pass -domain $workloadDomain; $nsxEdgePasswordComplexityObject += $nsxEdgePasswordComplexity
- } elseif ($PsBoundParameters.ContainsKey('allDomains')) {
- $allWorkloadDomains = Get-VCFWorkloadDomain
- foreach ($domain in $allWorkloadDomains ) {
- $nsxEdgePasswordComplexity = Request-NsxtEdgePasswordComplexity -server $server -user $user -pass $pass -domain $domain.name; $nsxEdgePasswordComplexityObject += $nsxEdgePasswordComplexity
- }
- }
-
- $nsxEdgePasswordComplexityObject = $nsxEdgePasswordComplexityObject | Sort-Object 'Workload Domain', 'Virtual Machine', 'Local User' | ConvertTo-Html -Fragment -PreContent 'NSX Edge - Password Complexity
' -As Table
- $nsxEdgePasswordComplexityObject = Convert-CssClass -htmldata $nsxEdgePasswordComplexityObject
- $nsxEdgePasswordComplexityObject
- }
- }
- } Catch {
- Debug-CatchWriter -object $_
- }
-}
-Export-ModuleMember -Function Publish-NsxEdgePasswordComplexity
-
-Function Publish-NsxEdgeAccountLockout {
- <#
- .SYNOPSIS
- Publish account lockout policy for NSX Edge.
-
- .DESCRIPTION
- The Publish-NsxEdgeAccountLockout cmdlet returns account lockout policy for local users of NSX Local
- Manager. The cmdlet connects to the SDDC Manager using the -server, -user, and -password values:
- - Validates that network connectivity and authentication is possible to SDDC Manager
- - Validates that network connectivity and authentication is possible to vCenter Server
- - Collects account lockout policy for NSX Edge node
-
- .EXAMPLE
- Publish-NsxEdgeAccountLockout -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -allDomains
- This example will return account lockout policy for each NSX Edge nodes for all Workload Domains
-
- .EXAMPLE
- Publish-NsxEdgeAccountLockout -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -workloadDomain sfo-w01
- This example will return account lockout policy for each NSX Edge nodes for a Workload Domain
- #>
-
- Param (
- [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$server,
- [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$user,
- [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$pass,
- [Parameter (ParameterSetName = 'All-WorkloadDomains', Mandatory = $true)] [ValidateNotNullOrEmpty()] [Switch]$allDomains,
- [Parameter (ParameterSetName = 'Specific-WorkloadDomain', Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$workloadDomain
- )
-
- Try {
- if (Test-VCFConnection -server $server) {
- if (Test-VCFAuthentication -server $server -user $user -pass $pass) {
- $nsxEdgeAccountLockoutObject = New-Object System.Collections.ArrayList
- if ($PsBoundParameters.ContainsKey('workloadDomain')) {
- $nsxEdgeAccountLockout = Request-NsxtEdgeAccountLockout -server $server -user $user -pass $pass -domain $workloadDomain; $nsxEdgeAccountLockoutObject += $nsxEdgeAccountLockout
- } elseif ($PsBoundParameters.ContainsKey('allDomains')) {
- $allWorkloadDomains = Get-VCFWorkloadDomain
- foreach ($domain in $allWorkloadDomains ) {
- $nsxEdgeAccountLockout = Request-NsxtEdgeAccountLockout -server $server -user $user -pass $pass -domain $domain.name; $nsxEdgeAccountLockoutObject += $nsxEdgeAccountLockout
- }
- }
-
- $nsxEdgeAccountLockoutObject = $nsxEdgeAccountLockoutObject | Sort-Object 'Workload Domain', 'Virtual Machine', 'Local User' | ConvertTo-Html -Fragment -PreContent 'NSX Edge - Account Lockout
' -As Table
- $nsxEdgeAccountLockoutObject = Convert-CssClass -htmldata $nsxEdgeAccountLockoutObject
- $nsxEdgeAccountLockoutObject
- }
- }
- } Catch {
- Debug-CatchWriter -object $_
- }
-}
-Export-ModuleMember -Function Publish-NsxEdgeAccountLockout
-
-########################################## E N D O F F U N C T I O N S ##########################################
-#######################################################################################################################
-
-
#######################################################################################################################
############################### S Y S T E M O V E R V I E W F U N C T I O N S ##################################