Closed allynl93 closed 4 years ago
Hey Allyn,
Get-PASUser
is the psPAS command you are looking for (it amalgamates both "Get User Details" (both 1st Gen & 2nd Gen) & "Get Users").
A user's groups membership is only returned since version 11.5
Specify the id
(number) of the user to get the details of, the groupsmembership
property is included in the list view (Get-PASUser -id 2 | Format-List
) or can be accessed directly:
Get-PASUser -id 2 | select-object -ExpandProperty groupsmembership
groupID groupName groupType
------- --------- ---------
8 Auditors Vault
14 PVWAMonitor Vault
15 PVWAUsers Vault
26 PSMLiveSessionTerminators Vault
661 GlobalAdmin Vault
11 Vault Admins Vault
psPAS 4.1.11 was when the format file of the module was updated to include the property.
If using an earlier psPAS version Get-PASUser -id 2 | Select-Object *
should still display it.
Ah I knew it would be something silly. Because it was a separate endpoint on the API that's what I was looking for. Thank you for the clarification.
I'll close this.
Cheers man.
There is some extra documentation in the pipeline to link the API endpoints to the relevant psPAS commands - for development purposes it is becoming more of a concern to understand exactly where in the module different bits have ended up and which parameter combinations actually invoke them.
Is your feature request related to a problem? Please describe. I may well be missing very obvious, but I can't seem to find a function for the "Get user details" API.
API described at: https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/SDK/get-user-details-v10.htm
This makes it difficult to understand which groups a user is member of for example.
Describe the solution you'd like Ideally would like to see a function like Get-PASUserDetails included in the module. If it is included and I'm missing it, maybe under a different name, then please let me know how stupid I'm being.
Describe alternatives you've considered Don't look like there is an alternative that I can see? The API doesn't have an endpoint to view members of a groups, it appears the only way to view who is a member of group is go from a user perspective and work it back that way... Again if I've missing something fundamental do let me know.
Hope all is well. Cheers Allyn