Closed toddwbutler closed 5 years ago
Hi Todd,
As you use 10.6, have your attempted to use the op
,path
& value
parameters for set-pasaccount
?
Pete,
Thanks for your assistance. Yes I've tried that one too.
Get-PASAccount finds the account to show it's valid.
$token | Get-PASAccount -Safe "J1DF221 13401 iPhone Test" -Keywords "12346789"
Set-PASAccount attempts to change the address parameter but comes back with a 404 error:
$token | Set-PASAccount -AccountID 155_196 -op replace -path "/address" -value "NewAddress"
Invoke-PASRestMethod : The resource you are looking for has been removed, had its name changed, or is temporarily unavailable. At C:\Users\J1TWBQ1\Documents\WindowsPowerShell\Modules\psPAS\Functions\Accounts\Set-PASAccount.ps1:405 char:14
+ CategoryInfo : NotSpecified: (:) [Write-Error], WriteErrorException
+ FullyQualifiedErrorId : 404,Invoke-PASRestMethod
Again, using Set-PASAccount attempting to replace the district parameter, we get the same error. $token | Set-PASAccount -AccountID 155_196 -op replace -path "/district" -value "22vk"
I don't see district returned as a property in the result of your Get-PASAccount
command, is it set already? The property has to exist on the platform assigned to the account also.
I'm without a test environment currently so can't validate the command....
If district is not set, try this command:
$token | Set-PASAccount -AccountID 155_196 -op add -path "/platformaccountproperties/district"
If you are changing the value of district - it would look like this:
$token | Set-PASAccount -AccountID 155_196 -op replace -path "/platformaccountproperties/district"
Pete,
Nice! This works!
$token | Set-PASAccount -AccountID 155_196 -op replace -path "/platformAccountProperties/District" -value "12L"
Regards!
Todd
Pete,
The root cause was that I failed to put the method in IIS of PATCH.
On Thu, Mar 7, 2019 at 1:31 PM Pete Maan notifications@github.com wrote:
I don't see district returned as a property in the result of your Get-PASAccount command, is it set already? The property has to exist on the platform assigned to the account also.
I'm without a test environment currently so can't validate the command....
If district is not set, try this command: $token | Set-PASAccount -AccountID 155_196 -op add -path "/platformaccountproperties/district"
If you are changing the value of district - it would look like this: $token | Set-PASAccount -AccountID 155_196 -op replace -path "/platformaccountproperties/district"
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/pspete/psPAS/issues/137#issuecomment-470662340, or mute the thread https://github.com/notifications/unsubscribe-auth/AVC5cu4AT-BJgX53g73OKHySyppnnrLfks5vUWkJgaJpZM4bifXT .
-- Todd W. Butler
Glad you got it sorted out - this is the only part of the API which allows the PATCH method.
After upgrading my psPAS, I am getting below error: Get-PASAccount -Keywords $ADDRESS -Safe $SAFE | Set-PASAccount -AccountName "$HOSTNAME-$ACCOUNT" Invoke-PASRestMethod : [400] Failed to update account 737_1155. Reason: Invalid value for parameter - Properties
I was able to do the following instead: Get-PASAccount -Keywords $ADDRESS -Safe $SAFE | Set-PASAccount -op replace -path "/name" -value "$HOSTNAME-$ACCOUNT"
Another issue, the following command worked before I upgraded: Get-PASAccount -Keywords $ADDRESS -Safe $RECONCILESAFE | Set-PASAccount -Properties @{"extrapass3name" = "$HOSTNAME-$ACCOUNT";"extrapass3folder" = "Root";"extrapass3safe" = $SAFE}
Now it yields: Invoke-PASRestMethod : [400] Failed to update account 737_1155. Reason: Invalid value for parameter - Properties
I solved my issue, the InternalProperties being returned from Get-PASAccount was messing things up. I added the following select statement in-between my get & set: select -Property -ExcludeProperty InternalProperties So my command now looks like this: Get-PASAccount -Keywords $ADDRESS -Safe $RECONCILESAFE | select -Property -ExcludeProperty InternalProperties | Set-PASAccount -Properties @{"extrapass3name" = "$HOSTNAME-$ACCOUNT";"extrapass3folder" = "Root";"extrapass3safe" = $SAFE}
and it works fine now :)
Your Environment
Powershell v4 psPAS 2.4.8 CyberArk 10.6
Expected Behaviour
Expecting Set-PASAccount to update category values
Current Behaviour
We use REST to create and delete accounts from the vault however we are unable to update/modify existing accounts using REST due to this error relating to "Invalid value for parameter - Properties" error.
The commands: $Credentials = Get-Credential $token = New-PASSession -credential $Credentials -BaseURI https://sample.domain.org Write-Host $token $token | Get-PASAccount -Safe "J1DF221 13401 iPhone Test" -Keywords "12346789" $token | Set-PASAccount -AccountID 155_196 -Folder Root -AccountName NewName -DeviceType "Operating System" -PlatformID NF211-Firecall-Human-Managed-DC -Address newaddress -UserName 12346789 -Properties @{"District"="1A"} Write-Host $result
The behavior:
PS D:\REST\REST_Development> D:\REST\REST_Development\pspete_SetPASAccount_01.ps1 cmdlet Get-Credential at command pipeline position 1 Supply values for the following parameters: @{sessionToken=System.Collections.Hashtable; WebSession=Microsoft.PowerShell.Commands.WebRequestSession; BaseURI=https: //sample.domain.org; PVWAAppName=PasswordVault; ConnectionNumber=0; ExternalVersion=10.6.0}
AccountID : 155_196 Safe : J1DF221 13401 iPhone Test Folder : Root Name : Operating System-NFS22-Firecall-Human-Static-PA-sample.domain.org-12346789 UserName : 12346789 PlatformID : NFS22-Firecall-Human-Static-PA DeviceType : Operating System Address : sample.domain.org InternalProperties :
Invoke-PASRestMethod : [400] Failed to update account 155_196. Reason: Invalid value for parameter - Properties At line:405 char:14
@{AccountID=155_196; InternalProperties=; Safe=J1DF221 22 iPhone Test; Folder=Root; Name=Operating System-NFS22-Firecall-Human-Static-PA-sample.domain.org-12346789; Description=; UserName=12346789; PolicyID=NFS22-Firecall-Human-Static-PA; Details=nothing; DeviceType=Operating System; Address=sample.domain.org; District=22PK; sessionToken=System.Collections.Hashtable; PVWAAppName=PasswordVault; ExternalVersion=10.6.0; BaseURI=https://sample.domain.org; WebSession=Microsoft.PowerShe ll.Commands.WebRequestSession}
PS D:\REST\REST_Development>
Context
Our goal is to use REST to create, update, and delete accounts from safes. We use REST to create accounts and delete accounts. We are unable to update existing accounts using REST until this issue is resolved.