From ce79e48126c8ffa72d06be341707219823fd6519 Mon Sep 17 00:00:00 2001 From: Ryan Johnson Date: Mon, 2 Oct 2023 11:17:13 -0400 Subject: [PATCH] chore: remove idp cmdlets (#237) Removes cmdlets that are not atomic in nature for this module: - Removed `Add-VCFEmbeddedIdentitySource` cmdlet and docs. - Removed `Add-VCFExternalIdentitySource` cmdlet and docs. - Removed `Update-VCFEmbeddedIdentitySource` cmdlet and docs. - Updated `Makefile` and `requirements.txt` for Mkdocs. - Updated module version to 2.4.0.0011. Signed-off-by: Ryan Johnson --- CHANGELOG.md | 3 - Makefile | 3 + PowerVCF.psd1 | 4 +- PowerVCF.psm1 | 365 ------------------ .../idp/Add-VCFEmbeddedIdentitySource.md | 207 ---------- .../idp/Add-VCFExternalIdentitySource.md | 231 ----------- .../idp/Update-VCFEmbeddedIdentitySource.md | 183 --------- docs/documentation/getting-started/install.md | 4 +- docs/requirements.txt | 4 +- mkdocs.yml | 3 - 10 files changed, 9 insertions(+), 998 deletions(-) delete mode 100644 docs/documentation/functions/idp/Add-VCFEmbeddedIdentitySource.md delete mode 100644 docs/documentation/functions/idp/Add-VCFExternalIdentitySource.md delete mode 100644 docs/documentation/functions/idp/Update-VCFEmbeddedIdentitySource.md diff --git a/CHANGELOG.md b/CHANGELOG.md index 5397d3328..ae22c54c7 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -14,10 +14,7 @@ - Added `Get-VCFIdentityProvider` cmdlet to retrieve the identity provider configuration. - Added `Remove-VCFIdentityProvider` cmdlet to delete an identity provider. - Added `New-VCFIdentityProvider` cmdlet to configure an embedded or external identity provider. -- Added `Add-VCFEmbeddedIdentitySource` cmdlet to add an embedded identity source. -- Added `Add-VCFExternalIdentitySource` cmdlet to add an external identity source. - Added `Update-VCFIdentityProvider` cmdlet to update the configuration of an embedded or external identity provider. -- Added `Update-VCFEmbeddedIdentitySource` cmdlet to update an embedded identity source. - Added cmdlet aliases: - Added `Get-VCFNsxManagerCluster` for `Get-VCFNsxtCluster`. - Added `Get-VCFNsxEdgeCluster` for `Get-VCFEdgeCluster`. diff --git a/Makefile b/Makefile index 637d1234b..8a9fa89a8 100644 --- a/Makefile +++ b/Makefile @@ -12,3 +12,6 @@ docs-serve-live: mkdocs serve --livereload -w ./ docs-build: mkdocs build +docs-uninstall: + pip uninstall mkdocs-material mkdocs -y + pip uninstall --requirement docs/requirements.txt -y diff --git a/PowerVCF.psd1 b/PowerVCF.psd1 index 99b3da8bd..de2bfe6d0 100644 --- a/PowerVCF.psd1 +++ b/PowerVCF.psd1 @@ -3,7 +3,7 @@ # # Generated by: VMware, Inc. # -# Generated on: 2023-09-22 +# Generated on: 2023-10-02 # @{ @@ -12,7 +12,7 @@ RootModule = 'PowerVCF.psm1' # Version number of this module. -ModuleVersion = '2.4.0.1010' +ModuleVersion = '2.4.0.1011' # Supported PSEditions # CompatiblePSEditions = @() diff --git a/PowerVCF.psm1 b/PowerVCF.psm1 index 1746d086d..23cd42cbe 100644 --- a/PowerVCF.psm1 +++ b/PowerVCF.psm1 @@ -5821,263 +5821,6 @@ Function New-VCFIdentityProvider { } Export-ModuleMember -Function New-VCFIdentityProvider -Function Add-VCFEmbeddedIdentitySource { - <# - .SYNOPSIS - Adds an embedded identity source. - - .DESCRIPTION - The Add-VCFEmbeddedIdentitySource cmdlet adds an embedded identity source. - - .EXAMPLE - Add-VCFEmbeddedIdentitySource -name "SFO01" -domainName "sfo.rainpole.io" -primaryLdapServerURL ldaps://sfo-ad01.sfo.rainpole.io:636 -username "svc-vsphere-ad@sfo.rainpole.io" -password "VMw@re123!" -groupsBaseDn "OU=Security Groups,DC=sfo,DC=rainpole,DC=io" -usersBaseDn "OU=Security Users,DC=sfo,DC=rainpole,DC=io" -ldapsCert F:\certificates\Root64.cer - This example shows how to add an Active Directory over LDAP server as identity source using LDAPS protocol with Certificate Authority signed certificate. - - .EXAMPLE - Add-VCFEmbeddedIdentitySource -name "SFO01" -domainName "sfo.rainpole.io" -primaryLdapServerURL ldaps://sfo-ad01.sfo.rainpole.io:636 -username "svc-vsphere-ad@sfo.rainpole.io" -password "VMw@re123!" -groupsBaseDn "OU=Security Groups,DC=sfo,DC=rainpole,DC=io" -usersBaseDn "OU=Security Users,DC=sfo,DC=rainpole,DC=io" -ldapsCert F:\certificates\Root64.cer,F:\certificates\cert1.cer - This example shows how to add an Active Directory over LDAP server as identity source using ldaps protocol with Certificate Authority signed certificates. - - .EXAMPLE - Add-VCFEmbeddedIdentitySource -name "SFO01" -domainName "sfo.rainpole.io" -primaryLdapServerURL ldap://sfo-ad01.sfo.rainpole.io:389 -username "svc-vsphere-ad@sfo.rainpole.io" -password "VMw@re123!" -groupsBaseDn "OU=Security Groups,DC=sfo,DC=rainpole,DC=io" -usersBaseDn "OU=Security Users,DC=sfo,DC=rainpole,DC=io" - This example shows how to add an Active Directory over LDAP server as identity source using LDAP protocol. - - .PARAMETER name - Specifies the name of the identity provider. - - .PARAMETER domainAlias - Specifies the domain alias. - - .PARAMETER domainName - Specifies the domain name. - - .PARAMETER username - Specifies the username. - - .PARAMETER password - Specifies the password. - - .PARAMETER ldapsCert - Specifies the LDAPS certificate file. - - .PARAMETER usersBaseDn - Specifies the base distinguished name (DN) for users. - - .PARAMETER groupsBaseDn - Specifies the base distinguished name (DN) for groups. - - .PARAMETER primaryLdapServerURL - Specifies the primary LDAP server URL. - - .PARAMETER secondaryLdapServerURL - Specifies the secondary LDAP server URL. - #> - - Param( - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$name, - [Parameter (Mandatory = $false)] [ValidateNotNullOrEmpty()] [String]$domainAlias, - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$domainName, - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$username, - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$password, - [Parameter (Mandatory = $false)] [ValidateNotNullOrEmpty()] $ldapsCert, - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$usersBaseDn, - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$groupsBaseDn, - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$primaryLdapServerURL, - [Parameter (Mandatory = $false)] [ValidateNotNullOrEmpty()] [String]$secondaryLdapServerURL - ) - - Try { - $serverEndpointsArray = $primaryLdapServerURL - $primaryLdapProtocol = ($primaryLdapServerURL).split(":")[0] - if ($PsBoundParameters.ContainsKey("secondaryLdapServerURL")) { - $secondaryLdapProtocol = ($secondaryLdapServerURL).split(":")[0] - $serverEndpointsArray = "$primaryLdapServerURL","$secondaryLdapServerURL" - } else { - $secondaryLdapProtocol = "False" - } - if (($primaryLdapProtocol -eq "ldaps") -or ($secondaryLdapProtocol -eq "ldaps")) { - if ($PsBoundParameters.ContainsKey("ldapsCert")) { - if ($ldapsCert.count -gt 1) { - $ldapsCertList = "" - foreach ($certfile in $ldapsCert.split(",")) { - $ldapsCertValue = [Convert]::ToBase64String([IO.File]::ReadAllBytes($certfile)) - $ldapsCertList += "$ldapsCertValue," - } - $ldapsCertArray = ($ldapsCertList.TrimEnd(',')).split(",") - } else { - $ldapsCertArray = [Convert]::ToBase64String([IO.File]::ReadAllBytes($ldapsCert)) - } - } else { - Write-Error ("LDAPS protocol is specified but ldapsCert file is not provided.") - Break - } - } else { - $ldapsCertArray = @() - } - $ldapObject = [pscustomobject]@{ - "name" = "$name" - "ldap" = [pscustomobject]@{ - "domainName" = "$domainName" - "password" = "$password" - "type" = "ActiveDirectory" - "username" = "$username" - "sourceDetails" = [pscustomobject]@{ - "certChain" = @($ldapsCertArray) - "serverEndpoints" = @($serverEndpointsArray) - "groupsBaseDn" = "$groupsBaseDn" - "usersBaseDn" = "$usersBaseDn" } - } - } - if ($PsBoundParameters.ContainsKey("domainAlias")) { - $ldapObject.ldap | Add-Member -Type NoteProperty -Name domainAlias -Value "$domainAlias" - } - $json = $ldapObject | ConvertTo-Json -Depth 6 - New-VCFIdentityProvider -Type Embedded -json $json - } Catch { - ResponseException -Object $_ - } -} -Export-ModuleMember -Function Add-VCFEmbeddedIdentitySource - -Function Add-VCFExternalIdentitySource { - <# - .SYNOPSIS - Adds an external identity source. - - .DESCRIPTION - The Add-VCFExternalIdentitySource cmdlet adds an external