search

vmware / PowerCLI-Example-Scripts

http://blogs.vmware.com/powercli
Other
743 stars 602 forks source link

Add-LDAPIdentitySource with -Default flag does not work as expected #549

Open MallocArray opened 2 years ago

MallocArray commented 2 years ago

Describe the bug

In 1.3.8 of the 'VMware.vSphere.SsoAdmin' module, the -Default parameter was added to set an LDAPIdentitySource as the Default.

As shown in the closed request, using the following command properly changes the External source as Default if it already exists

Get-IdentitySource -External | Set-LDAPIdentitySource -Default

When creating a new source with Add-LDAPIdentitySource with the -Default switch along with all other required fields, the source is created, but it is not set as Default as expected. Following up the Add command with the above line does set it as default, but the expectation is that the Add- command will also set it as default after creating

Also, in the comment based help for the Default parameter, it is misspelled as 'defualt'

Reproduction steps

$LDAPIdentitySourceParms = @{
    Name         = 'domain'
    DomainName   = 'domain.com'
    DomainAlias  = 'domain'
    PrimaryURL   = 'ldaps://DC1.domain.com:3269'
    SecondaryURL = 'ldaps://DC2.domain.com:3269'
    BaseDNUsers  = 'DC=domain,DC=com'
    BaseDNGroups = 'DC=domain,DC=com'
    Username     = $Cred.UserName
    Password     = $Cred.GetNetworkCredential().password
    Certificates = @(
        "$CertPath\DC1.domain.com-2027cert.cer"
        "$CertPath\DC2.domain.com-2027cert.cer"
    )
    ServerType   = 'ActiveDirectory'
    Default      = $True
}

$CurrentIdentitySource = Get-IdentitySource -External | Where-Object {$_.Name -eq $LDAPIdentitySourceParms.DomainName}
if ($CurrentIdentitySource) {
    # If existing settings do not match desired parameters, delete existing source and add with desired parameters
    if ($LDAPIdentitySourceParms.DomainAlias -ne $CurrentIdentitySource.Alias -or $LDAPIdentitySourceParms.Username -ne $CurrentIdentitySource.AuthenticationUsername -or $LDAPIdentitySourceParms.Name -ne $CurrentIdentitySource.FriendlyName -or $LDAPIdentitySourceParms.PrimaryUrl -ne $CurrentIdentitySource.PrimaryUrl -or $LDAPIdentitySourceParms.SecondaryUrl -ne $CurrentIdentitySource.FailoverURL -or $LDAPIdentitySourceParms.BaseDNUsers -ne $CurrentIdentitySource.UserBaseDN -or $LDAPIdentitySourceParms.BaseDNGroups -ne $CurrentIdentitySource.GroupBaseDN -or $LDAPIdentitySourceParms.DomainName -ne $CurrentIdentitySource.Name) {
        Get-IdentitySource | Where-Object {$_.Name -eq $LDAPIdentitySourceParms.DomainName } | Remove-IdentitySource
        Add-LDAPIdentitySource @LDAPIDentitySourceParms
    }
}

Expected behavior

Using the Add-LDAPIdentitySource with the -Default switch will set it as default after creating a new entry

Additional context

No response

dmilov commented 2 years ago

thanks for reporting this one. I'll address it in 1.3.9