Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Transition to Publish-PasswordHealth from Publish-LocalUserExpiry #90

Closed
4 tasks done
bhumitra opened this issue Feb 9, 2023 · 4 comments · Fixed by #111
Closed
4 tasks done

Transition to Publish-PasswordHealth from Publish-LocalUserExpiry #90

bhumitra opened this issue Feb 9, 2023 · 4 comments · Fixed by #111
Assignees
@tenthirtyam
Labels
enhancement Enhancement vcf/4 VMware Cloud Foundation 4.x
Milestone
v2.0.0

Comments

@bhumitra
Copy link
Contributor

bhumitra commented Feb 9, 2023
edited by tenthirtyam
Loading

Code of Conduct

  • I have read and agree to the project's Code of Conduct.
  • Vote on this issue by adding a 👍 reaction to the original issue initial description to help the maintainers prioritize.
  • Do not leave "+1" or other comments that do not add relevant information or questions.
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment.

Description

  • Publish-PasswordHealth reads data from SOS Utility and adds it to the html report. Before VCF 4.4, it didnt include local user account.
  • Publish-LocalUserExpiry connects to individual components in SDDC and collects the data from there including local user account.

As of 4.4, both cmdlets return the same data.

Use Case(s)

This enhancement will help:

  • Add the password expiry to the report.
  • Increases the speed of the report.

Potential Configuration

NA

References

No response
@bhumitra bhumitra added the enhancement Enhancement label Feb 9, 2023
@github-actions github-actions bot added the pending-review Pending Review label Feb 9, 2023
@bhumitra bhumitra changed the title Pivot to Publish-PasswordHealth instead of Publish-LocalUserExpiry for 4.4 and above Pivot to Publish-PasswordHealth instead of Publish-LocalUserExpiry for VCF 4.4 and above Feb 9, 2023
@tenthirtyam tenthirtyam removed the pending-review Pending Review label Feb 9, 2023
@tenthirtyam tenthirtyam added this to the Backlog milestone Feb 17, 2023
@tenthirtyam tenthirtyam changed the title Pivot to Publish-PasswordHealth instead of Publish-LocalUserExpiry for VCF 4.4 and above Transition to Publish-PasswordHealth from Publish-LocalUserExpiry Feb 24, 2023
@tenthirtyam
Copy link
Contributor

Duplicate of #40

@tenthirtyam tenthirtyam marked this as a duplicate of #40 Feb 24, 2023
@tenthirtyam
Copy link
Contributor

Closing this issue in favor of #40. Context from this issue has been copied to the preceding issue.

@tenthirtyam tenthirtyam removed this from the Backlog milestone Feb 24, 2023
@tenthirtyam tenthirtyam reopened this Mar 7, 2023
@tenthirtyam
Copy link
Contributor

Reopening this issue.

Taking a look at the information returned:

