Public/SEPPmailLegacyConfig.ps1

<#
.SYNOPSIS
    Sets the Config to a defined SEPPmail instance and credential
.DESCRIPTION
    Use this commandlet to define a SEPPmail Legacy configuration (SLConfig) for the SL Commandlets. Each SLConfig is stored with its FQND and the extension .config in the SLConfig directory. If you run Set-SLConfig, you need to specify a FQDN for a SEPPmail. The CmdLet reads the config, copies it over the default config (current.config) and loads it into the $SLConfig variable for use with other CmdLets.
.EXAMPLE
    PS> Set-SLConfig -SEPPmailFQDN securemail.contoso.de
    This will read the config file for the FQDN and set it as current config (stores in in the global variable $SLConfig)
.EXAMPLE
    PS> Set-SLConfig -SEPPmailFQDN securemail.contoso.de -SetasDefault
    This will read the config file for the FQDN and set it as current config and overwrites the default config file SLCurrent.config
#>


function Set-SLConfig
{

    [CmdletBinding()]
    param (
        [Parameter(
            Mandatory = $false,
            ValueFromPipelineByPropertyName = $true
        )]
        [String]$SEPPmailFQDN,

        [Parameter(
            Mandatory = $false,
            HelpMessage = 'Overwrites the default config file SLCurrent.Config so that future requests use the new config'
        )]
        [switch]$setAsDefault = $false
    )

    begin
    {
        $conf = $null
    }
    
    process
    {
        if ($SEPPmailFQDN)
        {
            Write-Verbose "Check if a file $SEPPmailFQDN.config exists"
            $SLConfigFilePath = (Join-Path -Path $SLConfigPath -ChildPath $SEPPmailFQDN) + '.config'
        }
        else
        {
            Write-Verbose "No FQDN specified, load default config file"
            $SLConfigFilePath = Join-Path -Path $SLConfigPath -ChildPath 'SLCurrent.config'
        }

        if (!(Test-Path $SLConfigFilePath))
        {
            Write-Warning 'Configuration file does not exist - please check FQDN or create a new configuration with New-SLConfig'
            break
        }

        Write-Verbose "Check if the $SEPPmailFQDN.config file contains all needed properties"
        $conf = Get-Content $SLConfigFilePath | ConvertFrom-Json
        If ((!($conf.SEPPmailFQDN)) -or (!($conf.Secret)) -or (!($conf.AdminPort)))
        {
            Write-Warning -Message "Configuration incomplete! Run New-SLConfig to create a proper configuration"
            break
        }

        Write-Verbose "Testing if $($conf.Secret) exists in secrets store."
        $SecFilePath = Join-Path -Path $SLConfigPath -ChildPath ("$($Conf.Secret)" + '.xml')
        if (!(Test-Path -Path $SecFilePath))
        {
            Write-Warning "Stored credentials XML file $($conf.Secret) is missing! Run New-SLConfig to create a proper configuration"
            break
        }
        else
        {
            $secureSecret = Import-Clixml -Path $SecFilePath
        }
        if ($setAsDefault -eq $true) {
            Write-Verbose "Writing default-Config File SLCurrent.config"
            $defaultconfigFilePath = Join-Path $SLConfigPath -ChildPath 'SLCurrent.config'
            Set-Content $defaultconfigFilePath -Value ($conf| ConvertTo-Json)
        }

        Write-Verbose "Writing securesecret to config variable."
        $global:SLConfig = [ordered]@{
            SEPPmailFQDN         = $conf.SEPPmailFQDN
            Secret               = $secureSecret
            AdminPort            = $conf.Adminport
            SkipCertificateCheck = $true
        }

    }
    
    end
    {
        if (!(Test-Path $SLConfigFilePath))
        {
            Write-Warning 'There is no current configuration file defined (SLConfig.config). Run New-SLConfig without the -NotCurrent parameter to create one.'
        }
        return $conf
    }
}

<#
.SYNOPSIS
    Creates or overwrites a new Configuration file
.DESCRIPTION
    Use this commandlet to create a SEPPmail Legacy configuration (SLConfig) for the SL Commandlets. Each SLConfig is stored with its FQND and the extension .config in the SLCOnfig directory. If you run New-SLConfig, you need to specify a FQDN a username and a Password for the Legacy-enabled User for a SEPPmail. The CmdLet creates the config file.
.EXAMPLE
    PS> New-SLConfig -SEPPmailFQDN securemail.contoso.de -UserName Legacyadmin@contoso.de
    This will create the config file for the FQDN.
.EXAMPLE
    PS> New-SLConfig -SEPPmailFQDN localhost -UserName Legacyadmin@contoso.de -SkipCertificateCheck $true
    This will create the config file for the FQDN and will not run Certificatechecks on this machine.
.EXAMPLE
    PS> New-SLConfig -SEPPmailFQDN securemail.contoso.de -UserName Legacyadmin@contoso.de -AdminPort 10443
    This will create the config file for the FQDN with a different AdminPort
.EXAMPLE
    PS> New-SLConfig -SEPPmailFQDN securemail.contoso.de -UserName Legacyadmin@contoso.de -NotCurrent
    This will create a config file but NOT copy it to the SLConfig.config. So it will not be used immediately.
#>

function New-SLConfig
{
    [CmdletBinding()]
    param (
        [Parameter(
            Mandatory = $true,
            ValueFromPipelineByPropertyName = $true)]
        [Alias("FQDN")]
        [ValidatePattern("^(?!:\/\/)(?=.{1,255}$)((.{1,63}\.){1,127}(?![0-9]*$)[a-z0-9-]+\.?)$")]
        [String]$SEPPmailFQDN,

        [Parameter(
            Mandatory = $true,
            ValueFromPipelineByPropertyName = $true)]
        [Alias("sec")]
        [String]$UserName,

        [Parameter(
            Mandatory = $false,
            ValueFromPipelineByPropertyName = $true,
            HelpMessage = 'Default is 8443, but you may use another port like 10443')]
        [Alias("Port")]
        [String]$AdminPort = '8443',

        [Parameter(
            Mandatory = $false,
            ValueFromPipelineByPropertyName = $true,
            HelpMessage = 'For testmachines which have no valid certificates, turn this on by simply adding -SkipCertificateCheck $true in the commandline')]
        [Alias("Skip")]
        [bool]$SkipCertificateCheck = $false,
         
        [Parameter(
            Mandatory = $false,
            HelpMessage = 'Set if you do NOT want this new config to be set as default'
        )]
        [Switch]$NotCurrent = $false

    )
    
    begin
    {
        Write-Verbose 'Create an empty config hashtable'
        $conf = [ordered]@{}
    }
    
    process
    {
        $SecFilePath = Join-Path -Path $SLConfigPath -ChildPath ("$UserName" + ".xml")
        Write-Verbose "Create secret here: $SecFilePath if it does not exists"
        if (!(Test-Path -Path $SecFilePath))
        {
            Write-Verbose "Secret for username: $userName not found, creating new" 
            [Securestring]$secretPassword = Read-Host -Prompt "Enter Password for the above username" -AsSecureString
            New-Object -TypeName PSCredential -ArgumentList ($userName, $secretpassword) | Export-Clixml -Path $SecFilePath
        }

        Write-Verbose "Set Parametervalues into temporary config"
        $conf.SEPPmailFQDN = $SEPPmailFQDN
        If ($UserName) { $conf.Secret = $UserName }
        If ($AdminPort) { $conf.AdminPort = $AdminPort }
        $conf.SkipCertificateCheck = $SkipCertificateCheck

        Write-Verbose "Writing new config to file."
        $SLConfigFilePath = (Join-Path $SLConfigPath -ChildPath $SEPPmailFQDN) + ".config"
        $conf | ConvertTo-Json | New-Item -Path $SLConfigFilePath -Force | Out-Null
        
        If ($Notcurrent)
        {
            Write-Verbose 'Just created config file, not copying it to SLCurrent.config'
        }
        else
        {
            $CurrentSLConfigFilePath = (Join-Path $SLConfigPath -ChildPath 'SLCurrent') + '.config'
            Copy-Item -Path $SLConfigFilePath -Destination $CurrentSLConfigFilePath | Out-Null
        }
    }
    
    end
    {
        return $conf
    }
}

<#
.SYNOPSIS
    Test a SEPPmail config
.DESCRIPTION
    After defining a configuration to a SEPPmail appliance, this CmdLet tests
    to read some data
.EXAMPLE
    PS C:\> Test-SLConfig -SEPPmailFQDN 'securemail.contoso.de'
    Tests if legacyapi access to securemail.contoso.de works and raises relevant errors.
#>

function Test-SLConfig
{
    [CmdLetBinding()]
    param()

    begin
    {
        Set-SLConfig

    }
    process
    {
        try
        {
            if ($IsWindows)
            {
                if (!((Resolve-DnsName -Name $SLConfig.SEPPmailFQDN -ErrorAction 0).IPAddress))
                {
                    Write-Error "Could not resolve SEPPmailFQDN, please check DNS and FQDN Name!"
                }
                else
                {
                    Write-Host "DNS query to $($SLConfig.SEPPmailFQDN) worked." -ForegroundColor Green
                }
            }

            #((Test-Netconnection -ComputerName $SLConfig.SEPPmailFQDN -Port $SLConfig.AdminPort).TcpTestSucceeded)
            if ($IsWindows -or ($PSversiontable.PSEdition -eq 'Desktop'))
            {
                if (!((Test-NetConnection -ComputerName $SLConfig.SEPPmailFQDN -Port $SLConfig.AdminPort -WarningAction SilentlyContinue).TcpTestSucceeded))
                {
                    Write-Error "Could not connect to port $SLConfig.AdminPort! Check Firewalls and Port configuration." 
                }
                else
                {
                    Write-Host "TCP Connect to $($SLConfig.SEPPmailFQDN) on Port $($SLConfig.AdminPort) worked." -ForegroundColor Green
                }
            }
            else
            {
                if (!(Test-Connection -ComputerName $SLConfig.SEPPmailFQDN -TcpPort $SLConfig.AdminPort -WarningAction SilentlyContinue -Quiet))
                {
                    Write-Error "Could not connect to port $SLConfig.AdminPort! Check Firewalls and Port configuration." 
                }
                else
                {
                    Write-Host "TCP Connect to $($SLConfig.SEPPmailFQDN) on Port $($SLConfig.AdminPort) worked." -ForegroundColor Green
                }
            }
            
            # Try login at SEPPmail and receive group INfo

            $urlroot = New-SLUrlRoot -FQDN $SLConfig.SEPPmailFQDN -adminPort $SLConfig.adminPort
            $uri = $urlroot + 'statistics' + '?' + 'returnType' + '=' + 'CSV'
            try 
            {
                if ((Invoke-RestMethod -Uri $uri -Method GET -Credential $SLConfig.secret | ConvertFrom-Csv -Delimiter ';' | Select-Object -First 1).Length -eq '1') 
                {
                    Write-Host "Data access with $($SLConfig.secret.UserName) worked." -ForegroundColor Green
                }
            }
            catch
            {
                Write-Error "Most likely an access error"
                Write-Error "Check e-Mail/password and membership of the user to the group `"legacyappadmin`". Create the group if necessary."
                $_
            }
        }
        catch
        {
            Write-Error "Configuratiton is not valid! See error below"
            $_
        }
    }
    end
    {
        # No code here
    }
}

<#
.SYNOPSIS
    Removes a Configuration file
.DESCRIPTION
    Use this commandlet to remove an existing SEPPmail Legacy configuration (SLConfig) for the SL Commandlets.
.EXAMPLE
    PS> Remove-SLConfig -SEPPmailFQDN securemail.contoso.de
    This will remove the config file for the FQDN and the secret in the BuildInLocalLault
#>

function Remove-SLConfig
{

    [CmdletBinding()]
    param (
        [Parameter(
            Mandatory = $true,
            ValueFromPipelineByPropertyName = $true)]
        [Alias("FQDN")]
        [String]$SEPPmailFQDN

    )
    
    begin
    {
    }
    
    process
    {
        try
        {
            Write-Verbose "Read File "
            $FQDNConfigFilePath = (Join-Path $SLConfigPath -ChildPath $SEPPmailFQDN) + ".config"

            if ($FQDNConfigFilePath)
            {
                Write-Verbose 'Config file found, trying to remove secrets'
                $SecretName = (Get-Content $FQDNConfigFilePath | ConvertFrom-Json).Secret
                $SecFilePath = Join-Path -Path $SLConfigPath -ChildPath ("$SecretName" + ".xml")
                If ((Import-Clixml -Path $SecFilePath -ea 0))
                {
                    Write-Verbose "Removing Credentials file $SecFilePath"
                    Remove-Item -Path $SecFilePath -Force
                }
                if (Test-Path $FQDNConfigFilePath)
                {
                    Write-Verbose "Removing File $FQDNConfigFilePath"
                    Remove-Item -Path $FQDNConfigFilePath -Force
                }
                else
                {
                    Write-Warning "Config File for $SEPPmailFQDN not found"
                }
            }
        }
        catch
        {
            $_.Exception
        }
    }
    end
    {
    }
}

<#
.SYNOPSIS
    List existing configurations
.DESCRIPTION
    Reads the .SEPPmailLegacy directory and reads all sonfig files.
.EXAMPLE
    PS C:\> Find-SLConfig
    Lists all the configurations found, including parameters
.EXAMPLE
    PS C:\> Find-SLConfig -Config securemail.sontoso.de
    List a specific config, including parameters
#>

function Find-SLConfig
{
    [CmdletBinding()]
    param (        
        [Parameter(
            Mandatory = $false
        )]
        [String]$ConfigName

    )
    begin
    {
        try {
            if ($ConfigName)
            {
                Write-Verbose 'Storing names $Configurations array'
                $Configurations = @(Get-ChildItem -Path (Join-Path $SLConfigPath -ChildPath '\*.config') -Exclude 'SLCurrent*' | Where-Object Name -Like $ConfigName)
            }
            else
            {
                Write-Verbose 'Storing $Configurations array of all configuration files'
                $Configurations = @(Get-ChildItem -Path (Join-Path $SLConfigPath -ChildPath '\*.config')-Exclude 'SLCurrent*')
            }
        }
        catch {
            Write-Error "Find-SLConfig failes with error $_.CategoryInfo"
        }
    }
    process
    {
        try {
            Write-Verbose 'Looping through $configurations array'
            foreach ($conf in $Configurations)
            {
                Write-Verbose 'Emit Configuration'
                Get-Content $conf | ConvertFrom-Json
            }
        }
        catch {
            Write-Error "Find-SLConfig failes with error $_.CategoryInfo"
        }
    }
    end
    {
    }
}

# SIG # Begin signature block
# MIIL1wYJKoZIhvcNAQcCoIILyDCCC8QCAQExCzAJBgUrDgMCGgUAMGkGCisGAQQB
# gjcCAQSgWzBZMDQGCisGAQQBgjcCAR4wJgIDAQAABBAfzDtgWUsITrck0sYpfvNR
# AgEAAgEAAgEAAgEAAgEAMCEwCQYFKw4DAhoFAAQU5pzYxv9teFj4dO/ZQ4diAT6r
# +8uggglAMIIEmTCCA4GgAwIBAgIQcaC3NpXdsa/COyuaGO5UyzANBgkqhkiG9w0B
# AQsFADCBqTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYG
# A1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMv
# KGMpIDIwMDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkx
# HzAdBgNVBAMTFnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwHhcNMTMxMjEwMDAwMDAw
# WhcNMjMxMjA5MjM1OTU5WjBMMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3Rl
# LCBJbmMuMSYwJAYDVQQDEx10aGF3dGUgU0hBMjU2IENvZGUgU2lnbmluZyBDQTCC
# ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJtVAkwXBenQZsP8KK3TwP7v
# 4Ol+1B72qhuRRv31Fu2YB1P6uocbfZ4fASerudJnyrcQJVP0476bkLjtI1xC72Ql
# WOWIIhq+9ceu9b6KsRERkxoiqXRpwXS2aIengzD5ZPGx4zg+9NbB/BL+c1cXNVeK
# 3VCNA/hmzcp2gxPI1w5xHeRjyboX+NG55IjSLCjIISANQbcL4i/CgOaIe1Nsw0Rj
# gX9oR4wrKs9b9IxJYbpphf1rAHgFJmkTMIA4TvFaVcnFUNaqOIlHQ1z+TXOlScWT
# af53lpqv84wOV7oz2Q7GQtMDd8S7Oa2R+fP3llw6ZKbtJ1fB6EDzU/K+KTT+X/kC
# AwEAAaOCARcwggETMC8GCCsGAQUFBwEBBCMwITAfBggrBgEFBQcwAYYTaHR0cDov
# L3QyLnN5bWNiLmNvbTASBgNVHRMBAf8ECDAGAQH/AgEAMDIGA1UdHwQrMCkwJ6Al
# oCOGIWh0dHA6Ly90MS5zeW1jYi5jb20vVGhhd3RlUENBLmNybDAdBgNVHSUEFjAU
# BggrBgEFBQcDAgYIKwYBBQUHAwMwDgYDVR0PAQH/BAQDAgEGMCkGA1UdEQQiMCCk
# HjAcMRowGAYDVQQDExFTeW1hbnRlY1BLSS0xLTU2ODAdBgNVHQ4EFgQUV4abVLi+
# pimK5PbC4hMYiYXN3LcwHwYDVR0jBBgwFoAUe1tFz6/Oy3r9MZIaarbzRutXSFAw
# DQYJKoZIhvcNAQELBQADggEBACQ79degNhPHQ/7wCYdo0ZgxbhLkPx4flntrTB6H
# novFbKOxDHtQktWBnLGPLCm37vmRBbmOQfEs9tBZLZjgueqAAUdAlbg9nQO9ebs1
# tq2cTCf2Z0UQycW8h05Ve9KHu93cMO/G1GzMmTVtHOBg081ojylZS4mWCEbJjvx1
# T8XcCcxOJ4tEzQe8rATgtTOlh5/03XMMkeoSgW/jdfAetZNsRBfVPpfJvQcsVncf
# hd1G6L/eLIGUo/flt6fBN591ylV3TV42KcqF2EVBcld1wHlb+jQQBm1kIEK3Osgf
# HUZkAl/GR77wxDooVNr2Hk+aohlDpG9J+PxeQiAohItHIG4wggSfMIIDh6ADAgEC
# AhBdMTrn+ZR0fTH9F/xerQI2MA0GCSqGSIb3DQEBCwUAMEwxCzAJBgNVBAYTAlVT
# MRUwEwYDVQQKEwx0aGF3dGUsIEluYy4xJjAkBgNVBAMTHXRoYXd0ZSBTSEEyNTYg
# Q29kZSBTaWduaW5nIENBMB4XDTIwMDMxNjAwMDAwMFoXDTIzMDMxNjIzNTk1OVow
# XTELMAkGA1UEBhMCQ0gxDzANBgNVBAgMBkFhcmdhdTERMA8GA1UEBwwITmV1ZW5o
