Last active
June 30, 2023 08:28
-
-
Save darrenjrobinson/e9307d1764a0a2709b6c24e8a1828116 to your computer and use it in GitHub Desktop.
PowerShell Script to get Ubiquiti Unifi Sites, Devices and Active Clients. Associated blogpost https://blog.darrenjrobinson.com/accessing-your-ubiquiti-unifi-network-configuration-with-powershell/
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Unifi Controller Login Base URI | |
| $uController = 'yourControllerIP' # e.g 'https://192.168.1.2:8443' | |
| # Identifier of the site in UniFi. Set to default for the default site | |
| $uSiteID = "default" | |
| $uUsername = 'adminuser' # yourAdmin UserID | |
| $uPassword = 'yourPassword' # yourAdmin User Password | |
| $uAuthBody = @{"username" = $uUsername; "password" = $uPassword } | |
| $uHeaders = @{"Content-Type" = "application/json" } | |
| # Allow connection with the Unifi Self Signed Cert | |
| add-type @" | |
| using System.Net; | |
| using System.Security.Cryptography.X509Certificates; | |
| public class TrustAllCertsPolicy : ICertificatePolicy { | |
| public bool CheckValidationResult( | |
| ServicePoint srvPoint, X509Certificate certificate, | |
| WebRequest request, int certificateProblem) { | |
| return true; | |
| } | |
| } | |
| "@ | |
| [System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy | |
| [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Ssl3, [Net.SecurityProtocolType]::Tls, [Net.SecurityProtocolType]::Tls11, [Net.SecurityProtocolType]::Tls12 | |
| $uLogin = Invoke-RestMethod -Method Post -Uri "$($uController)/api/login" -Body ($uAuthBody | convertto-json) -Headers $uHeaders -SessionVariable UBNT | |
| if ($uLogin.meta.rc.Equals("ok")) { | |
| Write-Host -ForegroundColor Green "Successfully authenticated to $($uController) as $($uUsername)" | |
| # Get Sites | |
| $uSites = Invoke-RestMethod -Method Get -Uri "$($uController)/api/self/sites" -WebSession $UBNT -Headers $uHeaders | |
| write-host -ForegroundColor Cyan "Sites" | |
| $uSites.data.name | |
| # Get Devices | |
| $uDevices = Invoke-RestMethod -Method Get -Uri "$($uController)/api/s/$($uSiteID)/stat/device" -WebSession $UBNT -Headers $uHeaders | |
| write-host -ForegroundColor cyan "Devices" | |
| $uDevices.data.name | |
| # Get Active Clients | |
| $uActiveClients = Invoke-RestMethod -Method Get -Uri "$($uController)/api/s/$($uSiteID)/stat/sta" -WebSession $UBNT -Headers $uHeaders | |
| write-host -ForegroundColor cyan "Active Clients" | |
| $uActiveClients.data.name | |
| } | |
| else { | |
| Write-Host -ForegroundColor Red "Unsuccessfull in authenticating to $($uController) as $($uUsername)" | |
| } | |
I'm only prompted for 2FA when using the Unifi Public Endpoint, via http://unifi.ubnt.com/
When using the IP Address and Port of the local cloudkey from within the same local network 2FA isn't triggered.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This is awesome. Any idea how to authenticate if you have 2fa enabled?
When I run this script, I get the following error:
That seems to indicate that there should be some way of passing the token to the endpoint, but nothing I've tried works.