Scripts/Update-Table.ps1
|
function Update-Table { [CmdletBinding()] param( [Parameter(Mandatory=$true)] [Array]$AD_Account_list, [Parameter(Mandatory=$true)] [string]$SafeName, [Parameter(Mandatory=$true)] [string]$resourceGroup, [Parameter(Mandatory=$true)] [string]$storageAccount, [Parameter(Mandatory=$true)] [string]$tableName, [Parameter(Mandatory=$true)] [string]$BaseURI, [Parameter(Mandatory=$true)] [PSCredential]$credential ) #inialize variables $rows_updated = 0 $rows_added = 0 $rows_deleted = 0 $rows_not_updated = 0 $rows_not_added = 0 $rows_not_deleted = 0 #$date = Get-Date #get cloudTable context $StorageKey=(Get-AzStorageAccountKey -ResourceGroupName $resourceGroup -Name $storageAccount).Value[0] $ctx = New-AzStorageContext -StorageAccountName $storageAccount -StorageAccountKey $StorageKey $cloudTable = (Get-AzStorageTable –Name $tableName –Context $ctx).CloudTable #get all rows from confUpdate table [array]$v_confUpdate = Get-AzTableRow -table $cloudTable -partitionKey $SafeName $v_confUpdate_verify = $v_confUpdate | Where-Object verified -eq $false if(($null -ne $v_confUpdate_verify) -and ($null -ne $v_confUpdate)){ Foreach($account in $v_confUpdate_verify){ #pull new password from vault try{ [SecureString]$newPW = Get-PWVCred -credential $credential -SafeName $SafeName -Account $account.userID -BaseURI $BaseURI #verify process is able to run $Permission_Check = Get-Authorization -Computer $account.MTR -Account $account.userID -password_secure $newPW -remote_access_creds $credential }catch{ Write-Error $_ } if($Permission_Check.Proceed){ $account.verified = $true } $current = Get-AzTableRow -table $cloudTable -partitionKey $SafeName -RowKey ($account.userID) $current.verified = $account.verified $updaterow = $current | Update-AzTableRow -Table $cloudTable } } [array]$v_confUpdate = Get-AzTableRow -table $cloudTable -partitionKey $SafeName #This will delete any row that matches via rowkey and then recreate with the new data. While updating storage it is checking keys to find if the password changed. $Password_Change_List = Foreach($account in $AD_Account_list){ $pwchanged_key = $account.pwchanged_key $s = Get-AzTableRow -table $cloudTable -partitionKey $SafeName -RowKey $account.userID if($null -eq $s) { #If record does not exist on table add to table. $add_row = Add-AzTableRow -table $cloudTable -partitionKey $SafeName -RowKey ($account.userID) -property @{"userID"=$account.userID;"safeName"=$account.safeName;"userID_employeeType"=$account.userID_employeeType;"userID_Enabled"=$account.userID_Enabled;"userID_Locked"=$account.userID_Locked;"userID_LastLogonDate"=$account.userID_LastLogonDate;"userID_PasswordLastSet"=$account.userID_PasswordLastSet;"pwchanged_key"=$account.pwchanged_key;"verified"=$account.verified;"MTR"=$account.MTR} if($add_row.HttpStatusCode -eq 204){ $rows_added += 1 } else { $rows_not_added +=1 } } Else { #check if password changed on each account and store the results in Password_Change_List if(!($v_confUpdate.pwchanged_key.Contains($pwchanged_key))){ $pw_changed = $true [PSCustomObject]@{ account = $account.userID password_changed = $true MTR = $account.MTR } } else { $pw_changed = $false [PSCustomObject]@{ account = $account.userID password_changed = $false MTR = $account.MTR } } #Update data try{ $AD_Object = $AD_Account_list | Where-Object userID -eq $account.userID $update = Get-AzTableRow -table $cloudTable -partitionKey $safeName -RowKey ($account.userID) if($pw_changed){ $update.verified = $false } Else { $update.verified = ($v_confUpdate | Where-Object userID -eq $account.userID).verified } $update.userID_Enabled = $AD_Object.userID_Enabled $update.userID_Locked = $AD_Object.userID_Locked $update.userID_LastLogonDate = $AD_Object.userID_LastLogonDate $update.userID_PasswordLastSet = $AD_Object.userID_PasswordLastSet $update.pwchanged_key = $AD_Object.pwchanged_key $update_data = $update | Update-AzTableRow -table $cloudTable if($update_data.HttpStatusCode -eq 204){ $rows_updated += 1 } else { $rows_not_updated +=1 } } catch {Write-Error "Error updating data for $account.userID"} } } #Verifies that all all records were updated in table storage - will return true/false based on if $upload_count = $rows_updated + $rows_added $total_updates = $rows_updated + $rows_added $table_update_successfull = $total_updates -eq $AD_Account_list.count #will return the Password_Change_List if table_update_sucessfull is true. if($table_update_successfull){ return $Password_Change_List } else { $returnObject = [PSCustomObject]@{ table_update_successfull = $false rows_updated = $rows_updated rows_added = $rows_added rows_deleted = $rows_deleted rows_not_updated = $rows_not_updated rows_not_added = $rows_not_added rows_not_deleted = $rows_not_deleted } return $returnObject } } |