zmeier/Backup
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update

Browse Source
This commit is contained in:
Zack Meier
2026-04-15 15:45:50 -05:00
commit 1d304511b8
613 changed files with 140998 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
_NDGOV_CS/ITD.Cohesity/archive/powershell/addObjectToUserAccessList.ps1
+120
View File
@@ -0,0 +1,120 @@
### process commandline arguments
[CmdletBinding()]
param (
[Parameter(Mandatory = $True)][string]$vip, #the cluster to connect to (DNS name or IP)
[Parameter(Mandatory = $True)][string]$username, #username (local or AD)
[Parameter()][string]$domain = 'local', #local or AD domain
[Parameter()][array]$principal,
[Parameter()][array]$addObject,
[Parameter()][array]$addView,
[Parameter()][array]$removeObject,
[Parameter()][array]$removeView
)
### source the cohesity-api helper code
. $(Join-Path -Path $PSScriptRoot -ChildPath cohesity-api.ps1)
### authenticate
apiauth -vip $vip -username $username -domain $domain
$users = api get users?_includeTenantInfo=true
$groups = api get groups?_includeTenantInfo=true
$sources = api get "protectionSources"
$views = api get views
function getObjectId($objectName){
$global:_object_id = $null
function get_nodes($obj){
if($obj.protectionSource.name -eq $objectName){
$global:_object_id = $obj.protectionSource.id
break
}
if($obj.name -eq $objectName){
$global:_object_id = $obj.id
break
}
if($obj.PSObject.Properties['nodes']){
foreach($node in $obj.nodes){
if($null -eq $global:_object_id){
get_nodes $node
}
}
}
}
foreach($source in $sources){
if($null -eq $global:_object_id){
get_nodes $source
}
}
return $global:_object_id
}
foreach($p in $principal){
if($p -match '/'){
$d, $p = $p.split('/')
}else{
$d = 'local'
}
$ptype = 'user'
$thisPrincipal = $users | Where-Object {$_.username -eq $p -and $_.domain -eq $d}
if(!$thisPrincipal){
$ptype = 'group'
$thisPrincipal = $groups | Where-Object {$_.name -eq $p -and $_.domain -eq $d}
}
if(!$thisPrincipal){
Write-Host "Principal $d/$p not found!" -ForegroundColor Yellow
continue
}
$access = api get principals/protectionSources?sids=$($thisPrincipal.sid)
$newAccess = @{
"sourcesForPrincipals" = @(
@{
"sid" = $thisPrincipal.sid;
"protectionSourceIds" = [array]$access.protectionSources.id;
"viewNames" = [array]$access.views.name
}
)
}
foreach($objectName in $addObject){
$objectId = getObjectId $objectName
if(!$objectId){
Write-Host "Object $objectName not found!" -ForegroundColor Yellow
continue
}
"Adding $objectName"
$newAccess.sourcesForPrincipals[0].protectionSourceIds = @($newAccess.sourcesForPrincipals[0].protectionSourceIds + $objectId)
}
foreach($objectName in $removeObject){
$objectId = getObjectId $objectName
if($objectId){
"Removing $objectName"
$newAccess.sourcesForPrincipals[0].protectionSourceIds = @($newAccess.sourcesForPrincipals[0].protectionSourceIds | Where-Object {$_ -ne $objectId})
}
}
foreach($viewName in $addView){
$view = $views.views | Where-Object {$_.name -eq $viewName}
if(!$view){
Write-Host "View $viewName not found" -ForegroundColor Yellow
continue
}
"Adding $viewName"
$newAccess.sourcesForPrincipals[0].viewNames = @($newAccess.sourcesForPrincipals[0].viewNames + $view.name)
}
foreach($viewName in $removeView){
"Removing $viewName"
$newAccess.sourcesForPrincipals[0].viewNames = @($newAccess.sourcesForPrincipals[0].viewNames | Where-Object {$_ -ne $viewName})
}
$newAccess.sourcesForPrincipals[0].protectionSourceIds = @($newAccess.sourcesForPrincipals[0].protectionSourceIds | Sort-Object -Unique)
$newAccess.sourcesForPrincipals[0].viewNames = @($newAccess.sourcesForPrincipals[0].viewNames | Sort-Object -Unique)
$thisPrincipal.restricted = $True
if($ptype -eq 'user'){
$null = api put users $thisPrincipal
}else{
$null = api put groups $thisPrincipal
}
$null = api put principals/protectionSources $newAccess
}