Publish-PasswordHealth

Component Resource                        Alert Message
--------- --------                        ----- -------
ESXI      sfo01-m01-esx01.sfo.rainpole.io GREEN ESXI password is set to never expired. Verified using command Check password expiry with PyVim
ESXI      sfo01-m01-esx01.sfo.rainpole.io GREEN ESXI password is set to never expired. Verified using command Check password expiry with PyVim
ESXI      sfo01-m01-esx02.sfo.rainpole.io GREEN ESXI password is set to never expired. Verified using command Check password expiry with PyVim
ESXI      sfo01-m01-esx02.sfo.rainpole.io GREEN ESXI password is set to never expired. Verified using command Check password expiry with PyVim
ESXI      sfo01-m01-esx03.sfo.rainpole.io GREEN ESXI password is set to never expired. Verified using command Check password expiry with PyVim
ESXI      sfo01-m01-esx03.sfo.rainpole.io GREEN ESXI password is set to never expired. Verified using command Check password expiry with PyVim
ESXI      sfo01-m01-esx04.sfo.rainpole.io GREEN ESXI password is set to never expired. Verified using command Check password expiry with PyVim
ESXI      sfo01-m01-esx04.sfo.rainpole.io GREEN ESXI password is set to never expired. Verified using command Check password expiry with PyVim
ESXI      sfo01-w01-esx01.sfo.rainpole.io GREEN ESXI password is set to never expired. Verified using command Check password expiry with PyVim
ESXI      sfo01-w01-esx01.sfo.rainpole.io GREEN ESXI password is set to never expired. Verified using command Check password expiry with PyVim
ESXI      sfo01-w01-esx02.sfo.rainpole.io GREEN ESXI password is set to never expired. Verified using command Check password expiry with PyVim
ESXI      sfo01-w01-esx02.sfo.rainpole.io GREEN ESXI password is set to never expired. Verified using command Check password expiry with PyVim
ESXI      sfo01-w01-esx03.sfo.rainpole.io GREEN ESXI password is set to never expired. Verified using command Check password expiry with PyVim
ESXI      sfo01-w01-esx03.sfo.rainpole.io GREEN ESXI password is set to never expired. Verified using command Check password expiry with PyVim
ESXI      sfo01-w01-esx04.sfo.rainpole.io GREEN ESXI password is set to never expired. Verified using command Check password expiry with PyVim
ESXI      sfo01-w01-esx04.sfo.rainpole.io GREEN ESXI password is set to never expired. Verified using command Check password expiry with PyVim
NSX       sfo-m01-en01.sfo.rainpole.io    GREEN NSX password expiration date is far enough. Verified using Check password expiry with v1/node/users API
NSX       sfo-m01-en01.sfo.rainpole.io    GREEN NSX password expiration date is far enough. Verified using Check password expiry with v1/node/users API
NSX       sfo-m01-en01.sfo.rainpole.io    GREEN NSX password expiration date is far enough. Verified using Check password expiry with v1/node/users API
NSX       sfo-m01-en02.sfo.rainpole.io    GREEN NSX password expiration date is far enough. Verified using Check password expiry with v1/node/users API
NSX       sfo-m01-en02.sfo.rainpole.io    GREEN NSX password expiration date is far enough. Verified using Check password expiry with v1/node/users API
NSX       sfo-m01-en02.sfo.rainpole.io    GREEN NSX password expiration date is far enough. Verified using Check password expiry with v1/node/users API
NSX       sfo-m01-nsx01.sfo.rainpole.io   GREEN NSX password expiration date is far enough. Verified using Check password expiry with v1/node/users API
NSX       sfo-m01-nsx01.sfo.rainpole.io   GREEN NSX password expiration date is far enough. Verified using Check password expiry with v1/node/users API
NSX       sfo-m01-nsx01.sfo.rainpole.io   GREEN NSX password expiration date is far enough. Verified using Check password expiry with v1/node/users API
NSX       sfo-w01-en01.sfo.rainpole.io    GREEN NSX password expiration date is far enough. Verified using Check password expiry with v1/node/users API
NSX       sfo-w01-en01.sfo.rainpole.io    GREEN NSX password expiration date is far enough. Verified using Check password expiry with v1/node/users API
NSX       sfo-w01-en01.sfo.rainpole.io    GREEN NSX password expiration date is far enough. Verified using Check password expiry with v1/node/users API
NSX       sfo-w01-en02.sfo.rainpole.io    GREEN NSX password expiration date is far enough. Verified using Check password expiry with v1/node/users API
NSX       sfo-w01-en02.sfo.rainpole.io    GREEN NSX password expiration date is far enough. Verified using Check password expiry with v1/node/users API
NSX       sfo-w01-en02.sfo.rainpole.io    GREEN NSX password expiration date is far enough. Verified using Check password expiry with v1/node/users API
NSX       sfo-w01-nsx01.sfo.rainpole.io   GREEN NSX password expiration date is far enough. Verified using Check password expiry with v1/node/users API
NSX       sfo-w01-nsx01.sfo.rainpole.io   GREEN NSX password expiration date is far enough. Verified using Check password expiry with v1/node/users API
SDDC      sfo-vcf01.sfo.rainpole.io       GREEN SDDC password expiration date is far enough. Verified using shell chage -l root
SDDC      sfo-vcf01.sfo.rainpole.io       GREEN SDDC password expiration date is far enough. Verified using shell chage -l vcf
SDDC      sfo-vcf01.sfo.rainpole.io       GREEN SDDC password expiration date is far enough. Verified using shell chage -l backup
vCenter   sfo-m01-vc01.sfo.rainpole.io    GREEN vCenter password expiration date is far enough. Verified using Check password expiry with api/appliance/local-accounts API
vCenter   sfo-w01-vc01.sfo.rainpole.io    GREEN vCenter password expiration date is far enough. Verified using Check password expiry with api/appliance/local-accounts API

