# ------------------------------------------------------------------------------ # Example script : Using PowerShell to modify Cerberus users # ------------------------------------------------------------------------------ Param( # The URL to Cerberus.wsdl (Cerberus SOAP API Web Service Definition) [Parameter (Mandatory = $false, HelpMessage = "Enter the location of the Cerberus.wsdl file. May be a URL or a filesystem path." )] [String] $WSDLUrl = "https://localhost:8443/wsdl/Cerberus.wsdl" , # The Cerberus Primary Administrator Account credentials [Parameter (Mandatory = $false)] [PSCredential] $CerberusCredentials , # The SOAP Service endpoint. This value overrides the default service endpoint found in Cerberus.wsdl [Parameter (Mandatory = $false)] [String] $CerberusServiceUrl , # Enable if SOAP service uses HTTPS [Parameter (Mandatory=$false)] [switch] $EnableTls12 , # Enable if Cerberus FTP Server is using a self-signed certificate [Parameter (Mandatory=$false)] [switch] $DisableCertValidation ) # ------------------------------------------------------------------------------ # Setup SOAP Connection # ------------------------------------------------------------------------------ # Collect credentials if not provided in parameters if (-not $PSBoundParameters.containsKey('CerberusCredentials')) { $CerberusCredentials = Get-Credential -Message "Provide master admin credentials for Cerberus FTP Server" } if ($EnableTls12) { [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 } if ($DisableCertValidation) { if (-not("dummy" -as [type])) { add-type -TypeDefinition @" using System; using System.Net; using System.Net.Security; using System.Security.Cryptography.X509Certificates; public static class Dummy { public static bool ReturnTrue(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors) { return true; } public static RemoteCertificateValidationCallback GetDelegate() { return new RemoteCertificateValidationCallback(Dummy.ReturnTrue); } } "@ } [System.Net.ServicePointManager]::ServerCertificateValidationCallback = [dummy]::GetDelegate() } # Create Web Service Proxy object and CerberusFtp data-types $CerberusSvc = New-WebServiceProxy -Uri $WSDLUrl -Class CerberusFtp -Namespace CerberusFtp # Override default SOAP endpoint if provided in parameters if ($PSBoundParameters.ContainsKey($CerberusServiceUrl)){ $CerberusSvc.Url = $CerberusServiceUrl } # ------------------------------------------------------------------------------ # Create a New Test User # ------------------------------------------------------------------------------ # The username of the test account to be created, modified, and deleted $newTestUserName = "PsSOAPTestUser" # Create new AddUserRequest object [CerberusFtp.AddUserRequest] $addUserRequest = New-Object -TypeName CerberusFtp.AddUserRequest # Populate request object with Cerberus Admin credentials $addUserRequest.credentials = New-Object -TypeName CerberusFtp.Credentials $addUserRequest.credentials.user = $CerberusCredentials.UserName $addUserRequest.credentials.password = $CerberusCredentials.GetNetworkCredential().Password # Create new User object [CerberusFtp.User] $newUser = New-Object -TypeName CerberusFtp.User # Populate user object with user details $newUser.name = $newTestUserName $newUser.password = New-Object -TypeName CerberusFtp.Password $newUser.password.value = "TestPasswordChangeImmediately1234!@#$" $newUser.requirePasswordChange = $true $newUser.fname = "NewUserFrom" $newUser.sname = "PowerShell" $newUser.email = "NewTestUser@powershellExample.net" $newUser.desc = "This user was created from PowerShell using SOAP" # Test account not allowed to change its own password $newUser.isAllowPasswordChange = New-Object -TypeName CerberusFtp.UserPropertyBool $newUser.isAllowPasswordChange.value = $false $newUser.isAllowPasswordChange.valueSpecified = $true # Test account disabled $newUser.isDisabled = New-Object -TypeName CerberusFtp.UserPropertyBool $newUser.isDisabled.value = $true $newUser.isDisabled.valueSpecified = $true # Populate request object with new user object $addUserRequest.User = $newUser # Issue the AddUser request [CerberusFtp.AddUserResponse] $addUserResponse = $CerberusSvc.AddUser($addUserRequest) # Check response for success or