Closed ELANDJEA closed 7 months ago
Get-PASUser -id 123 | get-member
?
Get-PASUser -id 123 | Format-List
?
Get-PASUser -id 123 | select-object *
?
Gives you the result you expect?
All the properties are there:
you are absolutely right.....somehow I overlooked 😳
just one afterburner....I just realised....
when using "get-pasmember -username XYZ' it retreives less information than when I perform "get-pasmember -id ##"
hence: for proper handling I first need to find a single account (based on name) and after that use the ID property from the first result to do a new call to get all details.
is it intended behavour to only get everything using the -id parameter? (I assume it relates to the difference between gen1 and gen2 APIs)
get-pasmember
which command do you refer to?
of course I meant get-pasuser 😳
Get-PASUser -username XYZ
- uses this api: Get users
Get-PASUser -ID ##
- uses this api: Get user details
The output of each API differs, hence the difference in output for the commands.
Describe the issue when using get-pasuser (even with the option -ExtendedDetails) does not get the full details of a user. when I for instance have an email address configured it does not get represented in the results
To Reproduce Steps to reproduce the behavior:
Expected behavior get full details of the user....
Screenshots & Console Output If applicable, add screenshots and/or console output to help explain your problem.
Your Environment Include relevant details about your environment
Additional context I now get the full details like this:
$user=get-pasuser -username $oldname if ($user -eq $null) { write-host user $oldname does not exist return $false }
get details via plain rest
$id=$user.id $ThisSession = Get-PASSession $UrlPath = "api/users/$id/" $method="get" $Request = @{ "Method" = $Method "Uri" = "$($ThisSession.BaseUri)/$UrlPath" "WebSession" = $ThisSession.WebSession "ContentType" = "application/json" } $userdetails=Invoke-RestMethod @Request
where $userdetails represent something like this:
enableUser : True changePassOnNextLogon : True expiryDate : userActivityLogRetentionDays : 90 loginFromHour : 0 loginToHour : 24 suspended : False lastSuccessfulLoginDate : 1692345373 unAuthorizedInterfaces : {} authenticationMethod : {AuthTypePass} passwordNeverExpires : False distinguishedName : description : businessAddress : @{workStreet=; workCity=; workState=; workZip=; workCountry=} internet : @{homePage=; homeEmail=; businessEmail=pipo@abcd.nl; otherEmail=} phones : @{homeNumber=; businessNumber=0; cellularNumber=; faxNumber=; pagerNumber=} personalDetails : @{street=; city=; state=; zip=; country=; title=; organization=clown; department=; profession=;firstName=pipo; middleName=; lastName=clown} id : 21 username : pipo source : CyberArk userType : EPVUser componentUser : False groupsMembership : {@{groupID=8; groupName=Auditors; groupType=Vault}, @{groupID=11; groupName=Vault Admins; groupType=Vault}, @{groupID=15; groupName=PVWAUsers; groupType=Vault}} vaultAuthorization : {} location : \