Publish-LocalUserExpiry

Component	Resource	User	Alert	Message
NSX Edge	sfo-m01-en01.sfo.rainpole.io	root	GREEN	Password will not expire within the next 15 days. Verified using chage -l root.
NSX Edge	sfo-m01-en01.sfo.rainpole.io	audit	GREEN	Password will not expire within the next 15 days. Verified using chage -l audit.
NSX Edge	sfo-m01-en01.sfo.rainpole.io	admin	GREEN	Password will not expire within the next 15 days. Verified using chage -l admin.
NSX Edge	sfo-m01-en02.sfo.rainpole.io	root	GREEN	Password will not expire within the next 15 days. Verified using chage -l root.
NSX Edge	sfo-m01-en02.sfo.rainpole.io	audit	GREEN	Password will not expire within the next 15 days. Verified using chage -l audit.
NSX Edge	sfo-m01-en02.sfo.rainpole.io	admin	GREEN	Password will not expire within the next 15 days. Verified using chage -l admin.
NSX Manager	sfo-m01-nsx01a.sfo.rainpole.io	root	GREEN	Password will not expire within the next 15 days. Verified using chage -l root.
NSX Manager	sfo-m01-nsx01a.sfo.rainpole.io	admin	GREEN	Password will not expire within the next 15 days. Verified using chage -l admin.
NSX Manager	sfo-m01-nsx01a.sfo.rainpole.io	audit	GREEN	Password will not expire within the next 15 days. Verified using chage -l audit.
vCenter	sfo-m01-vc01.sfo.rainpole.io	root	GREEN	Password will not expire within the next 15 days. Verified using chage -l root.
SDDC	sfo-vcf01.sfo.rainpole.io	vcf	GREEN	Password will not expire within the next 15 days. Verified using chage -l vcf.
SDDC	sfo-vcf01.sfo.rainpole.io	backup	GREEN	Password will not expire within the next 15 days. Verified using chage -l backup.
SDDC	sfo-vcf01.sfo.rainpole.io	root	GREEN	Password will not expire within the next 15 days. Verified using chage -l root.
NSX Edge	sfo-w01-en01.sfo.rainpole.io	root	GREEN	Password will not expire within the next 15 days. Verified using chage -l root.
NSX Edge	sfo-w01-en01.sfo.rainpole.io	admin	GREEN	Password will not expire within the next 15 days. Verified using chage -l admin.
NSX Edge	sfo-w01-en01.sfo.rainpole.io	audit	GREEN	Password will not expire within the next 15 days. Verified using chage -l audit.
NSX Edge	sfo-w01-en02.sfo.rainpole.io	admin	GREEN	Password will not expire within the next 15 days. Verified using chage -l admin.
NSX Edge	sfo-w01-en02.sfo.rainpole.io	audit	GREEN	Password will not expire within the next 15 days. Verified using chage -l audit.
NSX Edge	sfo-w01-en02.sfo.rainpole.io	root	GREEN	Password will not expire within the next 15 days. Verified using chage -l root.
NSX Manager	sfo-w01-nsx01a.sfo.rainpole.io	root	GREEN	Password will not expire within the next 15 days. Verified using chage -l root.
NSX Manager	sfo-w01-nsx01a.sfo.rainpole.io	audit	GREEN	Password will not expire within the next 15 days. Verified using chage -l audit.
NSX Manager	sfo-w01-nsx01a.sfo.rainpole.io	admin	GREEN	Password will not expire within the next 15 days. Verified using chage -l admin.
vCenter	sfo-w01-vc01.sfo.rainpole.io	root	GREEN	Password will not expire within the next 15 days. Verified using chage -l root.