failure if (-not $addUserResponse.result){ Write-Error "Failed to create user: $($addUserResponse.message)" } else { Write-Host "Successfully created user $newTestUserName" } # ------------------------------------------------------------------------------ # Get a list of All Cerberus Users # ------------------------------------------------------------------------------ # Create new GetUserListRequest object [CerberusFtp.GetUserListRequest] $getUserListRequest = New-Object CerberusFtp.GetUserListRequest # Populate request object with Cerberus Admin credentials $getUserListRequest.credentials = New-Object -TypeName CerberusFtp.Credentials $getUserListRequest.credentials.user = $CerberusCredentials.UserName $getUserListRequest.credentials.password = $CerberusCredentials.GetNetworkCredential().Password [CerberusFtp.GetUserListResponse] $getUserListResponse = $CerberusSvc.GetUserList($getUserListRequest) # Check response for success or failure if (-not $getUserListResponse.result){ Write-Error "Failed to retrieve user list: $($getUserListResponse.message)" } else { Write-Host "Successfully retrieved list of users" Write-Output $getUserListResponse.UserList if ($getUserListResponse.UserList -contains $newTestUserName){ Write-Host "$newTestUsername exists in the list of users" } else { Write-Host "$newTestUsername was not found in the list of users" } } # ------------------------------------------------------------------------------ # Modify Email Address of a User # ------------------------------------------------------------------------------ # Create new GetUserInformationRequest object [CerberusFtp.GetUserInformationRequest] $getUserInformationRequest = New-Object CerberusFtp.GetUserInformationRequest # Populate request object with Cerberus Admin credentials $getUserInformationRequest.credentials = New-Object -TypeName CerberusFtp.Credentials $getUserInformationRequest.credentials.user = $CerberusCredentials.UserName $getUserInformationRequest.credentials.password = $CerberusCredentials.GetNetworkCredential().Password # Populate request object with the username to retrieve $getUserInformationRequest.userName = $newTestUserName # Issue the getUserInformation request [CerberusFtp.GetUserInformationResponse] $getUserInformationResponse = $CerberusSvc.getUserInformation($getUserInformationRequest) # Check response for success or failure if (-not $getUserInformationResponse.result){ Write-Error "Failed to retrieve user: $($getUserInformationResponse.message)" } else { [CerberusFtp.User] $userToModify = $getUserInformationResponse.UserInformation $userToModify.email = "NewEmailAddress@powershellExample.net" # Populate an AddUserRequest object with the modified user object [CerberusFtp.AddUserRequest] $modifyUserRequest = New-Object CerberusFtp.AddUserRequest # Populate request object with Cerberus Admin credentials $modifyUserRequest.credentials = New-Object CerberusFtp.Credentials $modifyUserRequest.credentials.user = $CerberusCredentials.UserName $modifyUserRequest.credentials.password = $CerberusCredentials.GetNetworkCredential().Password # Copy the newly-modified user object to the $modifyUserRequest object $modifyUserRequest.User = $userToModify # Issue AddUser request to modify existing user [CerberusFtp.AddUserResponse] $modifyUserResponse = $CerberusSvc.AddUser($modifyUserRequest) # Check response for success or failure if (-not $modifyUserResponse.result){ Write-Error "Failed to update user: $($modifyUserResponse.message)" } else { Write-Host "Successfully updated email address of $($userToModify.name)" } } # ------------------------------------------------------------------------------ # Change Password of a User # ------------------------------------------------------------------------------ # Create new ChangePasswordRequest object [CerberusFtp.ChangePasswordRequest] $changePasswordRequest = New-Object CerberusFtp.ChangePasswordRequest # Populate request object with Cerberus Admin credentials $changePasswordRequest.credentials = New-Object CerberusFtp.Credentials $changePasswordRequest.credentials.user = $CerberusCredentials.UserName $changePasswordRequest.credentials.password = $CerberusCredentials.GetNetworkCredential().Password # Populate with the user whose password we wish to change $changePasswordRequest.userName = $newTestUserName # Setting adminPasswordReset to true allows us to change the password without knowing the existing password $changePasswordRequest.adminPasswordReset = $true $changePasswordRequest.adminPasswordResetSpecified = $true # Populate request with the desired password $changePasswordRequest.newPassword = "ThisIsANewPassword1234!