Closed redboyhun closed 2 years ago
Hi @redboyhun
Get-PASUser
has been included in psPAS for ~5 years, and can be used with CyberArk versions 9.7 onward.
The docs show that the Get-PASUser
command allows invocation of both the "Get users" API & "Get user details" API (which has a both a Gen1 & Gen2 API available).
Backward compatibility for psPAS users, CyberArk version compatibility, and command performance all have to be considered, but it would be simple enough for you to create you own command to operate as you describe:
$User = Get-PASUser -Search $username
If ($User.ID) {
$User | Get-PASUser
}
Hope the above snippet helps.
Edit: different parameters can cause the command to target a different API depending on the parameterset used, (all relating to users, so makes sense for them to be included in a single command rather than several separate but similar commands). This is in-line with the development model used throughout the module, and is ultimately the reason for scenarios where the output differs.
Get-PASUser shows different values using the ID than using the Username or Search parameters. ID shows much more, but to get the ID first I have to use Username or Search.
It would be nice if using Username or Search, the same level of details would be shown. Example: Email address of the user is only shown using ID, but not with the other 2.
Sample data: Using ID
Using Search