The Publish-PasswordHealth cmdlet is more complete as it also covers ESXi; however, it would need to be modified to show the user account. Which would require a rewrite not to use the generic Read-JsonElement cmdlet in the module.

@tenthirtyam tenthirtyam self-assigned this Mar 7, 2023
@tenthirtyam tenthirtyam added the vcf/4 VMware Cloud Foundation 4.x label Mar 9, 2023
@tenthirtyam tenthirtyam added this to the v2.0.0 milestone Mar 9, 2023
This was referenced Mar 28, 2023
Merged
Merged
tenthirtyam added a commit that referenced this issue Apr 3, 2023
@tenthirtyam
reactor: transition to Publish-PasswordHealth
3a97750 
- Updates `Publish-PasswordHealth` to return the results from the SoS Health Summary JSON data. #90
- Updates `Invoke-VcfHealthReport` to use the `Publish-PasswordHealth` cmdlet. #90
- Updates `Publish-PasswordHealth` to include an "Expires In (Days)" column. #40
- Removes `Publish-LocalUserExpiry` in favor of the `Publish-PasswordHealth` cmdlet. #90
- Bumps the module version to v2.0.0.1004.
- Updates `CHANGELOG.md`.

Signed-off-by: Ryan Johnson <johnsonryan@vmware.com>
@tenthirtyam tenthirtyam mentioned this issue Apr 3, 2023
Merged
11 tasks
tenthirtyam added a commit that referenced this issue Apr 3, 2023
@tenthirtyam
reactor: transition to Publish-PasswordHealth
e65b293 
- Updates `Publish-PasswordHealth` to return the results from the SoS Health Summary JSON data. #90
- Updates `Invoke-VcfHealthReport` to use the `Publish-PasswordHealth` cmdlet. #90
- Updates `Publish-PasswordHealth` to include an "Expires In (Days)" column. #40
- Removes `Publish-LocalUserExpiry` in favor of the `Publish-PasswordHealth` cmdlet. #90
- Bumps the module version to v2.0.0.1004.
- Updates `CHANGELOG.md`.

Signed-off-by: Ryan Johnson <johnsonryan@vmware.com>
tenthirtyam added a commit that referenced this issue Apr 4, 2023
@tenthirtyam
reactor: transition to Publish-PasswordHealth (#111)
904c9e6 
- Updates `Publish-PasswordHealth` to return the results from the SoS Health Summary JSON data. #90
- Updates `Invoke-VcfHealthReport` to use the `Publish-PasswordHealth` cmdlet. #90
- Updates `Publish-PasswordHealth` to include an "Expires In (Days)" column. #40
- Removes `Publish-LocalUserExpiry` in favor of the `Publish-PasswordHealth` cmdlet. #90
- Bumps the module version to v2.0.0.1004.
- Updates `CHANGELOG.md`.

Signed-off-by: Ryan Johnson <johnsonryan@vmware.com>
@github-actions
Copy link

github-actions bot commented May 5, 2023

I'm going to lock this issue because it has been closed for 30 days. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators May 5, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@tenthirtyam tenthirtyam

Labels
enhancement Enhancement vcf/4 VMware Cloud Foundation 4.x
Projects
None yet
Milestone
v2.0.0
2 participants
@tenthirtyam @bhumitra