@#$" # Issue the ChangePassword request [CerberusFtp.ChangePasswordResponse] $changePasswordResponse = $CerberusSvc.ChangePassword($changePasswordRequest) # Check response for success or failure if (-not $changePasswordResponse.result){ Write-Error "Failed to change password: $($changePasswordResponse.message)" } else { Write-Host "Successfully changed password for $newTestUserName" } # ------------------------------------------------------------------------------ # Add Virtual Directory to a User # ------------------------------------------------------------------------------ # Create a new AddDirectoryToUserRequest object [CerberusFtp.AddDirectoryToUserRequest] $addDirectoryRequest = New-Object -TypeName CerberusFtp.AddDirectoryToUserRequest # Populate request object with Cerberus Admin credentials $addDirectoryRequest.credentials = New-Object -TypeName CerberusFtp.Credentials $addDirectoryRequest.credentials.user = $CerberusCredentials.UserName $addDirectoryRequest.credentials.password = $CerberusCredentials.GetNetworkCredential().Password # Populate request object with the target username $addDirectoryRequest.userName = $newTestUserName # Create new VirtualDirectory object $addDirectoryRequest.directory = New-Object -TypeName CerberusFtp.VirtualDirectory # Populate virtual directory object with name, path, and permissions $addDirectoryRequest.directory.name = "NewRoot" $addDirectoryRequest.directory.path = "c:\testroot" $addDirectoryRequest.directory.permissions = New-Object -TypeName CerberusFtp.DirectoryPermissions # Grant download, upload, list files, list directories, rename, create, and delete $addDirectoryRequest.directory.permissions.allowDownload = $true $addDirectoryRequest.directory.permissions.allowDownloadSpecified = $true $addDirectoryRequest.directory.permissions.allowUpload = $true $addDirectoryRequest.directory.permissions.allowUploadSpecified = $true $addDirectoryRequest.directory.permissions.allowListDir = $true $addDirectoryRequest.directory.permissions.allowListFile = $true $addDirectoryRequest.directory.permissions.allowRename = $true $addDirectoryRequest.directory.permissions.allowRenameSpecified = $true $addDirectoryRequest.directory.permissions.allowDirectoryCreation= $true $addDirectoryRequest.directory.permissions.allowDelete= $true $addDirectoryRequest.directory.permissions.allowDeleteSpecified = $true # Issue the AddDirectoryToUser request [CerberusFtp.AddDirectoryToUserResponse] $addDirectoryResponse = $CerberusSvc.AddDirectoryToUser($addDirectoryRequest) # Check response for success or failure if (-not $addDirectoryResponse.result){ Write-Error "Failed to add virtual directory to user: $($addDirectoryResponse.message)" } else { Write-Host "Successfully added $($addDirectoryRequest.directory.name) to $newTestUserName" } # ------------------------------------------------------------------------------ # Delete a User # ------------------------------------------------------------------------------ # Create a new DeleteUserRequest object [CerberusFtp.DeleteUserRequest] $deleteUserRequest = New-Object -TypeName CerberusFtp.DeleteUserRequest # Populate request object with Cerberus Admin credentials $deleteUserRequest.credentials = New-Object CerberusFtp.Credentials $deleteUserRequest.credentials.user = $CerberusCredentials.UserName $deleteUserRequest.credentials.password = $CerberusCredentials.GetNetworkCredential().Password # Populate request object with username to be deleted $deleteUserRequest.name = $newTestUserName # Issue the DeleteUser request [CerberusFtp.DeleteUserResponse] $deleteUserResponse = $CerberusSvc.DeleteUser($deleteUserRequest) # Check response for success or failure if (-not $deleteUserResponse.result){ Write-Error "Failed to delete user $newTestUserName : $($deleteUserResponse.message)" } else { Write-Host "Successfully deleted $newTestUserName" }