From eb03ecc62a95db80afa85ef2f7d9c03da28f9830 Mon Sep 17 00:00:00 2001 From: Ryan Johnson Date: Wed, 1 Mar 2023 09:46:10 -0500 Subject: [PATCH] chore(release): release respin Respinning release due to the presence of the password policy functions that were moved to the `PowerValidatedSolutions` 2.0.x module. - Removed the password policy functions that were moved to the `PowerValidatedSolutions` 2.0.x module. - Updated the `README.md` to update the `Invoke-VcfPassowrdPolicy` example to include a missing parameter. - Updated the `Generated on` date for the module release. - Updated the `GUID` for the module release. - Updated the `ModuleVersion` for the module release. - Updated the `CHANGELOG.md` for the module changes. Signed-off-by: Ryan Johnson --- CHANGELOG.md | 1 + README.md | 4 +- VMware.CloudFoundation.Reporting.psd1 | 6 +- VMware.CloudFoundation.Reporting.psm1 | 941 -------------------------- 4 files changed, 6 insertions(+), 946 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 2d1dbc39..a3556906 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -28,6 +28,7 @@ Documenation: - Updates `README.md` documentation to include support for DellEMC VxRAIL. [GH-98](https://github.com/vmware/powershell-module-for-vmware-cloud-foundation-reporting/pull/98) Chore: +- Removes the password policy functions that were moved to `PowerValidatedSolutions` v2.0.0. [GH-100](https://github.com/vmware/powershell-module-for-vmware-cloud-foundation-reporting/pull/100) - Updates `PowerValidatedSolutions` from v2.0.0 to v2.0.1. [GH-99](https://github.com/vmware/powershell-module-for-vmware-cloud-foundation-reporting/pull/99) ## [v1.0.6](https://github.com/vmware/powershell-module-for-vmware-cloud-foundation-reporting/releases/tag/v1.0.6) diff --git a/README.md b/README.md index 131c9648..cd776244 100644 --- a/README.md +++ b/README.md @@ -528,7 +528,7 @@ The `Invoke-VcfPasswordPolicyReport` cmdlet generates a password policy report. 3. Generate the report by running the command in the PowerShell console. ```powershell - Invoke-VcfPasswordPolicy -sddcManagerFqdn $sddcManagerFqdn -sddcManagerUser $sddcManagerUser -sddcManagerPass $sddcManagerPass -reportPath $reportPath -allDomains + Invoke-VcfPasswordPolicy -sddcManagerFqdn $sddcManagerFqdn -sddcManagerUser $sddcManagerUser -sddcManagerPass $sddcManagerPass -sddcRootPass $sddcManagerRootPass -reportPath $reportPath -allDomains ``` 4. Review the generated HTML report. @@ -566,7 +566,7 @@ The `Invoke-VcfPasswordPolicyReport` cmdlet generates a password policy report. 3. Generate the report by running the command in the PowerShell console. ```powershell - Invoke-VcfPasswordPolicy -sddcManagerFqdn $sddcManagerFqdn -sddcManagerUser $sddcManagerUser -sddcManagerPass $sddcManagerPass -reportPath $reportPath -workloadDomain $workloadDomain + Invoke-VcfPasswordPolicy -sddcManagerFqdn $sddcManagerFqdn -sddcManagerUser $sddcManagerUser -sddcManagerPass $sddcManagerPass -sddcRootPass $sddcManagerRootPass -reportPath $reportPath -workloadDomain $workloadDomain ``` 4. Review the generated HTML report. diff --git a/VMware.CloudFoundation.Reporting.psd1 b/VMware.CloudFoundation.Reporting.psd1 index 81185520..9ebb9fce 100644 --- a/VMware.CloudFoundation.Reporting.psd1 +++ b/VMware.CloudFoundation.Reporting.psd1 @@ -3,7 +3,7 @@ # # Generated by: Gary Blake, Cloud Infrastructure Business Group (CIBG) # -# Generated on: 02/28/2023 +# Generated on: 03/01/2023 # @{ @@ -12,13 +12,13 @@ RootModule = '.\VMware.CloudFoundation.Reporting.psm1' # Version number of this module. - ModuleVersion = '1.1.0.1001' + ModuleVersion = '1.1.0.1002' # Supported PSEditions # CompatiblePSEditions = @() # ID used to uniquely identify this module - GUID = '076a93a7-31c4-4896-b712-4e620cf919b6' + GUID = 'acae0d50-ff72-459c-9ab7-98d79dd59fd9' # Author of this module Author = 'Gary Blake, Ryan Johnson, Ivaylo Ivanov, Antony Stefanov - Cloud Infrastructure Business Group (CIBG)' diff --git a/VMware.CloudFoundation.Reporting.psm1 b/VMware.CloudFoundation.Reporting.psm1 index 8de05007..aa0ed1ad 100644 --- a/VMware.CloudFoundation.Reporting.psm1 +++ b/VMware.CloudFoundation.Reporting.psm1 @@ -7213,947 +7213,6 @@ Export-ModuleMember -Function Request-EsxiSecurityConfiguration ####################################################################################################################### -####################################################################################################################### -############################### P A S S W O R D P O L I C Y F U N C T I O N S ################################## - -Function Publish-SddcManagerPasswordExpiration { - <# - .SYNOPSIS - Publish password expiration policy for SDDC Manager. - - .DESCRIPTION - The Publish-SddcManagerPasswordExpiration cmdlet returns password expiration policy for SDDC Manager. - The cmdlet connects to the SDDC Manager using the -server, -user, and -password values: - - Validates that network connectivity and authentication is possible to SDDC Manager - - Validates that network connectivity and authentication is possible to vCenter Server - - Collects password expiration policy for each local user of SDDC Manager - - .EXAMPLE - Publish-SddcManagerPasswordExpiration -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -sddcRootPass VMw@re1! -allDomains - This example will return password expiration policy for each local user of SDDC Manager - - .EXAMPLE - Publish-SddcManagerPasswordExpiration -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -sddcRootPass VMw@re1! -workloadDomain sfo-w01 - This example will NOT return the password expiration policy for each local user of SDDC Manager as the Workload Domain provided is not the Management Domain - #> - - Param ( - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$server, - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$user, - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$pass, - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$sddcRootPass, - [Parameter (ParameterSetName = 'All-WorkloadDomains', Mandatory = $true)] [ValidateNotNullOrEmpty()] [Switch]$allDomains, - [Parameter (ParameterSetName = 'Specific-WorkloadDomain', Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$workloadDomain - ) - - Try { - if (Test-VCFConnection -server $server) { - if (Test-VCFAuthentication -server $server -user $user -pass $pass) { - $localUsers = @("root","vcf","backup") - $allSddcManagerPasswordExpirationObject = New-Object System.Collections.ArrayList - if ($PsBoundParameters.ContainsKey('workloadDomain')) { - if (Get-VCFWorkloadDomain | Where-Object {$_.name -eq $workloadDomain -and $_.type -eq "MANAGEMENT"}) { - $userPasswordExpiration = Request-LocalUserPasswordExpiration -server $server -user $user -pass $pass -domain (Get-VCFWorkloadDomain | Where-Object {$_.type -eq "MANAGEMENT"}).name -vmName ($server.Split("."))[-0] -guestUser root -guestPassword $sddcRootPass -localUser $localUsers; $allSddcManagerPasswordExpirationObject += $userPasswordExpiration - } - } elseif ($PsBoundParameters.ContainsKey('allDomains')) { - $allWorkloadDomains = Get-VCFWorkloadDomain - foreach ($domain in $allWorkloadDomains ) { - if ($domain | Where-Object {$_.type -eq "MANAGEMENT"}) { - $userPasswordExpiration = Request-LocalUserPasswordExpiration -server $server -user $user -pass $pass -domain (Get-VCFWorkloadDomain | Where-Object {$_.type -eq "MANAGEMENT"}).name -vmName ($server.Split("."))[-0] -guestUser root -guestPassword $sddcRootPass -localUser $localUsers; $allSddcManagerPasswordExpirationObject += $userPasswordExpiration - } - } - } - - if ($allSddcManagerPasswordExpirationObject.Count -eq 0) { $notManagement = $true } - if ($notManagement) { - $allSddcManagerPasswordExpirationObject = $allSddcManagerPasswordExpirationObject | ConvertTo-Html -Fragment -PreContent '

SDDC Manager - Password Expiration

' -PostContent '

Management Domain not requested.

' - } else { - $allSddcManagerPasswordExpirationObject = $allSddcManagerPasswordExpirationObject | Sort-Object 'Workload Domain', 'Virtual Machine', 'Local User' | ConvertTo-Html -Fragment -PreContent '

SDDC Manager - Password Expiration

' -As Table - } - $allSddcManagerPasswordExpirationObject = Convert-CssClass -htmldata $allSddcManagerPasswordExpirationObject - $allSddcManagerPasswordExpirationObject - } - } - } Catch { - Debug-CatchWriter -object $_ - } -} -Export-ModuleMember -Function Publish-SddcManagerPasswordExpiration - -Function Publish-SddcManagerPasswordComplexity { - <# - .SYNOPSIS - Publish password complexity policy for SDDC Manager. - - .DESCRIPTION - The Publish-SddcManagerPasswordComplexity cmdlet returns password complexity policy for SDDC Manager. - The cmdlet connects to the SDDC Manager using the -server, -user, and -password values: - - Validates that network connectivity and authentication is possible to SDDC Manager - - Validates that network connectivity and authentication is possible to vCenter Server - - Collects password complexity policy for SDDC Manager - - .EXAMPLE - Publish-SddcManagerPasswordComplexity -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -sddcRootPass VMw@re1! -allDomains - This example will return password complexity policy for SDDC Manager - - .EXAMPLE - Publish-SddcManagerPasswordComplexity -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -sddcRootPass VMw@re1! -workloadDomain sfo-w01 - This example will NOT return the password complexity policy for SDDC Manager as the Workload Domain provided is not the Management Domain - #> - - Param ( - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$server, - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$user, - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$pass, - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$sddcRootPass, - [Parameter (ParameterSetName = 'All-WorkloadDomains', Mandatory = $true)] [ValidateNotNullOrEmpty()] [Switch]$allDomains, - [Parameter (ParameterSetName = 'Specific-WorkloadDomain', Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$workloadDomain - ) - - Try { - if (Test-VCFConnection -server $server) { - if (Test-VCFAuthentication -server $server -user $user -pass $pass) { - $sddcManagerPasswordComplexityObject = New-Object System.Collections.ArrayList - if ($PsBoundParameters.ContainsKey('workloadDomain')) { - if (Get-VCFWorkloadDomain | Where-Object {$_.name -eq $workloadDomain -and $_.type -eq "MANAGEMENT"}) { - $sddcManagerPasswordComplexity = Request-SddcManagerPasswordComplexity -server $server -user $user -pass $pass -rootPass $sddcRootPass; $sddcManagerPasswordComplexityObject += $sddcManagerPasswordComplexity - } - } elseif ($PsBoundParameters.ContainsKey('allDomains')) { - $allWorkloadDomains = Get-VCFWorkloadDomain - foreach ($domain in $allWorkloadDomains ) { - if ($domain | Where-Object {$_.type -eq "MANAGEMENT"}) { - $sddcManagerPasswordComplexity = Request-SddcManagerPasswordComplexity -server $server -user $user -pass $pass -rootPass $sddcRootPass; $sddcManagerPasswordComplexityObject += $sddcManagerPasswordComplexity - } - } - } - - if ($sddcManagerPasswordComplexityObject.Count -eq 0) { $notManagement = $true } - if ($notManagement) { - $sddcManagerPasswordComplexityObject = $sddcManagerPasswordComplexityObject | ConvertTo-Html -Fragment -PreContent '

SDDC Manager - Password Complexity

' -PostContent '

Management Domain not requested.

' - } else { - $sddcManagerPasswordComplexityObject = $sddcManagerPasswordComplexityObject | Sort-Object 'Virtual Machine' | ConvertTo-Html -Fragment -PreContent '

SDDC Manager - Password Complexity

' -As Table - } - $sddcManagerPasswordComplexityObject = Convert-CssClass -htmldata $sddcManagerPasswordComplexityObject - $sddcManagerPasswordComplexityObject - } - } - } Catch { - Debug-CatchWriter -object $_ - } -} -Export-ModuleMember -Function Publish-SddcManagerPasswordComplexity - -Function Publish-SddcManagerAccountLockout { - <# - .SYNOPSIS - Publish password complexity policy for SDDC Manager. - - .DESCRIPTION - The Publish-SddcManagerAccountLockout cmdlet returns account lockout policy for SDDC Manager. - The cmdlet connects to the SDDC Manager using the -server, -user, and -password values: - - Validates that network connectivity and authentication is possible to SDDC Manager - - Validates that network connectivity and authentication is possible to vCenter Server - - Collects account lockout policy forSDDC Manager - - .EXAMPLE - Publish-SddcManagerAccountLockout -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -sddcRootPass VMw@re1! -allDomains - This example will return account lockout policy for SDDC Manager - - .EXAMPLE - Publish-SddcManagerAccountLockout -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -sddcRootPass VMw@re1! -workloadDomain sfo-w01 - This example will NOT return the account lockout policy for SDDC Manager as the Workload Domain provided is not the Management Domain - #> - - Param ( - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$server, - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$user, - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$pass, - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$sddcRootPass, - [Parameter (ParameterSetName = 'All-WorkloadDomains', Mandatory = $true)] [ValidateNotNullOrEmpty()] [Switch]$allDomains, - [Parameter (ParameterSetName = 'Specific-WorkloadDomain', Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$workloadDomain - ) - - Try { - if (Test-VCFConnection -server $server) { - if (Test-VCFAuthentication -server $server -user $user -pass $pass) { - $sddcManagerAccountLockoutObject = New-Object System.Collections.ArrayList - if ($PsBoundParameters.ContainsKey('workloadDomain')) { - if (Get-VCFWorkloadDomain | Where-Object {$_.name -eq $workloadDomain -and $_.type -eq "MANAGEMENT"}) { - $sddcManagerAccountlockout = Request-SddcManagerAccountLockout -server $server -user $user -pass $pass -rootPass $sddcRootPass; $sddcManagerAccountLockoutObject += $sddcManagerAccountlockout - } - } elseif ($PsBoundParameters.ContainsKey('allDomains')) { - $allWorkloadDomains = Get-VCFWorkloadDomain - foreach ($domain in $allWorkloadDomains ) { - if ($domain | Where-Object {$_.type -eq "MANAGEMENT"}) { - $sddcManagerAccountlockout = Request-SddcManagerAccountLockout -server $server -user $user -pass $pass -rootPass $sddcRootPass; $sddcManagerAccountLockoutObject += $sddcManagerAccountlockout - } - } - } - - if ($sddcManagerAccountLockoutObject.Count -eq 0) { $notManagement = $true } - if ($notManagement) { - $sddcManagerAccountLockoutObject = $sddcManagerAccountLockoutObject | ConvertTo-Html -Fragment -PreContent '

SDDC Manager - Account Lockout

' -PostContent '

Management Domain not requested.

' - } else { - $sddcManagerAccountLockoutObject = $sddcManagerAccountLockoutObject | Sort-Object 'Virtual Machine' | ConvertTo-Html -Fragment -PreContent '

SDDC Manager - Account Lockout

' -As Table - } - $sddcManagerAccountLockoutObject = Convert-CssClass -htmldata $sddcManagerAccountLockoutObject - $sddcManagerAccountLockoutObject - } - } - } Catch { - Debug-CatchWriter -object $_ - } -} -Export-ModuleMember -Function Publish-SddcManagerAccountLockout - -Function Publish-SsoPasswordExpiration { - <# - .SYNOPSIS - Publish password expiration policy for vCenter Single Sign-On. - - .DESCRIPTION - The Publish-SsoPasswordExpiration cmdlet returns password expiration policy for vCenter Single Sign-On. - The cmdlet connects to the SDDC Manager using the -server, -user, and -password values: - - Validates that network connectivity and authentication is possible to SDDC Manager - - Validates that network connectivity and authentication is possible to vCenter Server - - Collects password expiration policy for vCenter Single Sign-On - - .EXAMPLE - Publish-SsoPasswordExpiration -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -allDomains - This example will return password expiration policy for vCenter Single Sign-On - - .EXAMPLE - Publish-SsoPasswordExpiration -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -workloadDomain sfo-w01 - This example will NOT return the password expiration policy vCenter Single Sign-On - #> - - Param ( - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$server, - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$user, - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$pass, - [Parameter (ParameterSetName = 'All-WorkloadDomains', Mandatory = $true)] [ValidateNotNullOrEmpty()] [Switch]$allDomains, - [Parameter (ParameterSetName = 'Specific-WorkloadDomain', Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$workloadDomain - ) - - Try { - if (Test-VCFConnection -server $server) { - if (Test-VCFAuthentication -server $server -user $user -pass $pass) { - $ssoPasswordExpirationObject = New-Object System.Collections.ArrayList - if ($PsBoundParameters.ContainsKey('workloadDomain')) { - if (Get-VCFWorkloadDomain | Where-Object {$_.name -eq $workloadDomain -and $_.type -eq "MANAGEMENT"}) { - $ssoPasswordExpiration = Request-SsoPasswordExpiration -server $server -user $user -pass $pass -domain $workloadDomain; $ssoPasswordExpirationObject += $ssoPasswordExpiration - } - } elseif ($PsBoundParameters.ContainsKey('allDomains')) { - $allWorkloadDomains = Get-VCFWorkloadDomain - foreach ($domain in $allWorkloadDomains ) { - if ($domain | Where-Object {$_.type -eq "MANAGEMENT"}) { - $ssoPasswordExpiration = Request-SsoPasswordExpiration -server $server -user $user -pass $pass -domain $domain.name; $ssoPasswordExpirationObject += $ssoPasswordExpiration - } - } - } - - if ($ssoPasswordExpirationObject.Count -eq 0) { $notManagement = $true } - if ($notManagement) { - $ssoPasswordExpirationObject = $ssoPasswordExpirationObject | ConvertTo-Html -Fragment -PreContent '

vCenter Single Sign-On - Password Expiration

' -PostContent '

Management Domain not requested.

' - } else { - $ssoPasswordExpirationObject = $ssoPasswordExpirationObject | Sort-Object 'Workload Domain' | ConvertTo-Html -Fragment -PreContent '

vCenter Single Sign-On - Password Expiration

' -As Table - } - $ssoPasswordExpirationObject = Convert-CssClass -htmldata $ssoPasswordExpirationObject - $ssoPasswordExpirationObject - } - } - } Catch { - Debug-CatchWriter -object $_ - } -} -Export-ModuleMember -Function Publish-SsoPasswordExpiration - -Function Publish-SsoPasswordComplexity { - <# - .SYNOPSIS - Publish password complexity policy for vCenter Single Sign-On. - - .DESCRIPTION - The Publish-SsoPasswordComplexity cmdlet returns password complexity policy for vCenter Single Sign-On. - The cmdlet connects to the SDDC Manager using the -server, -user, and -password values: - - Validates that network connectivity and authentication is possible to SDDC Manager - - Validates that network connectivity and authentication is possible to vCenter Server - - Collects password complexity policy for vCenter Single Sign-On - - .EXAMPLE - Publish-SsoPasswordComplexity -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -allDomains - This example will return password complexity policy for vCenter Single Sign-On - - .EXAMPLE - Publish-SsoPasswordComplexity -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -workloadDomain sfo-w01 - This example will NOT return the password complexity policy vCenter Single Sign-On - #> - - Param ( - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$server, - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$user, - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$pass, - [Parameter (ParameterSetName = 'All-WorkloadDomains', Mandatory = $true)] [ValidateNotNullOrEmpty()] [Switch]$allDomains, - [Parameter (ParameterSetName = 'Specific-WorkloadDomain', Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$workloadDomain - ) - - Try { - if (Test-VCFConnection -server $server) { - if (Test-VCFAuthentication -server $server -user $user -pass $pass) { - $ssoPasswordComplexityObject = New-Object System.Collections.ArrayList - if ($PsBoundParameters.ContainsKey('workloadDomain')) { - if (Get-VCFWorkloadDomain | Where-Object {$_.name -eq $workloadDomain -and $_.type -eq "MANAGEMENT"}) { - $ssoPasswordComplexity = Request-SsoPasswordComplexity -server $server -user $user -pass $pass -domain $workloadDomain; $ssoPasswordComplexityObject += $ssoPasswordComplexity - } - } elseif ($PsBoundParameters.ContainsKey('allDomains')) { - $allWorkloadDomains = Get-VCFWorkloadDomain - foreach ($domain in $allWorkloadDomains ) { - if ($domain | Where-Object {$_.type -eq "MANAGEMENT"}) { - $ssoPasswordComplexity = Request-SsoPasswordComplexity -server $server -user $user -pass $pass -domain $domain.name; $ssoPasswordComplexityObject += $ssoPasswordComplexity - } - } - } - - if ($ssoPasswordComplexityObject.Count -eq 0) { $notManagement = $true } - if ($notManagement) { - $ssoPasswordComplexityObject = $ssoPasswordComplexityObject | ConvertTo-Html -Fragment -PreContent '

vCenter Single Sign-On - Password Complexity

' -PostContent '

Management Domain not requested.

' - } else { - $ssoPasswordComplexityObject = $ssoPasswordComplexityObject | Sort-Object 'Workload Domain' | ConvertTo-Html -Fragment -PreContent '

vCenter Single Sign-On - Password Complexity

' -As Table - } - $ssoPasswordComplexityObject = Convert-CssClass -htmldata $ssoPasswordComplexityObject - $ssoPasswordComplexityObject - } - } - } Catch { - Debug-CatchWriter -object $_ - } -} -Export-ModuleMember -Function Publish-SsoPasswordComplexity - -Function Publish-SsoAccountLockout { - <# - .SYNOPSIS - Publish account lockout policy for vCenter Single Sign-On. - - .DESCRIPTION - The Publish-SsoAccountLockout cmdlet returns account lockout policy for vCenter Single Sign-On. - The cmdlet connects to the SDDC Manager using the -server, -user, and -password values: - - Validates that network connectivity and authentication is possible to SDDC Manager - - Validates that network connectivity and authentication is possible to vCenter Server - - Collects account lockout policy for vCenter Single Sign-On - - .EXAMPLE - Publish-SsoAccountLockout -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -allDomains - This example will return account lockout policy for vCenter Single Sign-On - - .EXAMPLE - Publish-SsoAccountLockout -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -workloadDomain sfo-w01 - This example will NOT return the account lockout policy vCenter Single Sign-On - #> - - Param ( - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$server, - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$user, - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$pass, - [Parameter (ParameterSetName = 'All-WorkloadDomains', Mandatory = $true)] [ValidateNotNullOrEmpty()] [Switch]$allDomains, - [Parameter (ParameterSetName = 'Specific-WorkloadDomain', Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$workloadDomain - ) - - Try { - if (Test-VCFConnection -server $server) { - if (Test-VCFAuthentication -server $server -user $user -pass $pass) { - $ssoAccountLockoutObject = New-Object System.Collections.ArrayList - if ($PsBoundParameters.ContainsKey('workloadDomain')) { - if (Get-VCFWorkloadDomain | Where-Object {$_.name -eq $workloadDomain -and $_.type -eq "MANAGEMENT"}) { - $ssoAccountLockout = Request-SsoPasswordComplexity -server $server -user $user -pass $pass -domain $workloadDomain; $ssoAccountLockoutObject += $ssoAccountLockout - } - } elseif ($PsBoundParameters.ContainsKey('allDomains')) { - $allWorkloadDomains = Get-VCFWorkloadDomain - foreach ($domain in $allWorkloadDomains ) { - if ($domain | Where-Object {$_.type -eq "MANAGEMENT"}) { - $ssoAccountLockout = Request-SsoPasswordComplexity -server $server -user $user -pass $pass -domain $domain.name; $ssoAccountLockoutObject += $ssoAccountLockout - } - } - } - - if ($ssoAccountLockoutObject.Count -eq 0) { $notManagement = $true } - if ($notManagement) { - $ssoAccountLockoutObject = $ssoAccountLockoutObject | ConvertTo-Html -Fragment -PreContent '

vCenter Single Sign-On - Account Lockout

' -PostContent '

Management Domain not requested.

' - } else { - $ssoAccountLockoutObject = $ssoAccountLockoutObject | Sort-Object 'Workload Domain' | ConvertTo-Html -Fragment -PreContent '

vCenter Single Sign-On - Account Lockout

' -As Table - } - $ssoAccountLockoutObject = Convert-CssClass -htmldata $ssoAccountLockoutObject - $ssoAccountLockoutObject - } - } - } Catch { - Debug-CatchWriter -object $_ - } -} -Export-ModuleMember -Function Publish-SsoAccountLockout - -Function Publish-VcenterPasswordExpiration { - <# - .SYNOPSIS - Publish password expiration policy for vCenter Server. - - .DESCRIPTION - The Publish-VcenterPasswordExpiration cmdlet returns password expiration policy for SDDC Manager. - The cmdlet connects to the SDDC Manager using the -server, -user, and -password values: - - Validates that network connectivity and authentication is possible to SDDC Manager - - Validates that network connectivity and authentication is possible to vCenter Server - - Collects password expiration policy for vCenter Server - - .EXAMPLE - Publish-VcenterPasswordExpiration -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -allDomains - This example will return password expiration policy for each vCenter Server - - .EXAMPLE - Publish-VcenterPasswordExpiration -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -workloadDomain sfo-w01 - This example will return password expiration policy for a vCenter Server - #> - - Param ( - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$server, - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$user, - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$pass, - [Parameter (ParameterSetName = 'All-WorkloadDomains', Mandatory = $true)] [ValidateNotNullOrEmpty()] [Switch]$allDomains, - [Parameter (ParameterSetName = 'Specific-WorkloadDomain', Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$workloadDomain - ) - - Try { - if (Test-VCFConnection -server $server) { - if (Test-VCFAuthentication -server $server -user $user -pass $pass) { - $vcenterPasswordExpirationObject = New-Object System.Collections.ArrayList - if ($PsBoundParameters.ContainsKey('workloadDomain')) { - $vcenterPasswordExpiration = Request-VcenterPasswordExpiration -server $server -user $user -pass $pass -domain $workloadDomain; $vcenterPasswordExpirationObject += $vcenterPasswordExpiration - } elseif ($PsBoundParameters.ContainsKey('allDomains')) { - $allWorkloadDomains = Get-VCFWorkloadDomain - foreach ($domain in $allWorkloadDomains ) { - $vcenterPasswordExpiration = Request-VcenterPasswordExpiration -server $server -user $user -pass $pass -domain $domain.name; $vcenterPasswordExpirationObject += $vcenterPasswordExpiration - } - } - - $vcenterPasswordExpirationObject = $vcenterPasswordExpirationObject | Sort-Object 'Workload Domain', 'Virtual Machine', 'Local User' | ConvertTo-Html -Fragment -PreContent '

vCenter Server - Password Expiration

' -As Table - $vcenterPasswordExpirationObject = Convert-CssClass -htmldata $vcenterPasswordExpirationObject - $vcenterPasswordExpirationObject - } - } - } Catch { - Debug-CatchWriter -object $_ - } -} -Export-ModuleMember -Function Publish-VcenterPasswordExpiration - -Function Publish-VcenterLocalPasswordExpiration { - <# - .SYNOPSIS - Publish password expiration policy for each local user of vCenter Server. - - .DESCRIPTION - The Publish-VcenterLocalPasswordExpiration cmdlet returns password expiration policy for SDDC Manager. - The cmdlet connects to the SDDC Manager using the -server, -user, and -password values: - - Validates that network connectivity and authentication is possible to SDDC Manager - - Validates that network connectivity and authentication is possible to vCenter Server - - Collects password expiration policy for each local user of vCenter Server - - .EXAMPLE - Publish-VcenterLocalPasswordExpiration -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -allDomains - This example will return password expiration policy for each local user of vCenter Server for all Workload Domains - - .EXAMPLE - Publish-VcenterLocalPasswordExpiration -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -workloadDomain sfo-w01 - This example will return password expiration policy for each local user of vCenter Server - #> - - Param ( - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$server, - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$user, - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$pass, - [Parameter (ParameterSetName = 'All-WorkloadDomains', Mandatory = $true)] [ValidateNotNullOrEmpty()] [Switch]$allDomains, - [Parameter (ParameterSetName = 'Specific-WorkloadDomain', Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$workloadDomain - ) - - Try { - if (Test-VCFConnection -server $server) { - if (Test-VCFAuthentication -server $server -user $user -pass $pass) { - $vcenterLocalPasswordExpirationObject = New-Object System.Collections.ArrayList - if ($PsBoundParameters.ContainsKey('workloadDomain')) { - $vcenterLocalPasswordExpiration = Request-VcenterRootPasswordExpiration -server $server -user $user -pass $pass -domain $workloadDomain; $vcenterLocalPasswordExpirationObject += $vcenterLocalPasswordExpiration - } elseif ($PsBoundParameters.ContainsKey('allDomains')) { - $allWorkloadDomains = Get-VCFWorkloadDomain - foreach ($domain in $allWorkloadDomains ) { - $vcenterLocalPasswordExpiration = Request-VcenterRootPasswordExpiration -server $server -user $user -pass $pass -domain $domain.name; $vcenterLocalPasswordExpirationObject += $vcenterLocalPasswordExpiration - } - } - - $vcenterLocalPasswordExpirationObject = $vcenterLocalPasswordExpirationObject | Sort-Object 'Workload Domain', 'Virtual Machine', 'Local User' | ConvertTo-Html -Fragment -PreContent '

vCenter Server - Password Expiration (Local Users)

' -As Table - $vcenterLocalPasswordExpirationObject = Convert-CssClass -htmldata $vcenterLocalPasswordExpirationObject - $vcenterLocalPasswordExpirationObject - } - } - } Catch { - Debug-CatchWriter -object $_ - } -} -Export-ModuleMember -Function Publish-VcenterLocalPasswordExpiration - -Function Publish-VcenterLocalPasswordComplexity { - <# - .SYNOPSIS - Publish password complexity policy for each vCenter Server. - - .DESCRIPTION - The Publish-VcenterLocalPasswordComplexity cmdlet returns password complexity policy for SDDC Manager. - The cmdlet connects to the SDDC Manager using the -server, -user, and -password values: - - Validates that network connectivity and authentication is possible to SDDC Manager - - Validates that network connectivity and authentication is possible to vCenter Server - - Collects password complexity policy for each vCenter Server - - .EXAMPLE - Publish-VcenterLocalPasswordComplexity -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -allDomains - This example will return password complexity policy for each vCenter Server for all Workload Domains - - .EXAMPLE - Publish-VcenterLocalPasswordComplexity -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -workloadDomain sfo-w01 - This example will return password complexity policy for a vCenter Server - #> - - Param ( - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$server, - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$user, - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$pass, - [Parameter (ParameterSetName = 'All-WorkloadDomains', Mandatory = $true)] [ValidateNotNullOrEmpty()] [Switch]$allDomains, - [Parameter (ParameterSetName = 'Specific-WorkloadDomain', Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$workloadDomain - ) - - Try { - if (Test-VCFConnection -server $server) { - if (Test-VCFAuthentication -server $server -user $user -pass $pass) { - $vcenterLocalPasswordComplexitynObject = New-Object System.Collections.ArrayList - if ($PsBoundParameters.ContainsKey('workloadDomain')) { - $vcenterLocalPasswordComplexity = Request-VcenterPasswordComplexity -server $server -user $user -pass $pass -domain $workloadDomain; $vcenterLocalPasswordComplexitynObject += $vcenterLocalPasswordComplexity - } elseif ($PsBoundParameters.ContainsKey('allDomains')) { - $allWorkloadDomains = Get-VCFWorkloadDomain - foreach ($domain in $allWorkloadDomains ) { - $vcenterLocalPasswordComplexity = Request-VcenterPasswordComplexity -server $server -user $user -pass $pass -domain $domain.name; $vcenterLocalPasswordComplexitynObject += $vcenterLocalPasswordComplexity - } - } - - $vcenterLocalPasswordComplexitynObject = $vcenterLocalPasswordComplexitynObject | Sort-Object 'Workload Domain', 'Virtual Machine' | ConvertTo-Html -Fragment -PreContent '

vCenter Server - Password Complexity (Local Users)

' -As Table - $vcenterLocalPasswordComplexitynObject = Convert-CssClass -htmldata $vcenterLocalPasswordComplexitynObject - $vcenterLocalPasswordComplexitynObject - } - } - } Catch { - Debug-CatchWriter -object $_ - } -} -Export-ModuleMember -Function Publish-VcenterLocalPasswordComplexity - -Function Publish-VcenterLocalAccountLockout { - <# - .SYNOPSIS - Publish account lockout policy for each vCenter Server. - - .DESCRIPTION - The Publish-VcenterLocalAccountLockout cmdlet returns account lockout policy for SDDC Manager. - The cmdlet connects to the SDDC Manager using the -server, -user, and -password values: - - Validates that network connectivity and authentication is possible to SDDC Manager - - Validates that network connectivity and authentication is possible to vCenter Server - - Collects password account lockout for each vCenter Server - - .EXAMPLE - Publish-VcenterLocalAccountLockout -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -allDomains - This example will return password account lockout for each vCenter Server for all Workload Domains - - .EXAMPLE - Publish-VcenterLocalAccountLockout -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -workloadDomain sfo-w01 - This example will return password account lockout for a vCenter Server - #> - - Param ( - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$server, - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$user, - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$pass, - [Parameter (ParameterSetName = 'All-WorkloadDomains', Mandatory = $true)] [ValidateNotNullOrEmpty()] [Switch]$allDomains, - [Parameter (ParameterSetName = 'Specific-WorkloadDomain', Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$workloadDomain - ) - - Try { - if (Test-VCFConnection -server $server) { - if (Test-VCFAuthentication -server $server -user $user -pass $pass) { - $vcenterLocalAccountLockoutObject = New-Object System.Collections.ArrayList - if ($PsBoundParameters.ContainsKey('workloadDomain')) { - $vcenterLocalAccountLockout = Request-VcenterAccountLockout -server $server -user $user -pass $pass -domain $workloadDomain; $vcenterLocalAccountLockoutObject += $vcenterLocalAccountLockout - } elseif ($PsBoundParameters.ContainsKey('allDomains')) { - $allWorkloadDomains = Get-VCFWorkloadDomain - foreach ($domain in $allWorkloadDomains ) { - $vcenterLocalAccountLockout = Request-VcenterAccountLockout -server $server -user $user -pass $pass -domain $domain.name; $vcenterLocalAccountLockoutObject += $vcenterLocalAccountLockout - } - } - - $vcenterLocalAccountLockoutObject = $vcenterLocalAccountLockoutObject | Sort-Object 'Workload Domain', 'Virtual Machine' | ConvertTo-Html -Fragment -PreContent '