identity source. - - .EXAMPLE - Add-VCFExternalIdentitySource -name "ADFS01" -username "svc-vcf-ca@rainpole.io" -password VMw@re123! -usersBaseDn "OU=Security Users,DC=rainpole,DC=io" -groupsBaseDn "OU=Security Groups,DC=rainpole,DC=io" -primaryLdapServerURL "ldaps://rpl-dc01.rainpole.io:636" -clientId "d49b72f6-ec04-41bb-bad6-aad368af2fe5" -clientSecret "HFEH59piO3NfzbFp9O5rGskCVEdBQ_aM8dTPo8wer" -discoveryEndpoint "https://rpl-dc01.rainpole.io/adfs/.well-known/openid-configuration" -adfsCert F:\certificates\adfsroot.cer -ldapsCert F:\certificates\ldapscert1.cer - This example shows how to add Active Directory Federation Services (AD FS) as an external identity provider using LDAPS protocol with Certificate Authority signed certificate. - - .EXAMPLE - Add-VCFExternalIdentitySource -name "SFO01" -domainName "sfo.rainpole.io" -primaryLdapServerURL ldap://sfo-ad01.sfo.rainpole.io:389 -username "svc-vsphere-ad@sfo.rainpole.io" -password "VMw@re123!" -usersBaseDn "OU=Security Users,DC=sfo,DC=rainpole,DC=io" -groupsBaseDn "OU=Security Groups,DC=sfo,DC=rainpole,DC=io" - This example shows how to add Active Directory Federation Services (AD FS) as an external identity provider using LDAP protocol. - - .PARAMETER name - Specifies the name of the identity provider. - - .PARAMETER adfsCert - Specifies the certificate file for the Active Directory Federation Services (AD FS) server. - - .PARAMETER username - Specifies the username for the Active Directory Federation Services (AD FS) server. - - .PARAMETER password - Specifies the password for the Active Directory Federation Services (AD FS) server. - - .PARAMETER usersBaseDn - Specifies the base distinguished name (DN) for the users. - - .PARAMETER groupsBaseDn - Specifies the base distinguished name (DN) for the groups. - - .PARAMETER ldapsCert - Specifies the certificate file for the LDAP server. - - .PARAMETER clientId - Specifies the client ID for the Active Directory Federation Services (AD FS) server. - - .PARAMETER clientSecret - Specifies the client secret for the Active Directory Federation Services (AD FS) server. - - .PARAMETER discoveryEndpoint - Specifies the discovery endpoint for the Active Directory Federation Services (AD FS) server. - - .PARAMETER primaryLdapServerURL - Specifies the primary LDAP server URL. - - .PARAMETER secondaryLdapServerURL - Specifies the secondary LDAP server URL. - #> - - Param( - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$name, - [Parameter (Mandatory = $false)] [ValidateNotNullOrEmpty()] $adfsCert, - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$username, - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$password, - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$usersBaseDn, - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$groupsBaseDn, - [Parameter (Mandatory = $false)] [ValidateNotNullOrEmpty()] $ldapsCert, - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$clientId, - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$clientSecret, - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$discoveryEndpoint, - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$primaryLdapServerURL, - [Parameter (Mandatory = $false)] [ValidateNotNullOrEmpty()] [String]$secondaryLdapServerURL - ) - - Try { - if ($PsBoundParameters.ContainsKey("adfsCert")) { - if ($adfsCert.count -gt 1) { - $adfsCertList = "" - foreach ($adfscertfile in $adfsCert.split(",")) { - $adfsCertValue = [Convert]::ToBase64String([IO.File]::ReadAllBytes($adfscertfile)) - $adfsCertList += "$adfsCertValue," - } - $adfsCertList = $adfsCertList.TrimEnd(',') - $adfsCertArray = $adfsCertList.split(",") - } else { - $adfsCertValue = [Convert]::ToBase64String([IO.File]::ReadAllBytes($adfsCert)) - $adfsCertArray += $adfsCertValue - } - } else { - $adfsCertArray = @() - } - $serverEndpointsArray = $primaryLdapServerURL - $primaryLdapProtocol = ($primaryLdapServerURL).split(":")[0] - if ($PsBoundParameters.ContainsKey("secondaryLdapServerURL")) { - $secondaryLdapProtocol = ($secondaryLdapServerURL).split(":")[0] - $serverEndpointsArray = "$primaryLdapServerURL","$secondaryLdapServerURL" - } else { - $secondaryLdapProtocol = "False" - } - if (($primaryLdapProtocol -eq "ldaps") -or ($secondaryLdapProtocol -eq "ldaps")) { - if ($PsBoundParameters.ContainsKey("ldapsCert")) { - if ($ldapsCert.count -gt 1) { - $ldapCertlist = "" - foreach ($cert in $ldapsCert.split(",")) { - $ldapCertvalue = [Convert]::ToBase64String([IO.File]::ReadAllBytes($cert)) - $ldapCertlist += "$ldapCertvalue," - } - $ldapCertarray = ($ldapCertlist.TrimEnd(',')).split(",") - } else { - $ldapCertarray = [Convert]::ToBase64String([IO.File]::ReadAllBytes($ldapsCert)) - } - } else { - Write-Error ("LDAPS protocol is specified but ldapsCert file is not provided.") - Break - } - } else { - $ldapCertarray = @() - } - $ldapObject = [pscustomobject]@{ - "name" = "$name" - "type" = "AD_FS" - "certChain" = @($adfsCertArray) - "ldap" = [pscustomobject]@{ - "username" = "$username" - "password" = "$password" - "sourceDetails" = [pscustomobject]@{ - "certChain" = @($ldapCertarray) - "serverEndpoints" = @($serverEndpointsArray) - "groupsBaseDn" = "$groupsBaseDn" - "usersBaseDn" = "$usersBaseDn" - } - } - "oidc" = [pscustomobject]@{ - "clientId" = "$clientId" - "clientSecret" = "$clientSecret" - "discoveryEndpoint" = "$discoveryEndpoint" - } - } - $json = $ldapObject | ConvertTo-Json -Depth 6 - New-VCFIdentityProvider -Type "Microsoft ADFS" -json $json - } Catch { - ResponseException -Object $_ - } -} -Export-ModuleMember -Function Add-VCFExternalIdentitySource - Function Update-VCFIdentityProvider { <# .SYNOPSIS @@ -6133,114 +5876,6 @@ Function Update-VCFIdentityProvider { } Export-ModuleMember -Function Update-VCFIdentityProvider -Function Update-VCFEmbeddedIdentitySource { - <# - .SYNOPSIS - Updates an embedded identity source. - - .DESCRIPTION - The Update-VCFEmbeddedIdentitySource cmdlet updates an embedded identity source. - - .EXAMPLE - Update-VCFEmbeddedIdentitySource -domainName sfo.rainpole.io -password VMw@re123! -primaryLdapServerURL ldaps://sfo-ad01.sfo.rainpole.io:636 -ldapsCert F:\certificates\Root64.cer - This example shows how to update an existing Active Directory over LDAP server using LDAPS protocol with Certificate Authority signed certificate. - - .EXAMPLE - Update-VCFEmbeddedIdentitySource -domainName sfo.rainpole.io -password VMw@re123! -secondaryLdapServerURL ldap://sfo-ad01.sfo.rainpole.io:389 - This example shows how to update an existing Active Directory server over LDAP with a secondary LDAP server. - - .PARAMETER name - Specifies the name of the identity provider. - - .PARAMETER domainName - Specifies the domain name of the identity provider. - - .PARAMETER username - Specifies the username for the identity provider. - - .PARAMETER password - Specifies the password for the identity provider. - - .PARAMETER ldapsCert - Specifies the LDAPS certificate file. - - .PARAMETER usersBaseDn - Specifies the base distinguished name (DN) for users. - - .PARAMETER groupsBaseDn - Specifies the base distinguished name (DN) for groups. - - .PARAMETER primaryLdapServerURL - Specifies the primary LDAP server URL. - - .PARAMETER secondaryLdapServerURL - Specifies the secondary LDAP server URL. - #> - - Param ( - [Parameter (Mandatory = $false)] [ValidateNotNullOrEmpty()] [String]$name, - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$domainName, - [Parameter (Mandatory = $false)] [ValidateNotNullOrEmpty()] [String]$username, - [Parameter (Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$password, - [Parameter (Mandatory = $false)] [ValidateNotNullOrEmpty()] $ldapsCert, - [Parameter (Mandatory = $false)] [ValidateNotNullOrEmpty()] [String]$usersBaseDn, - [Parameter (Mandatory = $false)] [ValidateNotNullOrEmpty()] [String]$groupsBaseDn, - [Parameter (Mandatory = $false)] [ValidateNotNullOrEmpty()] [String]$primaryLdapServerURL, - [Parameter (Mandatory = $false)] [ValidateNotNullOrEmpty()] [String]$secondaryLdapServerURL - ) - - Try { - $currentconfig = (Get-VCFIdentityProvider).identitySources | - ForEach-Object { if ($_.ldap.domainName -eq $domainName) { $_ } } - if ($currentconfig) { - if ($PsBoundParameters.ContainsKey("name")) { - $currentconfig.Name = $name - } - if ($PsBoundParameters.ContainsKey("username")) { - $currentconfig.ldap.username = $username - } - if ($PsBoundParameters.ContainsKey("usersBaseDn")) { - $currentconfig.ldap.sourceDetails.usersBaseDn =$usersBaseDn - } - if ($PsBoundParameters.ContainsKey("groupsBaseDn")) { - $currentconfig.ldap.sourceDetails.groupsBaseDn = $groupsBaseDn - } - if ($PsBoundParameters.ContainsKey("primaryLdapServerURL")) { - ($currentconfig.ldap.sourceDetails.serverEndpoints)[0] = $primaryLdapServerURL - } - if ($PsBoundParameters.ContainsKey("secondaryLdapServerURL")) { - if (($currentconfig.ldap.sourceDetails.serverEndpoints)[1]) { - ($currentconfig.ldap.sourceDetails.serverEndpoints)[1] = $secondaryLdapServerURL - } else { - $currentconfig.ldap.sourceDetails.serverEndpoints += $secondaryLdapServerURL - } - } - if ($PsBoundParameters.ContainsKey("ldapsCert")) { - if ($ldapsCert.count -gt 1) { - $ldapsCertList = "" - foreach ($cert in $ldapsCert.split(",")) { - $ldapsCertValue = [Convert]::ToBase64String([IO.File]::ReadAllBytes($cert)) - $ldapsCertList += "$ldapsCertValue," - } - $ldapsCertArray = ($ldapsCertList.TrimEnd(',')).split(",") - } else { - $ldapsCertArray = [Convert]::ToBase64String([IO.File]::ReadAllBytes($ldapsCert)) - } - $currentconfig.ldap.sourceDetails.certChain = @($ldapsCertArray) - } - $currentconfig.ldap | Add-Member -Type NoteProperty -Name password -Value $password - $json = $currentconfig | ConvertTo-Json -Depth 6 - Update-VCFIdentityProvider -Type Embedded -DomainName $domainName -json $json - } else { - Write-Error "Domain $domainName does not exist or is not accessible." - Break - } - } Catch { - ResponseException -Object $_ - } -} -Export-ModuleMember -Function Update-VCFEmbeddedIdentitySource - #EndRegion APIs for managing Identity Providers #Region APIs for managing Validations (Not Exported) diff --git a/docs/documentation/functions/idp/Add-VCFEmbeddedIdentitySource.md b/docs/documentation/functions/idp/Add-VCFEmbeddedIdentitySource.md deleted file mode 100644 index c97dbfa30..000000000 --- a/docs/documentation/functions/idp/Add-VCFEmbeddedIdentitySource.md +++ /dev/null @@ -1,207 +0,0 @@ -# Add-VCFEmbeddedIdentitySource - -## Synopsis - -Adds an embedded identity source. - -## Syntax - -```powershell -Add-VCFEmbeddedIdentitySource [-name] [[-domainAlias] ] [-domainName] [-username] [-password] [[-ldapsCert] ] [-usersBaseDn] [-groupsBaseDn] [-primaryLdapServerURL] [[-secondaryLdapServerURL] ] [] -``` - -## Description - -The `Add-VCFEmbeddedIdentitySource` cmdlet adds an embedded identity source. - -## Examples - -### Example 1 - -```powershell -Add-VCFEmbeddedIdentitySource -name "SFO01" -domainName "sfo.rainpole.io" -primaryLdapServerURL ldaps://sfo-ad01.sfo.rainpole.io:636 -username "svc-vsphere-ad@sfo.rainpole.io" -password "VMw@re123!" -groupsBaseDn "OU=Security Groups,DC=sfo,DC=rainpole,DC=io" -usersBaseDn "OU=Security Users,DC=sfo,DC=rainpole,DC=io" -ldapsCert F:\certificates\Root64.cer -``` - -This example shows how to add an Active Directory over LDAP server as identity source using LDAPS protocol with Certificate Authority signed certificate. - -### Example 2 - -```powershell -Add-VCFEmbeddedIdentitySource -name "SFO01" -domainName "sfo.rainpole.io" -primaryLdapServerURL ldaps://sfo-ad01.sfo.rainpole.io:636 -username "svc-vsphere-ad@sfo.rainpole.io" -password "VMw@re123!" -groupsBaseDn "OU=Security Groups,DC=sfo,DC=rainpole,DC=io" -usersBaseDn "OU=Security Users,DC=sfo,DC=rainpole,DC=io" -ldapsCert F:\certificates\Root64.cer,F:\certificates\cert1.cer -``` - -This example shows how to add an Active Directory over LDAP server as identity source using ldaps protocol with Certificate Authority signed certificates. - -### Example 3 - -```powershell -Add-VCFEmbeddedIdentitySource -name "SFO01" -domainName "sfo.rainpole.io" -primaryLdapServerURL ldap://sfo-ad01.sfo.rainpole.io:389 -username "svc-vsphere-ad@sfo.rainpole.io" -password "VMw@re123!" -groupsBaseDn "OU=Security Groups,DC=sfo,DC=rainpole,DC=io" -usersBaseDn "OU=Security Users,DC=sfo,DC=rainpole,DC=io" -``` - -This