Functions/Accounts/Disable-PASCPMAutoManagement.ps1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
function Disable-PASCPMAutoManagement {
    <#
.SYNOPSIS
Disables an account for Automatic CPM Management.
 
.DESCRIPTION
Disables an account for CPM management by setting automaticManagementEnabled to $false,
and optionally sets a value for manualManagementReason.
 
.PARAMETER AccountID
The ID of the account to disable automaic CPM management.
 
.PARAMETER Reason
The value to set for manualManagementReason
 
.EXAMPLE
Disables-PASCPMAutoManagement -AccountID 543_2
 
Sets automaticManagementEnabled to $false on account with ID 543_2
 
.EXAMPLE
Disables-PASCPMAutoManagement -AccountID 543_2 -Reason "Some Reason"
 
Sets automaticManagementEnabled to $false & sets manualManagementReason on account with ID 543_2
 
.NOTES
Applicable to and requires 10.4+
 
.LINK
https://pspas.pspete.dev/commands/Disable-PASCPMAutoManagement
#>

    [CmdletBinding()]
    param(
        [parameter(
            Mandatory = $true,
            ValueFromPipelinebyPropertyName = $true
        )]
        [Alias("id")]
        [string]$AccountID,

        [parameter(
            Mandatory = $false,
            ValueFromPipelinebyPropertyName = $true,
            ParameterSetName = "manualManagementReason"
        )]
        [string]$Reason

    )

    BEGIN {

        $MinimumVersion = [System.Version]"10.4"

        $ops = [Collections.Generic.List[Object]]@(
            @{
                "path"  = "/secretManagement/automaticManagementEnabled"
                "op"    = "replace"
                "value" = $false
            }
        )

    }#begin

    PROCESS {

        Assert-VersionRequirement -ExternalVersion $Script:ExternalVersion -RequiredVersion $MinimumVersion

        if ($PSCmdlet.ParameterSetName -eq "manualManagementReason") {

            $null = $ops.Add(@{
                    "path"  = "/secretManagement/manualManagementReason"
                    "op"    = "replace"
                    "value" = $Reason
                })
        }

        Set-PASAccount -AccountID $AccountID -operations $ops

    }#process

    END { }#end

}