brianaddicks
Clarification on usage?
I'm looking to pull the list of current GlobalProtect users from a PA using this module, and I can connect to the PA okay using Get-PaDevice so I know the creds are good. When I try to show the current GP users, I get an Illegal parameter [request] error. I may be using the command wrong but there weren't any examples provided. Is there a clarification on the intent of the Invoke-PaApiOperation cmdlet? Happy to retract the issue if I'm using the module wrong...
PS C:\Users\test> Invoke-PaApiOperation -Cmd "
Invoke-WebRequest: C:\Users\test\Documents\PowerShell\Modules\PowerAlto\4.0.46\Classes\Main\PaloAltoDevice.Class.ps1:163:26 Line | 163 | $rawResult = Invoke-WebRequest @QueryParams | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | Illegal parameter [request]
Hey @nfields03,
I don't know if you have found a solution but I needed something similar and I came across this issue.
-
Go to: https://firewall1/php/rest/browse.php XML API > Operational Commands > show > global-protect-gateway > current-user.
-
Copy the contents from the xml text area:
<show><global-protect-gateway><current-user></current-user></global-protect-gateway></show>
- Connect to the firewall:
Get-PaDevice -DeviceAddress firewall1 -Credential (Get-Secret -Name supersecretapikey)
- Paste the contents of the xml text aera in the -Cmd parameter of the Invoke-PaApiOperation and execute the command:
$Response = (Invoke-PaApiOperation -Cmd "<show><global-protect-gateway><current-user></current-user></global-protect-gateway></show>").response
- View the current GP users:
$Response.result.entry | Select-Object -Property *
In general, it'd be great if there were more usage examples to help jump start users in using this module.
