Created
August 23, 2018 19:50
-
-
Save realslacker/8c6b0489cb2356fd2908424a66028d44 to your computer and use it in GitHub Desktop.
Reads proxy access information from GroupWise 2012 or later. Uses the SOAP API to fetch proxy access ACLs from GroupWise.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| .SYNOPSIS | |
| Reads proxy access information from GroupWise 2012 or later. | |
| .DESCRIPTION | |
| Reads proxy access information from GroupWise 2012 or later. Uses the SOAP API to fetch proxy access ACLs from GroupWise. | |
| .PARAMETER User | |
| User(s) to query proxy access for. | |
| .PARAMETER Server | |
| GroupWise server to connect to. | |
| .PARAMETER Port | |
| Port to connect to SOAP API on, defaults to 7191. | |
| .PARAMETER TrustedAppName | |
| The name of the Trusted Application in your GroupWise system. | |
| .PARAMETER TrustedAppKey | |
| The key of the Trusted Application in your GroupWise system. | |
| .PARAMETER SSL | |
| Use SSL to connect. | |
| .PARAMETER TrustAllCerts | |
| Ignore certificate errors. Useful for self signed certs. | |
| #> | |
| param( | |
| [Parameter(Mandatory, ValueFromPipeline, ValueFromPipelineByPropertyName)] | |
| [Alias('SAMAccountName','Username')] | |
| [string[]] | |
| $User, | |
| [Parameter(Mandatory)] | |
| [string] | |
| $Server, | |
| [int] | |
| $Port = 7191, | |
| [Parameter(Mandatory)] | |
| [string] | |
| $TrustedAppName, | |
| [Parameter(Mandatory)] | |
| [string] | |
| $TrustedAppKey, | |
| [switch] | |
| $SSL, | |
| [switch] | |
| $TrustAllCerts | |
| ) | |
| begin { | |
| if ( $TrustAllCerts ) { | |
| add-type @" | |
| using System.Net; | |
| using System.Security.Cryptography.X509Certificates; | |
| public class TrustAllCertsPolicy : ICertificatePolicy { | |
| public bool CheckValidationResult(ServicePoint srvPoint, X509Certificate certificate, WebRequest request, int certificateProblem) { | |
| return true; | |
| } | |
| } | |
| "@ | |
| [System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy | |
| } | |
| $ConnectionPrefix = if ( $SSL ) { 'https' } else { 'http' } | |
| $URI = '{0}://{1}:{2}/soap' -f $ConnectionPrefix, $Server, $Port | |
| $UserAgent = 'powershell' | |
| function Invoke-GWSoapRequest { | |
| param( | |
| [string] | |
| $RequestSOAP, | |
| [switch] | |
| $ReturnObject | |
| ) | |
| $Headers = New-Object "System.Collections.Generic.Dictionary[[String],[string]]" | |
| $Headers.Add("SOAPAction", "") | |
| $Headers.Add("Content-Type", "text/xml") | |
| $WebRequestSplat = @{ | |
| Uri = $URI | |
| Method = 'POST' | |
| Headers = $Headers | |
| Body = $RequestSOAP | |
| UserAgent = $UserAgent | |
| UseBasicParsing = $true | |
| } | |
| if ( $ReturnObject ) { | |
| Invoke-WebRequest @WebRequestSplat | |
| } else { | |
| ([xml](Invoke-WebRequest @WebRequestSplat).Content).Envelope.Body | |
| } | |
| } | |
| function Invoke-GWSoapLogin ($ImpersonateUser) { | |
| $RequestSOAP = @" | |
| <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:typ="http://schemas.novell.com/2005/01/GroupWise/types" xmlns:met="http://schemas.novell.com/2005/01/GroupWise/methods"> | |
| <soapenv:Header> | |
| <typ:gwTrace>false</typ:gwTrace> | |
| </soapenv:Header> | |
| <soapenv:Body> | |
| <met:loginRequest> | |
| <met:auth type="types:TrustedApplication"> | |
| <typ:username>$ImpersonateUser</typ:username> | |
