PowervRA

2.2.0

Functions/Public/identity/Get-vRAUserPrincipalGroupMembership.ps1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
 function Get-vRAUserPrincipalGroupMembership {
<#
    .SYNOPSIS
    Retrieve a list of groups that a user is a member of
    
    .DESCRIPTION
    Retrieve a list of groups that a user is a member of
    
    .PARAMETER Id
    The Id of the user
    
    .PARAMETER Tenant
    The tenant of the user
    
    .PARAMETER GroupType
    Return either custom or sso groups
    
    .PARAMETER Limit
    The number of entries returned per page from the API. This has a default value of 100.

    .PARAMETER Page
    The page of response to return. By default this is 1.

    .INPUTS
    System.String
    System.Int

    .OUTPUTS
    System.Management.Automation.PSObject.

    .EXAMPLE
    Get-vRAUserPrincipal -Id user@vsphere.local | Get-vRAUserPrincipalGroupMembership
    
    .EXAMPLE
    Get-vRAUserPrincipal -Id user@vsphere.local | Get-vRAUserPrincipalGroupMembership -GroupType SSO

    .EXAMPLE
    Get-vRAUserPrincipalGroupMembership -Id user@vsphere.local
    
    .EXAMPLE
    Get-vRAUserPrincipalGroupMembership -UserPrincipal user@vsphere.local

#>
[CmdletBinding()][OutputType('System.Management.Automation.PSObject')]

    Param (
        [parameter(Mandatory=$true, ValueFromPipeline=$true, ValueFromPipelineByPropertyName=$true)]
        [ValidateNotNullOrEmpty()]
        [Alias("PrincipalId")]
        [String[]]$Id,
        
        [parameter(Mandatory=$false)]  
        [ValidateNotNullOrEmpty()]
        [String]$Tenant = $Global:vRAConnection.Tenant,    
        
        [parameter(Mandatory=$false)]
        [ValidateSet("SSO","CUSTOM")]
        [String]$GroupType,   
          
        [Parameter(Mandatory=$false)]
        [ValidateNotNullOrEmpty()]
        [Int]$Limit = 100,
    
        [Parameter(Mandatory=$false)]
        [ValidateNotNullOrEmpty()]
        [Int]$Page = 1
    )
    
    Begin {
        # --- Test for vRA API version
        xRequires -Version 7.0
    }
    
    Process {
                
        try {
  
            foreach ($UserId in $Id){

                $URI = "/identity/api/tenants/$($Tenant)/principals/$($UserId)/groups?limit=$($Limit)&page=$($Page)"

                if ($PSBoundParameters.ContainsKey("GroupType")) {
                    $URI = $URI + "&groupType=$($GroupType)"
                }

                # --- Run vRA REST Request
                $Response = Invoke-vRARestMethod -Method GET -URI $URI -Verbose:$VerbosePreference

                foreach ($Group in $Response.content) {
                    [PSCustomObject] @{
                        GroupType = $Group.groupType
                        Name = $Group.name
                        Domain = $Group.domain
                        Description = $Group.description
                        PrincipalId = "$($Group.principalId.name)@$($Group.principalId.domain)"
                    }
                }
            }
        }
        catch [Exception]{

            throw $_        
        }
    }
    
    End {

    }   
}