vCenter Server - Account Lockout (Local Users)

' -As Table - $vcenterLocalAccountLockoutObject = Convert-CssClass -htmldata $vcenterLocalAccountLockoutObject - $vcenterLocalAccountLockoutObject - } - } - } Catch { - Debug-CatchWriter -object $_ - } -} -Export-ModuleMember -Function Publish-VcenterLocalAccountLockout - -Function Publish-NsxManagerPasswordExpiration { - <# - .SYNOPSIS - Publish password expiration policy for NSX Local Manager. - - .DESCRIPTION - The Publish-NsxManagerPasswordExpiration cmdlet returns password expiration policy for local users of NSX Local - Manager. The cmdlet connects to the SDDC Manager using the -server, -user, and -password values: - - Validates that network connectivity and authentication is possible to SDDC Manager - - Validates that network connectivity and authentication is possible to vCenter Server - - Collects password expiration policy for each local user of NSX Local Manager - - .EXAMPLE - Publish-NsxManagerPasswordExpiration -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -allDomains - This example will return password expiration policy for each local user of NSX Local Manager for all Workload Domains - - .EXAMPLE - Publish-NsxManagerPasswordExpiration -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -workloadDomain sfo-w01 - This example will return password expiration policy for each local user of NSX Local Manager for a Workload Domain - #> - - Param ( - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$server, - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$user, - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$pass, - [Parameter (ParameterSetName = 'All-WorkloadDomains', Mandatory = $true)] [ValidateNotNullOrEmpty()] [Switch]$allDomains, - [Parameter (ParameterSetName = 'Specific-WorkloadDomain', Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$workloadDomain - ) - - Try { - if (Test-VCFConnection -server $server) { - if (Test-VCFAuthentication -server $server -user $user -pass $pass) { - $localUsers = @("root","admin","audit","guestuser1","guestuser2") - $nsxManagerPasswordExpirationObject = New-Object System.Collections.ArrayList - if ($PsBoundParameters.ContainsKey('workloadDomain')) { - if (($vcfNsxDetails = Get-NsxtServerDetail -fqdn $server -username $user -password $pass -domain $workloadDomain -listNodes)) { - foreach ($nsxtManagerNode in $vcfNsxDetails.nodes) { - $nsxPasswordExpiration = Request-LocalUserPasswordExpiration -server $server -user $user -pass $pass -domain $workloadDomain -vmName ($nsxtManagerNode.fqdn.Split("."))[-0] -guestUser $vcfNsxDetails.rootUser -guestPassword $vcfNsxDetails.rootPass -localUser $localUsers; $nsxManagerPasswordExpirationObject += $nsxPasswordExpiration - } - } - } elseif ($PsBoundParameters.ContainsKey('allDomains')) { - $allWorkloadDomains = Get-VCFWorkloadDomain - foreach ($domain in $allWorkloadDomains ) { - if (($vcfNsxDetails = Get-NsxtServerDetail -fqdn $server -username $user -password $pass -domain $domain.name -listNodes)) { - foreach ($nsxtManagerNode in $vcfNsxDetails.nodes) { - $nsxPasswordExpiration = Request-LocalUserPasswordExpiration -server $server -user $user -pass $pass -domain $domain.name -vmName ($nsxtManagerNode.fqdn.Split("."))[-0] -guestUser $vcfNsxDetails.rootUser -guestPassword $vcfNsxDetails.rootPass -localUser $localUsers; $nsxManagerPasswordExpirationObject += $nsxPasswordExpiration - } - } - } - } - - $nsxManagerPasswordExpirationObject = $nsxManagerPasswordExpirationObject | Sort-Object 'Workload Domain', 'Virtual Machine', 'Local User' | ConvertTo-Html -Fragment -PreContent '

NSX Manager - Password Expiration

' -As Table - $nsxManagerPasswordExpirationObject = Convert-CssClass -htmldata $nsxManagerPasswordExpirationObject - $nsxManagerPasswordExpirationObject - } - } - } Catch { - Debug-CatchWriter -object $_ - } -} -Export-ModuleMember -Function Publish-NsxManagerPasswordExpiration - -Function Publish-NsxManagerPasswordComplexity { - <# - .SYNOPSIS - Publish password complexity policy for NSX Local Manager. - - .DESCRIPTION - The Publish-NsxManagerPasswordComplexity cmdlet returns password complexity policy for local users of NSX Local - Manager. The cmdlet connects to the SDDC Manager using the -server, -user, and -password values: - - Validates that network connectivity and authentication is possible to SDDC Manager - - Validates that network connectivity and authentication is possible to vCenter Server - - Collects password complexity policy for each local user of NSX Local Manager - - .EXAMPLE - Publish-NsxManagerPasswordComplexity -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -allDomains - This example will return password complexity policy for each local user of NSX Local Manager for all Workload Domains - - .EXAMPLE - Publish-NsxManagerPasswordComplexity -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -workloadDomain sfo-w01 - This example will return password complexity policy for each local user of NSX Local Manager for a Workload Domain - #> - - Param ( - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$server, - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$user, - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$pass, - [Parameter (ParameterSetName = 'All-WorkloadDomains', Mandatory = $true)] [ValidateNotNullOrEmpty()] [Switch]$allDomains, - [Parameter (ParameterSetName = 'Specific-WorkloadDomain', Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$workloadDomain - ) - - Try { - if (Test-VCFConnection -server $server) { - if (Test-VCFAuthentication -server $server -user $user -pass $pass) { - $nsxManagerPasswordComplexityObject = New-Object System.Collections.ArrayList - if ($PsBoundParameters.ContainsKey('workloadDomain')) { - $nsxPasswordComplexity = Request-NsxtManagerPasswordComplexity -server $server -user $user -pass $pass -domain $workloadDomain; $nsxManagerPasswordComplexityObject += $nsxPasswordComplexity - } elseif ($PsBoundParameters.ContainsKey('allDomains')) { - $allWorkloadDomains = Get-VCFWorkloadDomain - foreach ($domain in $allWorkloadDomains ) { - $nsxPasswordComplexity = Request-NsxtManagerPasswordComplexity -server $server -user $user -pass $pass -domain $domain.name; $nsxManagerPasswordComplexityObject += $nsxPasswordComplexity - } - } - - $nsxManagerPasswordComplexityObject = $nsxManagerPasswordComplexityObject | Sort-Object 'Workload Domain', 'Virtual Machine' | ConvertTo-Html -Fragment -PreContent '

NSX Manager - Password Complexity

' -As Table - $nsxManagerPasswordComplexityObject = Convert-CssClass -htmldata $nsxManagerPasswordComplexityObject - $nsxManagerPasswordComplexityObject - } - } - } Catch { - Debug-CatchWriter -object $_ - } -} -Export-ModuleMember -Function Publish-NsxManagerPasswordComplexity - -Function Publish-NsxManagerAccountLockout { - <# - .SYNOPSIS - Publish account lockout policy for NSX Local Manager. - - .DESCRIPTION - The Publish-NsxManagerAccountLockout cmdlet returns account lockout policy for local users of NSX Local - Manager. The cmdlet connects to the SDDC Manager using the -server, -user, and -password values: - - Validates that network connectivity and authentication is possible to SDDC Manager - - Validates that network connectivity and authentication is possible to vCenter Server - - Collects account lockout policy for each local user of NSX Local Manager - - .EXAMPLE - Publish-NsxManagerAccountLockout -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -allDomains - This example will return account lockout policy for each local user of NSX Local Manager for all Workload Domains - - .EXAMPLE - Publish-NsxManagerAccountLockout -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -workloadDomain sfo-w01 - This example will return account lockout policy for each local user of NSX Local Manager for a Workload Domain - #> - - Param ( - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$server, - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$user, - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$pass, - [Parameter (ParameterSetName = 'All-WorkloadDomains', Mandatory = $true)] [ValidateNotNullOrEmpty()] [Switch]$allDomains, - [Parameter (ParameterSetName = 'Specific-WorkloadDomain', Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$workloadDomain - ) - - Try { - if (Test-VCFConnection -server $server) { - if (Test-VCFAuthentication -server $server -user $user -pass $pass) { - $nsxManagerAccountLockoutObject = New-Object System.Collections.ArrayList - if ($PsBoundParameters.ContainsKey('workloadDomain')) { - $nsxAccountLockout = Request-NsxtManagerAccountLockout -server $server -user $user -pass $pass -domain $workloadDomain; $nsxManagerAccountLockoutObject += $nsxAccountLockout - } elseif ($PsBoundParameters.ContainsKey('allDomains')) { - $allWorkloadDomains = Get-VCFWorkloadDomain - foreach ($domain in $allWorkloadDomains ) { - $nsxAccountLockout = Request-NsxtManagerAccountLockout -server $server -user $user -pass $pass -domain $domain.name; $nsxManagerAccountLockoutObject += $nsxAccountLockout - } - } - - $nsxManagerAccountLockoutObject = $nsxManagerAccountLockoutObject | Sort-Object 'Workload Domain', 'Virtual Machine' | ConvertTo-Html -Fragment -PreContent '

NSX Manager - Account Lockout

' -As Table - $nsxManagerAccountLockoutObject = Convert-CssClass -htmldata $nsxManagerAccountLockoutObject - $nsxManagerAccountLockoutObject - } - } - } Catch { - Debug-CatchWriter -object $_ - } -} -Export-ModuleMember -Function Publish-NsxManagerAccountLockout - -Function Publish-NsxEdgePasswordExpiration { - <# - .SYNOPSIS - Publish password expiration policy for NSX Edge. - - .DESCRIPTION - The Publish-NsxEdgePasswordExpiration cmdlet returns password expiration policy for local users of NSX Local - Manager. The cmdlet connects to the SDDC Manager using the -server, -user, and -password values: - - Validates that network connectivity and authentication is possible to SDDC Manager - - Validates that network connectivity and authentication is possible to vCenter Server - - Collects password expiration policy for each local user of NSX Edge - - .EXAMPLE - Publish-NsxEdgePasswordExpiration -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -allDomains - This example will return password expiration policy for each local user of NSX Edge nodes for all Workload Domains - - .EXAMPLE - Publish-NsxEdgePasswordExpiration -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -workloadDomain sfo-w01 - This example will return password expiration policy for each local user of NSX Edge nodes for a Workload Domain - #> - - Param ( - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$server, - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$user, - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$pass, - [Parameter (ParameterSetName = 'All-WorkloadDomains', Mandatory = $true)] [ValidateNotNullOrEmpty()] [Switch]$allDomains, - [Parameter (ParameterSetName = 'Specific-WorkloadDomain', Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$workloadDomain - ) - - Try { - if (Test-VCFConnection -server $server) { - if (Test-VCFAuthentication -server $server -user $user -pass $pass) { - $localUsers = @("root","admin","audit","guestuser1","guestuser2") - $nsxEdgePasswordExpirationObject = New-Object System.Collections.ArrayList - if ($PsBoundParameters.ContainsKey('workloadDomain')) { - if (($vcfNsxDetails = Get-NsxtServerDetail -fqdn $server -username $user -password $pass -domain $workloadDomain)) { - if (Test-NSXTConnection -server $vcfNsxDetails.fqdn) { - if (Test-NSXTAuthentication -server $vcfNsxDetails.fqdn -user $vcfNsxDetails.adminUser -pass $vcfNsxDetails.adminPass) { - $nsxtEdgeNodes = (Get-NsxtEdgeCluster | Where-Object {$_.member_node_type -eq "EDGE_NODE"}) - foreach ($nsxtEdgeNode in $nsxtEdgeNodes.members) { - $nsxEdgePasswordExpiration = Request-LocalUserPasswordExpiration -server $server -user $user -pass $pass -domain $workloadDomain -vmName $nsxtEdgeNode.display_name -guestUser $vcfNsxDetails.rootUser -guestPassword $vcfNsxDetails.rootPass -localUser $localUsers; $nsxEdgePasswordExpirationObject += $nsxEdgePasswordExpiration - } - } - } - } - } elseif ($PsBoundParameters.ContainsKey('allDomains')) { - $allWorkloadDomains = Get-VCFWorkloadDomain - foreach ($domain in $allWorkloadDomains ) { - if (($vcfNsxDetails = Get-NsxtServerDetail -fqdn $server -username $user -password $pass -domain $domain.name)) { - if (Test-NSXTConnection -server $vcfNsxDetails.fqdn) { - if (Test-NSXTAuthentication -server $vcfNsxDetails.fqdn -user $vcfNsxDetails.adminUser -pass $vcfNsxDetails.adminPass) { - $nsxtEdgeNodes = (Get-NsxtEdgeCluster | Where-Object {$_.member_node_type -eq "EDGE_NODE"}) - foreach ($nsxtEdgeNode in $nsxtEdgeNodes.members) { - $nsxEdgePasswordExpiration = Request-LocalUserPasswordExpiration -server $server -user $user -pass $pass -domain $domain.name -vmName $nsxtEdgeNode.display_name -guestUser $vcfNsxDetails.rootUser -guestPassword $vcfNsxDetails.rootPass -localUser $localUsers; $nsxEdgePasswordExpirationObject += $nsxEdgePasswordExpiration - } - } - } - } - } - } - - $nsxEdgePasswordExpirationObject = $nsxEdgePasswordExpirationObject | Sort-Object 'Workload Domain', 'Virtual Machine', 'Local User' | ConvertTo-Html -Fragment -PreContent '

