Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Collection of helpful psPAS one-liners
# Before every one-liner before, remember to import the psPAS module and create a new PAS session (unless you're already logged in.) https://github.com/pspete/psPAS
Import-Module psPAS
# You no longer have to consume the session token for later use as of psPAS v3+
New-PASSession -BaseURI https://cyberark.joegarcia.dev -Type ldap -Credential $(Get-Credential)
###########################################
# List Safe Members by Specific Permission
###########################################
Get-PASSafe -query D-Nix | Get-PASSafeMember | Where-Object { $_.Permissions -contains 'Add' }
# Example Response
# UserName SafeName Permissions
# -------- -------- -----------
# jgarcia D-Nix-AWS-EC2 {Add, AddRenameFolder, BackupSafe, Delete…}
# Master D-Nix-AWS-EC2 {Add, AddRenameFolder, BackupSafe, Delete…}
# Batch D-Nix-AWS-EC2 {Add, AddRenameFolder, BackupSafe, Delete…}
# PasswordManager D-Nix-AWS-EC2 {Add, AddRenameFolder, Delete, DeleteFolder…}
# AWSLambda D-Nix-AWS-EC2 {Add, Delete, ListContent, UpdateMetadata}
# jgarcia D-Nix-Root {Add, AddRenameFolder, BackupSafe, Delete…}
# Master D-Nix-Root {Add, AddRenameFolder, BackupSafe, Delete…}
# Batch D-Nix-Root {Add, AddRenameFolder, BackupSafe, Delete…}
# PasswordManager D-Nix-Root {Add, AddRenameFolder, Delete, DeleteFolder…}
# D-Nix-Root_Adm… D-Nix-Root {Add, BackupSafe, Delete, ListContent…}
# Vault Admins D-Nix-Root {Add, AddRenameFolder, BackupSafe, Delete…}
# stan D-Nix-Root {Add, ListContent, ManageSafeMembers, Restri…
#########################################
# List Safes Username is NOT a Member Of
#########################################
Get-PASSafe | ForEach-Object { if ($(Get-PASSafeMember -SafeName $_.SafeName) -notcontains "Administrator") { Write-Output $_.SafeName } }
# Example Response
# AccountsFeedADAccounts
# AccountsFeedDiscoveryLogs
# Notification Engine
# PasswordManager
# PasswordManager_Info
# PasswordManager_Pending
# PasswordManagerShared
# PVWAConfig
# PVWAReports
# PVWATaskDefinitions
# PVWATicketingSystem
# PVWAUserPrefs
# VaultInternal
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment