Skip to content
Permalink
Branch: master
Find file Copy path
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
207 lines (148 sloc) 5.88 KB
function Connect-vRAServer {
<#
.SYNOPSIS
Connect to a vRA Server
.DESCRIPTION
Connect to a vRA Server and generate a connection object with Servername, Token etc
.PARAMETER Server
vRA Server to connect to
.PARAMETER Tenant
Tenant to connect to
.PARAMETER Username
Username to connect with
For domain accounts ensure to specify the Username in the format username@domain, not Domain\Username
.PARAMETER Password
Password to connect with
.PARAMETER Credential
Credential object to connect with
For domain accounts ensure to specify the Username in the format username@domain, not Domain\Username
.PARAMETER IgnoreCertRequirements
Ignore requirements to use fully signed certificates
.PARAMETER SslProtocol
Alternative Ssl protocol to use from the default
Requires vRA 7.x and above
Windows PowerShell: Ssl3, Tls, Tls11, Tls12
PowerShell Core: Tls, Tls11, Tls12
.INPUTS
System.String
System.SecureString
Management.Automation.PSCredential
Switch
.OUTPUTS
System.Management.Automation.PSObject.
.EXAMPLE
$cred = Get-Credential
Connect-vRAServer -Server vraappliance01.domain.local -Tenant Tenant01 -Credential $cred
.EXAMPLE
$SecurePassword = ConvertTo-SecureString “P@ssword” -AsPlainText -Force
Connect-vRAServer -Server vraappliance01.domain.local -Tenant Tenant01 -Username TenantAdmin01 -Password $SecurePassword -IgnoreCertRequirements
#>
[CmdletBinding(DefaultParametersetName="Username")][OutputType('System.Management.Automation.PSObject')]
Param (
[parameter(Mandatory=$true)]
[ValidateNotNullOrEmpty()]
[String]$Server,
[parameter(Mandatory=$false)]
[ValidateNotNullOrEmpty()]
[String]$Tenant = "vsphere.local",
[parameter(Mandatory=$true,ParameterSetName="Username")]
[ValidateNotNullOrEmpty()]
[String]$Username,
[parameter(Mandatory=$true,ParameterSetName="Username")]
[ValidateNotNullOrEmpty()]
[SecureString]$Password,
[Parameter(Mandatory=$true,ParameterSetName="Credential")]
[ValidateNotNullOrEmpty()]
[Management.Automation.PSCredential]$Credential,
[parameter(Mandatory=$false)]
[Switch]$IgnoreCertRequirements,
[parameter(Mandatory=$false)]
[ValidateSet('Ssl3', 'Tls', 'Tls11', 'Tls12')]
[String]$SslProtocol
)
# --- Handle untrusted certificates if necessary
$SignedCertificates = $true
if ($PSBoundParameters.ContainsKey("IgnoreCertRequirements") ){
if (!$IsCoreCLR) {
if ( -not ("TrustAllCertsPolicy" -as [type])) {
Add-Type @"
using System.Net;
using System.Security.Cryptography.X509Certificates;
public class TrustAllCertsPolicy : ICertificatePolicy {
public bool CheckValidationResult(
ServicePoint srvPoint, X509Certificate certificate,
WebRequest request, int certificateProblem) {
return true;
}
}
"@
}
[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy
}
$SignedCertificates = $false
}
# --- Security Protocol
$SslProtocolResult = 'Default'
if ($PSBoundParameters.ContainsKey("SslProtocol") ){
if (!$IsCoreCLR) {
$CurrentProtocols = ([System.Net.ServicePointManager]::SecurityProtocol).toString() -split ', '
if (!($SslProtocol -in $CurrentProtocols)){
[System.Net.ServicePointManager]::SecurityProtocol += [System.Net.SecurityProtocolType]::$($SslProtocol)
}
}
$SslProtocolResult = $SslProtocol
}
# --- Convert Secure Credentials to a format for sending in the JSON payload
if ($PSBoundParameters.ContainsKey("Credential")){
$Username = $Credential.UserName
$JSONPassword = $Credential.GetNetworkCredential().Password
}
if ($PSBoundParameters.ContainsKey("Password")){
$JSONPassword = (New-Object System.Management.Automation.PSCredential("username", $Password)).GetNetworkCredential().Password
}
# --- Test for a '\' in the username, e.g. DOMAIN\Username, not supported by the API
if ($Username -match '\\'){
throw "The Username format DOMAIN\Username is not supported by the vRA REST API. Please use username@domain instead"
}
try {
# --- Create Invoke-RestMethod Parameters
$JSON = @{
username = $Username
password = $JSONPassword
tenant = $Tenant
} | ConvertTo-Json
$Params = @{
Method = "POST"
URI = "https://$($Server)/identity/api/tokens"
Headers = @{
"Accept"="application/json";
"Content-Type" = "application/json";
}
Body = $JSON
}
if ((!$SignedCertificate) -and ($IsCoreCLR)) {
$Params.Add("SkipCertificateCheck", $true)
}
if (($SslProtocolResult -ne 'Default') -and ($IsCoreCLR)) {
$Params.Add("SslProtocol", $SslProtocol)
}
$Response = Invoke-RestMethod @Params
# --- Create Output Object
$Global:vRAConnection = [PSCustomObject] @{
Server = "https://$($Server)"
Token = $Response.id
Tenant = $Null
Username = $Username
APIVersion = $Null
SignedCertificates = $SignedCertificates
SslProtocol = $SslProtocolResult
}
# --- Update vRAConnection with tenant and api version
$Global:vRAConnection.Tenant = (Get-vRATenant -Id $Tenant).id
$Global:vRAConnection.APIVersion = (Get-vRAVersion).APIVersion
}
catch [Exception]{
throw
}
Write-Output $vRAConnection
}
You can’t perform that action at this time.