# b2YxFDASBgNVBAoMC1NFUFBtYWlsIEFHMRQwEgYDVQQDDAtTRVBQbWFpbCBBRzCC
# ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKE54Nn5Vr8YcEcTv5k0vFyW
# 26kzBt9Pe2UcawfjnyqvYpWeCuOXxy9XXif24RNuBROEc3eqV4EHbA9v+cOrE1me
# 4HTct7byRM0AQCzobeFAyei3eyeDbvb963pUD+XrluCQS+L80n8yCmcOwB+weX+Y
# j2CY7s3HZfbArzTxBHo5AKEDp9XxyoCc/tUQOq6vy+wdbOOfLhrNMkDDCsBWSLqi
# jx3t1E+frAYF7tXaO5/FEGTeb/OjXqOpoooNL38FmCJh0CKby090sBJP5wSienn1
# NdhmBOKRL+0K3bomozoYmQscpT5AfWo4pFQm+8bG4QdNaT8AV4AHPb4zf23bxWUC
# AwEAAaOCAWowggFmMAkGA1UdEwQCMAAwHwYDVR0jBBgwFoAUV4abVLi+pimK5PbC
# 4hMYiYXN3LcwHQYDVR0OBBYEFPKf1Ta/8vAMTng2ZeBzXX5uhp8jMCsGA1UdHwQk
# MCIwIKAeoByGGmh0dHA6Ly90bC5zeW1jYi5jb20vdGwuY3JsMA4GA1UdDwEB/wQE
# AwIHgDATBgNVHSUEDDAKBggrBgEFBQcDAzBuBgNVHSAEZzBlMGMGBmeBDAEEATBZ
# MCYGCCsGAQUFBwIBFhpodHRwczovL3d3dy50aGF3dGUuY29tL2NwczAvBggrBgEF
# BQcCAjAjDCFodHRwczovL3d3dy50aGF3dGUuY29tL3JlcG9zaXRvcnkwVwYIKwYB
# BQUHAQEESzBJMB8GCCsGAQUFBzABhhNodHRwOi8vdGwuc3ltY2QuY29tMCYGCCsG
# AQUFBzAChhpodHRwOi8vdGwuc3ltY2IuY29tL3RsLmNydDANBgkqhkiG9w0BAQsF
# AAOCAQEAdszNU8RMB6w9ylqyXG3EjWnvii7aigN0/8BNwZIeqLP9aVrHhDEIqz0R
# u+KJG729SgrtLgc7OenqubaDLiLp7YICAsZBUae3a+MS7ifgVLuDKBSdsMEH+oRu
# N1iGMfnAhykg0P5ltdRlNfDvQlIFiqGCcRaaGVC3fqo/pbPttbW37osyIxTgmB4h
# EWs1jo8uDEHxw5qyBw/3CGkBhf5GNc9mUOHeEBMnzOesmlq7h9R2Q5FaPH74G9FX
# xAG2z/rCA7Cwcww1Qgb1k+3d+FGvUmVGxJE45d2rVj1+alNc+ZcB9Ya9+8jhMssM
# LjhJ1BfzUWeWdZqRGNsfFj+aZskwxjGCAgEwggH9AgEBMGAwTDELMAkGA1UEBhMC
# VVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEmMCQGA1UEAxMddGhhd3RlIFNIQTI1
# NiBDb2RlIFNpZ25pbmcgQ0ECEF0xOuf5lHR9Mf0X/F6tAjYwCQYFKw4DAhoFAKB4
# MBgGCisGAQQBgjcCAQwxCjAIoAKAAKECgAAwGQYJKoZIhvcNAQkDMQwGCisGAQQB
# gjcCAQQwHAYKKwYBBAGCNwIBCzEOMAwGCisGAQQBgjcCARUwIwYJKoZIhvcNAQkE
# MRYEFEY0nLzbWlSaqHAF2uxoHQ36BKEoMA0GCSqGSIb3DQEBAQUABIIBAHhpwDyh
# lz6r6kR7BYJtfhyFnNrLcwqbOLIF1FmnHBifOy0F0GkHJ6A8wUSADYn2rDoM7Oea
# EOMA+9NEzQe1faCzRxqJg8kHFeO+U6AEjjWE4S7pQVF/6EoZjI2lckOExC9aK4qA
# ZUEDTTrQiQ7G1nwzu1kLot7lkcU91z+wXLd2spnxhpe3V8JjJ9u0AEY0vRs82CJF
# 4Yn+qNu+A/bjuWUhAS9TM7C098QzGCrAyFHqMFcYLyGHPK4a9g9OFI09R6g01Qpx
# 3Ec8qiYO5xwdQSQR1BlML8WE8AFAu2N1/tKmR2Yyz7slCCrA0B47Ao9aXsnheLCz
# 9ZyGc4M6o9kDuK0=
# SIG # End signature block