example shows how to add an Active Directory over LDAP server as identity source using LDAP protocol. - -## Parameters - -### -name - -Specifies the name of the identity provider. - -```yaml -Type: String -Parameter Sets: (All) -Aliases: - -Required: True -Position: 1 -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -domainAlias - -Specifies the domain alias. - -```yaml -Type: String -Parameter Sets: (All) -Aliases: - -Required: False -Position: 2 -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -domainName - -Specifies the domain name. - -```yaml -Type: String -Parameter Sets: (All) -Aliases: - -Required: True -Position: 3 -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -username - -Specifies the username. - -```yaml -Type: String -Parameter Sets: (All) -Aliases: - -Required: True -Position: 4 -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -password - -Specifies the password. - -```yaml -Type: String -Parameter Sets: (All) -Aliases: - -Required: True -Position: 5 -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -ldapsCert - -Specifies the LDAPS certificate file. - -```yaml -Type: Object -Parameter Sets: (All) -Aliases: - -Required: False -Position: 6 -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -usersBaseDn - -Specifies the base distinguished name (DN) for users. - -```yaml -Type: String -Parameter Sets: (All) -Aliases: - -Required: True -Position: 7 -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -groupsBaseDn - -Specifies the base distinguished name (DN) for groups. - -```yaml -Type: String -Parameter Sets: (All) -Aliases: - -Required: True -Position: 8 -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -primaryLdapServerURL - -Specifies the primary LDAP server URL. - -```yaml -Type: String -Parameter Sets: (All) -Aliases: - -Required: True -Position: 9 -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -secondaryLdapServerURL - -Specifies the secondary LDAP server URL. - -```yaml -Type: String -Parameter Sets: (All) -Aliases: - -Required: False -Position: 10 -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### Common Parameters - -This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). diff --git a/docs/documentation/functions/idp/Add-VCFExternalIdentitySource.md b/docs/documentation/functions/idp/Add-VCFExternalIdentitySource.md deleted file mode 100644 index a622ffdb1..000000000 --- a/docs/documentation/functions/idp/Add-VCFExternalIdentitySource.md +++ /dev/null @@ -1,231 +0,0 @@ -# Add-VCFExternalIdentitySource - -## Synopsis - -Adds an external identity source. - -## Syntax - -```powershell -Add-VCFExternalIdentitySource [-name] [[-adfsCert] ] [-username] [-password] [-usersBaseDn] [-groupsBaseDn] [[-ldapsCert] ] [-clientId] [-clientSecret] [-discoveryEndpoint] [-primaryLdapServerURL] [[-secondaryLdapServerURL] ] [] -``` - -## Description - -The `Add-VCFExternalIdentitySource` cmdlet adds an external identity source. - -## Examples - -### Example 1 - -```powershell -Add-VCFExternalIdentitySource -name "ADFS01" -username "svc-vcf-ca@rainpole.io" -password VMw@re123! -usersBaseDn "OU=Security Users,DC=rainpole,DC=io" -groupsBaseDn "OU=Security Groups,DC=rainpole,DC=io" -primaryLdapServerURL "ldaps://rpl-dc01.rainpole.io:636" -clientId "d49b72f6-ec04-41bb-bad6-aad368af2fe5" -clientSecret "HFEH59piO3NfzbFp9O5rGskCVEdBQ_aM8dTPo8wer" -discoveryEndpoint "https://rpl-dc01.rainpole.io/adfs/.well-known/openid-configuration" -adfsCert F:\certificates\adfsroot.cer -ldapsCert F:\certificates\ldapscert1.cer -``` - -This example shows how to add Active Directory Federation Services (AD FS) as an external identity provider using LDAPS protocol with Certificate Authority signed certificate. - -### Example 2 - -```powershell -Add-VCFExternalIdentitySource -name "SFO01" -domainName "sfo.rainpole.io" -primaryLdapServerURL ldap://sfo-ad01.sfo.rainpole.io:389 -username "svc-vsphere-ad@sfo.rainpole.io" -password "VMw@re123!" -usersBaseDn "OU=Security Users,DC=sfo,DC=rainpole,DC=io" -groupsBaseDn "OU=Security Groups,DC=sfo,DC=rainpole,DC=io" -``` - -This example shows how to