Closed yanlu2 closed 2 years ago
something worng in my script.
Issue 1: cert.cer
should be relative or absolute path to the cer
file. If it is in the script working directory try ./cert.cer
Issue 2: $server
variable is string type, passing it as an argument to Disconnect-SsoAdminServer
won't work because this module is missing the PowerCLI OBN (resolving object by name) feature.
Suggestion to fix the script:
Foreach ($server in $vcenterlist) {
$hostname=$server.Split(".")[0]
$rptfile=$path+"usrimpt-"+$hostname+".txt"
# Read-Host -Prompt "`nPress any key to continue add AD over LDAPs to vCenter $server"
$serverConnection = Connect-SsoAdminServer -Server $server -User $username -Password $passwd -SkipCertificateCheck
#Get-IdentitySource -External
Add-LDAPIdentitySource `
-Name 'Corp LDAPs' `
-DomainName 'corp.comp.com' `
-DomainAlias 'Corp' `
-PrimaryUrl 'ldaps://appauth.corp.comp.com:636' `
-BaseDNUsers 'dc=corp,dc=comp,dc=com' `
-BaseDNGroups 'dc=corp,dc=comp,dc=com' `
-Username 'svc_vmlabmgr@corp.comp.com' `
-Password 'adfadfdaadfadf' `
-Certificates './cert.cer'
Disconnect-SsoAdminServer -Server $serverConnection
}
Thanks, it works.
Regards, -Yan
Internal Use - Confidential From: dmilov @.***> Sent: Friday, January 28, 2022 2:55 AM To: vmware/PowerCLI-Example-Scripts Cc: Yan Lu; State change Subject: Re: [vmware/PowerCLI-Example-Scripts] Error on Add-LDAPIdentitySource (Issue #533)
CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
Issue 1: cert.cer should be relative or absolute path to the cer file. If it is in the script working directory try ./cert.cer
Issue 2: $server variable is string type, passing it as an argument to Disconnect-SsoAdminServer won't work because this module is missing the PowerCLI OBN (resolving object by name) feature.
Suggestion to fix the script:
Foreach ($server in $vcenterlist) {
$hostname=$server.Split(".")[0]
$rptfile=$path+"usrimpt-"+$hostname+".txt"
$serverConnection = Connect-SsoAdminServer -Server $server -User $username -Password $passwd -SkipCertificateCheck
#Get-IdentitySource -External
Add-LDAPIdentitySource `
-Name 'Corp LDAPs' `
-DomainName 'corp.comp.com' `
-DomainAlias 'Corp' `
-PrimaryUrl 'ldaps://appauth.corp.comp.com:636' `
-BaseDNUsers 'dc=corp,dc=comp,dc=com' `
-BaseDNGroups 'dc=corp,dc=comp,dc=com' `
-Username ***@***.***' `
-Password 'adfadfdaadfadf' `
-Certificates './cert.cer'
Disconnect-SsoAdminServer -Server $serverConnection
}
In order to fix the second issue change the code to
- Reply to this email directly, view it on GitHubhttps://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fvmware%2FPowerCLI-Example-Scripts%2Fissues%2F533%23issuecomment-1023969200&data=04%7C01%7Cyan.lu%40securid.com%7Cbd3cbe116f0040a8700c08d9e2337107%7C3e855fcd203344818ea0c540b5640450%7C0%7C0%7C637789532846470377%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=xtO6C9jrjdTq7fGsfYgB%2Fzddq6PAjvybdOKWMkJ2xqc%3D&reserved=0, or unsubscribehttps://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fnotifications%2Funsubscribe-auth%2FAXLQM5GGONOZQHZ3H6A57OLUYJDUDANCNFSM5M625IPA&data=04%7C01%7Cyan.lu%40securid.com%7Cbd3cbe116f0040a8700c08d9e2337107%7C3e855fcd203344818ea0c540b5640450%7C0%7C0%7C637789532846470377%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=nVR7elPSSwRPzgalXD62W4I86XjBzSssxGM%2BakYMBVI%3D&reserved=0. Triage notifications on the go with GitHub Mobile for iOShttps://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fapps.apple.com%2Fapp%2Fapple-store%2Fid1477376905%3Fct%3Dnotification-email%26mt%3D8%26pt%3D524675&data=04%7C01%7Cyan.lu%40securid.com%7Cbd3cbe116f0040a8700c08d9e2337107%7C3e855fcd203344818ea0c540b5640450%7C0%7C0%7C637789532846470377%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=jpfjjPb%2FFtqebEAToEVpVC5OTqZJIk2f3L4FNY9M0UU%3D&reserved=0 or Androidhttps://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fplay.google.com%2Fstore%2Fapps%2Fdetails%3Fid%3Dcom.github.android%26referrer%3Dutm_campaign%253Dnotification-email%2526utm_medium%253Demail%2526utm_source%253Dgithub&data=04%7C01%7Cyan.lu%40securid.com%7Cbd3cbe116f0040a8700c08d9e2337107%7C3e855fcd203344818ea0c540b5640450%7C0%7C0%7C637789532846470377%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=0DZglRf0oQKAJYvfN%2Fay2vYFcLlgJheAosZEBRKWUm8%3D&reserved=0. You are receiving this because you modified the open/close state.Message ID: @.**@.>>
The information contained in this e-mail and any attachments from SecurID may contain confidential and/or proprietary information, and is intended only for the named recipient to whom it was originally addressed. If you are not the intended recipient, any disclosure, distribution, or copying of this e-mail or its attachments is strictly prohibited. If you have received this e-mail in error, please notify the sender immediately by return e-mail and permanently delete the e-mail and any attachments.
Describe the bug
I'm trying to add AD over LDAPs to a vCenter but got error. PS C:\Users\luy13> C:\PS_scripts\vCenter\vCenter-adding-AD-LDAPs.ps1
Press any key to continue add AD over LDAPs to vCenter rsaengbdvc1.rsa.lab.emc.com:
Name : server.corp.com ServiceUri : https://server.com/sso-adminserver/sdk/vsphere.local User : administrator@vsphere.local Id : /SsoAdminServer=vsphere.local/administrator@server.corp.com IsConnected : True Client : VMware.vSphere.SsoAdminClient.SsoAdminClient RefCount : 3
Add-LDAPIdentitySource : Cannot process argument transformation on parameter 'Certificates'. Cannot convert value "cert.cer" to type "System.Security.Cryptography.X509Certificates.X509Certificate2[]". Error: "Cannot convert value "cert.cer" to type "System.Security.Cryptography.X509Certificates.X509Certificate2". Error: "The system cannot find the file specified. "" At C:\PS_scripts\vCenter\vCenter-adding-AD-LDAPs.ps1:31 char:25
Disconnect-SsoAdminServer : Cannot process argument transformation on parameter 'Server'. Cannot convert the "server.corp.com" value of type "System.String" to type "VMware.vSphere.SsoAdminClient.DataTypes.SsoAdminServer[]". At C:\PS_scripts\vCenter\vCenter-adding-AD-LDAPs.ps1:32 char:39
Reproduction steps
Expected behavior
add AD over ldaps to vCenter
Additional context
No response