| <typ:name>$TrustedAppName</typ:name> | |
| <typ:key>$TrustedAppKey</typ:key> | |
| </met:auth> | |
| <met:application>IDMSOAP</met:application> | |
| </met:loginRequest> | |
| </soapenv:Body> | |
| </soapenv:Envelope> | |
| "@ | |
| (Invoke-GWSoapRequest $RequestSOAP).loginResponse.session | |
| } | |
| function Invoke-GWSoapLogout ($Session) { | |
| $RequestSOAP = @" | |
| <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:typ="http://schemas.novell.com/2005/01/GroupWise/types" xmlns:met="http://schemas.novell.com/2005/01/GroupWise/methods"> | |
| <soapenv:Header> | |
| <typ:gwTrace>false</typ:gwTrace> | |
| <typ:session>$Session</typ:session> | |
| </soapenv:Header> | |
| <soapenv:Body> | |
| <met:logoutRequest/> | |
| </soapenv:Body> | |
| </soapenv:Envelope> | |
| "@ | |
| Invoke-GWSoapRequest $RequestSOAP > $null | |
| } | |
| } | |
| process { | |
| $User | %{ | |
| $Session = Invoke-GWSoapLogin -ImpersonateUser $_ | |
| $RequestSOAP = @" | |
| <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:typ="http://schemas.novell.com/2005/01/GroupWise/types" xmlns:met="http://schemas.novell.com/2005/01/GroupWise/methods"> | |
| <soapenv:Header> | |
| <typ:gwTrace>false</typ:gwTrace> | |
| <typ:session>$Session</typ:session> | |
| </soapenv:Header> | |
| <soapenv:Body> | |
| <met:getProxyAccessListRequest/> | |
| </soapenv:Body> | |
| </soapenv:Envelope> | |
| "@ | |
| $Entries = (Invoke-GWSoapRequest $RequestSOAP).getProxyAccessListResponse.accessRights.entry | |
| foreach ( $Entry in $Entries ) { | |
| if ( $Entry.uuid -match 'all user access' ) { continue } | |
| $ReturnObj = New-Object PSObject | |
| $ReturnObj | Add-Member -MemberType NoteProperty -Name 'Mailbox' -Value $_ | |
| $ReturnObj | Add-Member -MemberType NoteProperty -Name 'ProxyName' -Value $Entry.displayName | |
| $ReturnObj | Add-Member -MemberType NoteProperty -Name 'ProxyUser' -Value $Entry.email.ToLower() | |
| $ReturnObj | Add-Member -MemberType NoteProperty -Name 'Alarms' -Value $([bool]$Entry.misc.alarms) | |
| $ReturnObj | Add-Member -MemberType NoteProperty -Name 'Notify' -Value $([bool]$Entry.misc.notify) | |
| $ReturnObj | Add-Member -MemberType NoteProperty -Name 'ReadPrivate' -Value $([bool]$Entry.misc.readHidden) | |
| $ReturnObj | Add-Member -MemberType NoteProperty -Name 'ChangeOptions' -Value $([bool]$Entry.misc.setup) | |
| $ReturnObj | Add-Member -MemberType NoteProperty -Name 'ApptRead' -Value $([bool]$Entry.appointment.read) | |
| $ReturnObj | Add-Member -MemberType NoteProperty -Name 'ApptWrite' -Value $([bool]$Entry.appointment.write) | |
| $ReturnObj | Add-Member -MemberType NoteProperty -Name 'MailRead' -Value $([bool]$Entry.mail.read) | |
| $ReturnObj | Add-Member -MemberType NoteProperty -Name 'MailWrite' -Value $([bool]$Entry.mail.write) | |
| $ReturnObj | Add-Member -MemberType NoteProperty -Name 'NoteRead' -Value $([bool]$Entry.note.read) | |
| $ReturnObj | Add-Member -MemberType NoteProperty -Name 'NoteWrite' -Value $([bool]$Entry.note.write) | |
| $ReturnObj | Add-Member -MemberType NoteProperty -Name 'TaskRead' -Value $([bool]$Entry.task.read) | |
| $ReturnObj | Add-Member -MemberType NoteProperty -Name 'TaskWrite' -Value $([bool]$Entry.task.write) | |
| $ReturnObj | |
| } | |
| Invoke-GWSoapLogout -Session $Session | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment