Functions/Public/identity/Get-vRAUserPrincipal.ps1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
function Get-vRAUserPrincipal {
<#
    .SYNOPSIS
    Finds regular users
    
    .DESCRIPTION
    Finds regular users in one of the identity providers configured for the tenant.
    
    .PARAMETER Id
    The Id of the user
    
    .PARAMETER Tenant
    The tenant of the user
    
    .PARAMETER LocalUsersOnly
    Only return local users
    
    .PARAMETER Limit
    The number of entries returned per page from the API. This has a default value of 100.

    .INPUTS
    System.String

    .OUTPUTS
    System.Management.Automation.PSObject.

    .EXAMPLE
    Get-vRAUserPrincipal
    
    .EXAMPLE
    Get-vRAUserPrincipal -LocalUsersOnly

    .EXAMPLE
    Get-vRAUserPrincipal -Id user@vsphere.local
    
    .EXAMPLE
    Get-vRAUserPrincipal -UserName user@vsphere.local
    
    .EXAMPLE
    Get-vRAUserPrincipal -PrincipalId user@vsphere.local
#>

[CmdletBinding(DefaultParameterSetName="Standard")][OutputType('System.Management.Automation.PSObject')]

    Param (

    [parameter(Mandatory=$true, ParameterSetName="byId")]
    [ValidateNotNullOrEmpty()]
    [Alias("UserName","PrincipalId")]
    [String[]]$Id,
    
    [parameter(Mandatory=$false,ParameterSetName="Standard")]  
    [parameter(Mandatory=$false,ParameterSetName="byId")]    
    [ValidateNotNullOrEmpty()]
    [String]$Tenant = $Global:vRAConnection.Tenant,    
    
    [parameter(Mandatory=$false, ParameterSetName="Standard")]
    [Switch]$LocalUsersOnly,   
          
    [parameter(Mandatory=$false, ParameterSetName="Standard")]
    [ValidateNotNullOrEmpty()]
    [String]$Limit = "100"
    
    )
    
    begin {
        # --- Test for vRA API version
        xRequires -Version 7.0
    }
    
    process {
                
        try {
            
            switch ($PSCmdlet.ParameterSetName){
                
                'ById'{

                    foreach ($UserId in $Id){

                        $URI = "/identity/api/tenants/$($Tenant)/principals/$($UserId)"

                        # --- Run vRA REST Request
                        $Response = Invoke-vRARestMethod -Method GET -URI $URI
                    
                        [pscustomobject] @{

                            FirstName = $Response.firstName
                            LastName = $Response.lastName
                            EmailAddress = $Response.emailAddress
                            Description = $Response.description
                            Locked = $Response.locked
                            Disabled = $Response.disabled
                            Password = $Response.password
                            PrincipalId = "$($Response.principalId.name)@$($Response.principalId.domain)"
                            TenantName = $Response.tenantName
                            Name = $Response.name

                        }
                        
                    }
                    
                    break
                                    
                }
                
                'Standard' {
                        
                    if ($PSBoundParameters.ContainsKey("LocalUsersOnly")) {
                        
                        $Params = "&localUsersOnly=true"
                        
                    }
                    
                    $URI = "/identity/api/tenants/$($Tenant)/principals?limit=$($Limit)$($Params)"
                    
                    # --- Run vRA REST Request
                    $Response = Invoke-vRARestMethod -Method GET -URI $URI
                    
                    foreach ($Principal in $Response.content) {
                    
                        [pscustomobject] @{

                            FirstName = $Principal.firstName
                            LastName = $Principal.lastName
                            EmailAddress = $Principal.emailAddress
                            Description = $Principal.description
                            Locked = $Principal.locked
                            Disabled = $Principal.disabled
                            Password = $Principal.password
                            PrincipalId = "$($Principal.principalId.name)@$($Principal.principalId.domain)"
                            TenantName = $Principal.tenantName
                            Name = $Principal.name

                        }
                        
                    }
                    
                    break                                
                    
                }
        
            }
            
        }
        catch [Exception]{

            throw
            
        }
        
    }
    
    end {}
    
}