add Active Directory Federation Services (AD FS) as an external identity provider using LDAP protocol. - -## Parameters - -### -name - -Specifies the name of the identity provider. - -```yaml -Type: String -Parameter Sets: (All) -Aliases: - -Required: True -Position: 1 -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -adfsCert - -Specifies the certificate file for the Active Directory Federation Services (AD FS) server. - -```yaml -Type: Object -Parameter Sets: (All) -Aliases: - -Required: False -Position: 2 -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -username - -Specifies the username for the Active Directory Federation Services (AD FS) server. - -```yaml -Type: String -Parameter Sets: (All) -Aliases: - -Required: True -Position: 3 -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -password - -Specifies the password for the Active Directory Federation Services (AD FS) server. - -```yaml -Type: String -Parameter Sets: (All) -Aliases: - -Required: True -Position: 4 -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -usersBaseDn - -Specifies the base distinguished name (DN) for the users. - -```yaml -Type: String -Parameter Sets: (All) -Aliases: - -Required: True -Position: 5 -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -groupsBaseDn - -Specifies the base distinguished name (DN) for the groups. - -```yaml -Type: String -Parameter Sets: (All) -Aliases: - -Required: True -Position: 6 -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -ldapsCert - -Specifies the certificate file for the LDAP server. - -```yaml -Type: Object -Parameter Sets: (All) -Aliases: - -Required: False -Position: 7 -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -clientId - -Specifies the client ID for the Active Directory Federation Services (AD FS) server. - -```yaml -Type: String -Parameter Sets: (All) -Aliases: - -Required: True -Position: 8 -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -clientSecret - -Specifies the client secret for the Active Directory Federation Services (AD FS) server. - -```yaml -Type: String -Parameter Sets: (All) -Aliases: - -Required: True -Position: 9 -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -discoveryEndpoint - -Specifies the discovery endpoint for the Active Directory Federation Services (AD FS) server. - -```yaml -Type: String -Parameter Sets: (All) -Aliases: - -Required: True -Position: 10 -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -primaryLdapServerURL - -Specifies the primary LDAP server URL. - -```yaml -Type: String -Parameter Sets: (All) -Aliases: - -Required: True -Position: 11 -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -secondaryLdapServerURL - -Specifies the secondary LDAP server URL. - -```yaml -Type: String -Parameter Sets: (All) -Aliases: - -Required: False -Position: 12 -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### Common Parameters - -This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). diff --git a/docs/documentation/functions/idp/Update-VCFEmbeddedIdentitySource.md b/docs/documentation/functions/idp/Update-VCFEmbeddedIdentitySource.md deleted file mode 100644 index 582a27f19..000000000 --- a/docs/documentation/functions/idp/Update-VCFEmbeddedIdentitySource.md +++ /dev/null @@ -1,183 +0,0 @@ -# Update-VCFEmbeddedIdentitySource - -## Synopsis - -Updates an embedded identity source. - -## Syntax - -```powershell -Update-VCFEmbeddedIdentitySource [[-name] ] [-domainName] [[-username] ] -``` - -## Description - -The `Update-VCFEmbeddedIdentitySource` cmdlet updates an embedded identity source. - -## Examples - -### Example 1 - -```powershell -Update-VCFEmbeddedIdentitySource -domainName sfo.rainpole.io -password VMw@re123! -primaryLdapServerURL ldaps://sfo-ad01.sfo.rainpole.io:636 -ldapsCert F:\certificates\Root64.cer -``` - -This example shows how to update an existing Active Directory over LDAP server using LDAPS protocol with Certificate Authority signed certificate. - -### Example 2 - -```powershell -Update-VCFEmbeddedIdentitySource -domainName sfo.rainpole.io -password VMw@re123! -secondaryLdapServerURL