vdbtools.psm1
#Region '.\private\Get-VdbIssuingCaName.ps1' 0 function Get-VdbIssuingCaName { "CN=HP Inc Private Root CA, OU=Infrastructure Services, O=HP Inc, C=US" } #EndRegion '.\private\Get-VdbIssuingCaName.ps1' 4 #Region '.\private\Get-VdbReaderFriendlyName.ps1' 0 function Get-VdbReaderFriendlyName { "VSC for SMARTCARD DB" } #EndRegion '.\private\Get-VdbReaderFriendlyName.ps1' 4 #Region '.\private\Test-Administrator.ps1' 0 function Test-Administrator { $user = [Security.Principal.WindowsIdentity]::GetCurrent(); (New-Object Security.Principal.WindowsPrincipal $user).IsInRole([Security.Principal.WindowsBuiltinRole]::Administrator) } #EndRegion '.\private\Test-Administrator.ps1' 5 #Region '.\public\Get-VDB.ps1' 0 function Get-VDB { [CmdletBinding()] param( [Parameter(HelpMessage="Friendly name of the VDB smartcard reader pnp device")] $FriendlyName = (Get-VdbReaderFriendlyName) ) $device = Get-VdbReader $FriendlyName $cert = Get-ChildItem Cert:\CurrentUser\My | Where-Object Issuer -eq (Get-VdbIssuingCaName) $status = switch ($device.Status) { {$_ -eq 'Ok' -and $cert} {'On'} {$_ -ne 'Ok' -and -not $cert} {'Off'} {$_ -eq 'Ok' -and -not $cert} {'Error: Reader but no certificate'} {$_ -ne 'Ok' -and $cert} {'Error: Certificate but no reader'} default {'Error: Unknown state'} } [PSCustomObject]@{ Status = $status SmartcardReader = $device Certificate = $cert } } #EndRegion '.\public\Get-VDB.ps1' 23 #Region '.\public\Get-VdbReader.ps1' 0 function Get-VdbReader { param ( $FriendlyName = (Get-VdbReaderFriendlyName) ) $device = Get-PnpDevice | Where-Object FriendlyName -eq $FriendlyName if ($device.Class -eq "SmartCardReader") { $device } else { write-error "$FriendlyName not a SmartCardReader" } } #EndRegion '.\public\Get-VdbReader.ps1' 12 #Region '.\public\Set-VDB.ps1' 0 <# .DESCRIPTION Controls the state of the Virtual Digital Badge. .PARAMETER State On - Enables the VDB smartcard reader pnp device - windows automatically adds the certificate from the smartcard. Off - Disables the VDB smartcard reader pnp device, and removes associated certificates from current user's personal cert store. .PARAMETER FriendlyName Friendly name of the VDB smartcard reader pnp device, as shown by get-pnpdevice, default is normally correct. .PARAMETER Passthru Return the VDB object after setting the state .EXAMPLE Enable VDB for use: PS> Set-VDB -State On using shorthand function: PS> vdb on getting the VDB object after setting: PS> Set-VDB -State On -Passthru #> function Set-VDB { [CmdletBinding(SupportsShouldProcess)] param( [Parameter(Mandatory, HelpMessage="Desired state of the Virtual Digital Badge")] [ValidateSet("On","Off")] [String]$State, [Parameter(HelpMessage="Friendly name of the VDB smartcard reader pnp device")] $FriendlyName = (Get-VdbReaderFriendlyName), [Switch]$Passthru ) if (Test-Administrator) { $ConfirmParam = if ($ConfirmPreference -eq "High") {@{Confirm = $false}} else {@{}} $device = Get-VdbReader $FriendlyName switch ($State) { "On" { $device | Enable-PnpDevice @ConfirmParam } "Off" { $device | Disable-PnpDevice @ConfirmParam Get-ChildItem Cert:\CurrentUser\My | Where-Object Issuer -eq (Get-VdbIssuingCaName) | Remove-Item @ConfirmParam } } if ($Passthru) { Get-Vdb -FriendlyName $FriendlyName } } else { write-warning "Setting VDB state requires elevation, run as administrator" } } #EndRegion '.\public\Set-VDB.ps1' 49 #Region '.\public\Switch-VDB.ps1' 0 # Switch (toggle) Virtual smartcard reader on and off function Switch-VDB { param ( $FriendlyName = (Get-VdbReaderFriendlyName) ) switch ((Get-Vdb @PSBoundParameters).Status) { "On" { Set-Vdb -State Off @PSBoundParameters } "Off" { Set-Vdb -State On @PSBoundParameters } Default { write-warning "Unknown VDB state" } } Get-Vdb @PSBoundParameters } #EndRegion '.\public\Switch-VDB.ps1' 15 #Region '.\public\vdb.ps1' 0 <# .DESCRIPTION Get the status of the VDB reader, or set the state of the VDB reader. Call with no parameters to get status of VDB (Get-VDB) .PARAMETER State On - Enables the VDB smartcard reader pnp device - windows automatically adds the certificate from the smartcard. Off - Disables the VDB smartcard reader pnp device, and removes associated certificates from current user's personal cert store. .PARAMETER FriendlyName Friendly name of the VDB smartcard reader pnp device, as shown by get-pnpdevice, default is normally correct. .EXAMPLE Enable VDB for use: PS> vdb on Get VDB status: PS> vdb #> function vdb { [CmdletBinding()] param( [Parameter(HelpMessage="Desired state of the Virtual Digital Badge")] [ValidateSet("On","Off")] [String]$State, [Parameter(HelpMessage="Friendly name of the VDB smartcard reader pnp device")] [String]$FriendlyName = (Get-VdbReaderFriendlyName) ) if ($State) { Set-VDB -State $State -FriendlyName $FriendlyName } else { Get-VDB -FriendlyName $FriendlyName } } #EndRegion '.\public\vdb.ps1' 32 |