PowerCLI-Example-Scripts icon indicating copy to clipboard operation
PowerCLI-Example-Scripts copied to clipboard

Published 20 hours ago verified publisher icon vmware

Add-LDAPIdentitySource with -Default flag does not work as expected

Open MallocArray opened this issue 3 years ago • 1 comments
trafficstars

Describe the bug

In 1.3.8 of the 'VMware.vSphere.SsoAdmin' module, the -Default parameter was added to set an LDAPIdentitySource as the Default.

As shown in the closed request, using the following command properly changes the External source as Default if it already exists

Get-IdentitySource -External | Set-LDAPIdentitySource -Default

When creating a new source with Add-LDAPIdentitySource with the -Default switch along with all other required fields, the source is created, but it is not set as Default as expected. Following up the Add command with the above line does set it as default, but the expectation is that the Add- command will also set it as default after creating

Also, in the comment based help for the Default parameter, it is misspelled as 'defualt'

Reproduction steps

$LDAPIdentitySourceParms = @{
    Name         = 'domain'
    DomainName   = 'domain.com'
    DomainAlias  = 'domain'
    PrimaryURL   = 'ldaps://DC1.domain.com:3269'
    SecondaryURL = 'ldaps://DC2.domain.com:3269'
    BaseDNUsers  = 'DC=domain,DC=com'
    BaseDNGroups = 'DC=domain,DC=com'
    Username     = $Cred.UserName
    Password     = $Cred.GetNetworkCredential().password
    Certificates = @(
        "$CertPath\DC1.domain.com-2027cert.cer"
        "$CertPath\DC2.domain.com-2027cert.cer"
    )
    ServerType   = 'ActiveDirectory'
    Default      = $True
}

$CurrentIdentitySource = Get-IdentitySource -External | Where-Object {$_.Name -eq $LDAPIdentitySourceParms.DomainName}
if ($CurrentIdentitySource) {
    # If existing settings do not match desired parameters, delete existing source and add with desired parameters
    if ($LDAPIdentitySourceParms.DomainAlias -ne $CurrentIdentitySource.Alias -or $LDAPIdentitySourceParms.Username -ne $CurrentIdentitySource.AuthenticationUsername -or $LDAPIdentitySourceParms.Name -ne $CurrentIdentitySource.FriendlyName -or $LDAPIdentitySourceParms.PrimaryUrl -ne $CurrentIdentitySource.PrimaryUrl -or $LDAPIdentitySourceParms.SecondaryUrl -ne $CurrentIdentitySource.FailoverURL -or $LDAPIdentitySourceParms.BaseDNUsers -ne $CurrentIdentitySource.UserBaseDN -or $LDAPIdentitySourceParms.BaseDNGroups -ne $CurrentIdentitySource.GroupBaseDN -or $LDAPIdentitySourceParms.DomainName -ne $CurrentIdentitySource.Name) {
        Get-IdentitySource | Where-Object {$_.Name -eq $LDAPIdentitySourceParms.DomainName } | Remove-IdentitySource
        Add-LDAPIdentitySource @LDAPIDentitySourceParms
    }
}

Expected behavior

Using the Add-LDAPIdentitySource with the -Default switch will set it as default after creating a new entry

Additional context

No response

MallocArray avatar Apr 12 '22 18:04 MallocArray

thanks for reporting this one. I'll address it in 1.3.9

dmilov avatar Apr 13 '22 06:04 dmilov