ldap://sfo-ad01.sfo.rainpole.io:389 -``` - -This example shows how to update an existing Active Directory server over LDAP with a secondary LDAP server. - -## Parameters - -### -name - -Specifies the name of the identity provider. - -```yaml -Type: String -Parameter Sets: (All) -Aliases: - -Required: False -Position: 1 -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -domainName - -Specifies the domain name of the identity provider. - -```yaml -Type: String -Parameter Sets: (All) -Aliases: - -Required: True -Position: 2 -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -username - -Specifies the username for the identity provider. - -```yaml -Type: String -Parameter Sets: (All) -Aliases: - -Required: False -Position: 3 -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -password - -Specifies the password for the identity provider. - -```yaml -Type: String -Parameter Sets: (All) -Aliases: - -Required: True -Position: 4 -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -ldapsCert - -Specifies the LDAPS certificate file. - -```yaml -Type: Object -Parameter Sets: (All) -Aliases: - -Required: False -Position: 5 -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -usersBaseDn - -Specifies the base distinguished name (DN) for users. - -```yaml -Type: String -Parameter Sets: (All) -Aliases: - -Required: False -Position: 6 -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -groupsBaseDn - -Specifies the base distinguished name (DN) for groups. - -```yaml -Type: String -Parameter Sets: (All) -Aliases: - -Required: False -Position: 7 -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -primaryLdapServerURL - -Specifies the primary LDAP server URL. - -```yaml -Type: String -Parameter Sets: (All) -Aliases: - -Required: False -Position: 8 -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -secondaryLdapServerURL - -Specifies the secondary LDAP server URL. - -```yaml -Type: String -Parameter Sets: (All) -Aliases: - -Required: False -Position: 9 -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### Common Parameters - -This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). diff --git a/docs/documentation/getting-started/install.md b/docs/documentation/getting-started/install.md index 3d6a16cf1..61387eda6 100644 --- a/docs/documentation/getting-started/install.md +++ b/docs/documentation/getting-started/install.md @@ -1,8 +1,8 @@ # Installing the Module -Verify that your system has a [supported edition and version](/powershell-module-for-vmware-cloud-foundation/#powershell) of PowerShell installed. +Verify that your system has a supported edition and version of PowerShell installed. -Install the PowerShell [module dependencies](/powershell-module-for-vmware-cloud-foundation/#module-dependencies) from the PowerShell Gallery by running the following commands: +Install the PowerShell module dependencies from the PowerShell Gallery by running the following commands: ```powershell --8<-- "./docs/snippets/install-module.ps1" diff --git a/docs/requirements.txt b/docs/requirements.txt index b3f33995a..e1502187f 100644 --- a/docs/requirements.txt +++ b/docs/requirements.txt @@ -1,5 +1,5 @@ -mkdocs-git-authors-plugin>=0.7.0 +mkdocs-git-authors-plugin>=0.7.2 mkdocs-git-revision-date-localized-plugin>=1.2.0 mkdocs-markdownextradata-plugin>=0.2.5 -mkdocs-minify-plugin>=0.6.4 +mkdocs-minify-plugin>=0.7.1 mkdocs-open-in-new-tab>=1.0.2 diff --git a/mkdocs.yml b/mkdocs.yml index 9e8d15c90..016ca4169 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -220,12 +220,9 @@ nav: - Roles: - documentation/functions/iam/Get-VCFRole.md - Identity Providers: - - documentation/functions/idp/Add-VCFEmbeddedIdentitySource.md - - documentation/functions/idp/Add-VCFExternalIdentitySource.md - documentation/functions/idp/Get-VCFIdentityProvider.md - documentation/functions/idp/New-VCFIdentityProvider.md - documentation/functions/idp/Remove-VCFIdentityProvider.md - - documentation/functions/idp/Update-VCFEmbeddedIdentitySource.md - documentation/functions/idp/Update-VCFIdentityProvider.md - Licenses: - documentation/functions/licenses/Get-VCFLicenseKey.md