NSX Edge - Password Expiration

' -As Table - $nsxEdgePasswordExpirationObject = Convert-CssClass -htmldata $nsxEdgePasswordExpirationObject - $nsxEdgePasswordExpirationObject - } - } - } Catch { - Debug-CatchWriter -object $_ - } -} -Export-ModuleMember -Function Publish-NsxEdgePasswordExpiration - -Function Publish-NsxEdgePasswordComplexity { - <# - .SYNOPSIS - Publish password complexity policy for NSX Edge. - - .DESCRIPTION - The Publish-NsxEdgePasswordComplexity cmdlet returns password complexity policy for local users of NSX Local - Manager. The cmdlet connects to the SDDC Manager using the -server, -user, and -password values: - - Validates that network connectivity and authentication is possible to SDDC Manager - - Validates that network connectivity and authentication is possible to vCenter Server - - Collects password complexity policy for each local user of NSX Edge - - .EXAMPLE - Publish-NsxEdgePasswordComplexity -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -allDomains - This example will return password complexity policy for each local user of NSX Edge nodes for all Workload Domains - - .EXAMPLE - Publish-NsxEdgePasswordComplexity -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -workloadDomain sfo-w01 - This example will return password complexity policy for each local user of NSX Edge nodes for a Workload Domain - #> - - Param ( - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$server, - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$user, - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$pass, - [Parameter (ParameterSetName = 'All-WorkloadDomains', Mandatory = $true)] [ValidateNotNullOrEmpty()] [Switch]$allDomains, - [Parameter (ParameterSetName = 'Specific-WorkloadDomain', Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$workloadDomain - ) - - Try { - if (Test-VCFConnection -server $server) { - if (Test-VCFAuthentication -server $server -user $user -pass $pass) { - $nsxEdgePasswordComplexityObject = New-Object System.Collections.ArrayList - if ($PsBoundParameters.ContainsKey('workloadDomain')) { - $nsxEdgePasswordComplexity = Request-NsxtEdgePasswordComplexity -server $server -user $user -pass $pass -domain $workloadDomain; $nsxEdgePasswordComplexityObject += $nsxEdgePasswordComplexity - } elseif ($PsBoundParameters.ContainsKey('allDomains')) { - $allWorkloadDomains = Get-VCFWorkloadDomain - foreach ($domain in $allWorkloadDomains ) { - $nsxEdgePasswordComplexity = Request-NsxtEdgePasswordComplexity -server $server -user $user -pass $pass -domain $domain.name; $nsxEdgePasswordComplexityObject += $nsxEdgePasswordComplexity - } - } - - $nsxEdgePasswordComplexityObject = $nsxEdgePasswordComplexityObject | Sort-Object 'Workload Domain', 'Virtual Machine', 'Local User' | ConvertTo-Html -Fragment -PreContent '

NSX Edge - Password Complexity

' -As Table - $nsxEdgePasswordComplexityObject = Convert-CssClass -htmldata $nsxEdgePasswordComplexityObject - $nsxEdgePasswordComplexityObject - } - } - } Catch { - Debug-CatchWriter -object $_ - } -} -Export-ModuleMember -Function Publish-NsxEdgePasswordComplexity - -Function Publish-NsxEdgeAccountLockout { - <# - .SYNOPSIS - Publish account lockout policy for NSX Edge. - - .DESCRIPTION - The Publish-NsxEdgeAccountLockout cmdlet returns account lockout policy for local users of NSX Local - Manager. The cmdlet connects to the SDDC Manager using the -server, -user, and -password values: - - Validates that network connectivity and authentication is possible to SDDC Manager - - Validates that network connectivity and authentication is possible to vCenter Server - - Collects account lockout policy for NSX Edge node - - .EXAMPLE - Publish-NsxEdgeAccountLockout -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -allDomains - This example will return account lockout policy for each NSX Edge nodes for all Workload Domains - - .EXAMPLE - Publish-NsxEdgeAccountLockout -server sfo-vcf01.sfo.rainpole.io -user admin@local -pass VMw@re1!VMw@re1! -workloadDomain sfo-w01 - This example will return account lockout policy for each NSX Edge nodes for a Workload Domain - #> - - Param ( - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$server, - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$user, - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$pass, - [Parameter (ParameterSetName = 'All-WorkloadDomains', Mandatory = $true)] [ValidateNotNullOrEmpty()] [Switch]$allDomains, - [Parameter (ParameterSetName = 'Specific-WorkloadDomain', Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$workloadDomain - ) - - Try { - if (Test-VCFConnection -server $server) { - if (Test-VCFAuthentication -server $server -user $user -pass $pass) { - $nsxEdgeAccountLockoutObject = New-Object System.Collections.ArrayList - if ($PsBoundParameters.ContainsKey('workloadDomain')) { - $nsxEdgeAccountLockout = Request-NsxtEdgeAccountLockout -server $server -user $user -pass $pass -domain $workloadDomain; $nsxEdgeAccountLockoutObject += $nsxEdgeAccountLockout - } elseif ($PsBoundParameters.ContainsKey('allDomains')) { - $allWorkloadDomains = Get-VCFWorkloadDomain - foreach ($domain in $allWorkloadDomains ) { - $nsxEdgeAccountLockout = Request-NsxtEdgeAccountLockout -server $server -user $user -pass $pass -domain $domain.name; $nsxEdgeAccountLockoutObject += $nsxEdgeAccountLockout - } - } - - $nsxEdgeAccountLockoutObject = $nsxEdgeAccountLockoutObject | Sort-Object 'Workload Domain', 'Virtual Machine', 'Local User' | ConvertTo-Html -Fragment -PreContent '

NSX Edge - Account Lockout

' -As Table - $nsxEdgeAccountLockoutObject = Convert-CssClass -htmldata $nsxEdgeAccountLockoutObject - $nsxEdgeAccountLockoutObject - } - } - } Catch { - Debug-CatchWriter -object $_ - } -} -Export-ModuleMember -Function Publish-NsxEdgeAccountLockout - -########################################## E N D O F F U N C T I O N S ########################################## -####################################################################################################################### - - ####################################################################################################################### ############################### S Y S T E M O V E R V I E W F U N C T I O N S ##################################