Get_Oa_Vc_Ilo.ps1 (zpäť na zoznam)
Skript na vytváranie nových a mazanie starých používateľov na Onboard Administrator konzole, Virtual Connect konzole a iLO karte.
#SSH-SESSIONS download link: https://www.powershellgallery.com/packages/SSHSessions/2.1.3
$newAccount = ""
$newPassword = ""
$oldAccount = ""
$oldPassword = ""
$listOfEnclosures = "enclosures.csv"
$logFile = "C:\temp\logfile.csv"
$header = "Enclosure;OA new account created;OA old account demoted;iLO new account created;iLO old account demoted;VC new account created;VC old account demoted"
$enclosures = Import-Csv $listOfEnclosures -Delimiter ";"
Add-Content $logFile $header
Import-Module ssh-sessions
foreach ($item in $enclosures) {
$IPOA1 = $item.OA1IP
$IPOA2 = $item.OA2IP
$IPVC1 = $item.IB1IP
$IPVC2 = $item.IB2IP
$enclosure = $item.Enclosure
$errorLog = $enclosure + ".txt"
[io.file]::AppendAllText("$logFile","$enclosure")
#Code for onboard administrator change
New-SshSession -ComputerName $IPOA1 -Username $oldAccount -Password $oldPassword
$result = Invoke-SshCommand -ComputerName $IPOA1 -Command "add user $newAccount $newPassword" -Quiet #creating new account
if ($result -notmatch "Not a valid request while running in standby mode.") { #do if current OA is not standby
if ($result -match " created") { #if account is successfully created
$result = Invoke-SshCommand -ComputerName $IPOA1 -Command "set user access $newAccount administrator" -Quiet #set admin privileges
if ($result -match "has been given administrator level privileges") { #if account has been given admin level privileges
$result = Invoke-SshCommand -ComputerName $IPOA1 -Command "assign oa $newAccount" -Quiet #assing all OA bays to new account
if ($result -match "has been granted access to the OA") { #if account has been given access to all OA
[io.file]::AppendAllText("$logFile",";OK")
Remove-SshSession -ComputerName $IPOA1
New-SshSession -ComputerName $IPOA1 -Username $newAccount -Password $newPassword #connect with new account
$result = Invoke-SshCommand -ComputerName $IPOA1 -Command "set user access $oldAccount user" -Quiet #demoting old account
if ($result -match "has been given user level privileges") { #if demoting is successfull
[io.file]::AppendAllText("$logFile",";OK")
}
else {
[io.file]::AppendAllText("$logFile",";NOK")
Add-Content $errorLog $result
}
Remove-SshSession -ComputerName $IPOA1
}
else {
[io.file]::AppendAllText("$logFile",";NOK")
[io.file]::AppendAllText("$logFile",";")
Add-Content $errorLog $result
Remove-SshSession -ComputerName $IPOA1
}
}
else {
[io.file]::AppendAllText("$logFile",";NOK")
[io.file]::AppendAllText("$logFile",";")
Add-Content $errorLog $result
Remove-SshSession -ComputerName $IPOA1
}
}
else {
[io.file]::AppendAllText("$logFile",";NOK")
[io.file]::AppendAllText("$logFile",";")
Add-Content $errorLog $result
Remove-SshSession -ComputerName $IPOA1
}
}
else { #do if current OA is standby
Remove-SshSession -ComputerName $IPOA1 #close previously opened session
New-SshSession -ComputerName $IPOA2 -Username $oldAccount -Password $oldPassword
$result = Invoke-SshCommand -ComputerName $IPOA2 -Command "add user $newAccount $newPassword" -Quiet #creating new account
if ($result -match " created") { #if account is successfully created
$result = Invoke-SshCommand -ComputerName $IPOA2 -Command "set user access $newAccount administrator" -Quiet #set admin privileges
if ($result -match "has been given administrator level privileges") { #if account has been given admin level privileges
$result = Invoke-SshCommand -ComputerName $IPOA2 -Command "assign oa $newAccount" -Quiet #assing all OA bays to new account
if ($result -match "has been granted access to the OA") { #if account has been given access to all OA
[io.file]::AppendAllText("$logFile",";OK")
Remove-SshSession -ComputerName $IPOA2
New-SshSession -ComputerName $IPOA2 -Username $newAccount -Password $newPassword #connect with new account
$result = Invoke-SshCommand -ComputerName $IPOA2 -Command "set user access $oldAccount user" -Quiet #demoting old account
if ($result -match "has been given user level privileges") {
[io.file]::AppendAllText("$logFile",";OK")
}
else {
[io.file]::AppendAllText("$logFile",";NOK")
Add-Content $errorLog $result
}
Remove-SshSession -ComputerName $IPOA2
}
else {
[io.file]::AppendAllText("$logFile",";NOK")
[io.file]::AppendAllText("$logFile",";")
Add-Content $errorLog $result
Remove-SshSession -ComputerName $IPOA2
}
}
else {
[io.file]::AppendAllText("$logFile",";NOK")
[io.file]::AppendAllText("$logFile",";")
Add-Content $errorLog $result
Remove-SshSession -ComputerName $IPOA2
}
}
else {
[io.file]::AppendAllText("$logFile",";NOK")
[io.file]::AppendAllText("$logFile",";")
Add-Content $errorLog $result
Remove-SshSession -ComputerName $IPOA2
}
}
#Code for iLO
#RIBCL for new account
$ribCLadd = '
HPONCFG ALL << EOF
<RIBCL VERSION="2.0">
<LOGIN USER_LOGIN="Administrator" PASSWORD="password">
<USER_INFO MODE="write">
<ADD_USER
USER_NAME=""
USER_LOGIN=""
PASSWORD="">
<ADMIN_PRIV value="Yes"/>
<REMOTE_CONS_PRIV value="Yes"/>
<RESET_SERVER_PRIV value="Yes"/>
<VIRTUAL_MEDIA_PRIV value="Yes"/>
<CONFIG_ILO_PRIV value="Yes"/>
</ADD_USER>
</USER_INFO>
</LOGIN>
</RIBCL>
EOF
'
#RIBCL for editing old account
$ribCLedit = '
HPONCFG ALL << EOF
<RIBCL VERSION="2.0">
<LOGIN USER_LOGIN="Administrator" PASSWORD="password">
<USER_INFO MODE="write">
<MOD_USER USER_LOGIN="login">
<ADMIN_PRIV value="No"/>
<REMOTE_CONS_PRIV value="Yes"/>
<RESET_SERVER_PRIV value="No"/>
<VIRTUAL_MEDIA_PRIV value="No"/>
<CONFIG_ILO_PRIV value="No"/>
</MOD_USER>
</USER_INFO>
</LOGIN>
</RIBCL
EOF
'
New-SshSession -ComputerName $IPOA1 -Username $newAccount -Password $newPassword
$result = Invoke-SshCommand -ComputerName $IPOA1 -Command $ribCLadd -Quiet #creating new iLO account
if ($result -notmatch "Not a valid request while running in standby mode.") { #do if current OA is not standby
if (($result -notmatch "Cannot add user") -and ($result -notmatch "Syntax error|login name was not found")) {
[io.file]::AppendAllText("$logFile",";OK")
$result = Invoke-SshCommand -ComputerName $IPOA1 -Command $ribCLedit -Quiet #demoting old account
if ($result -notmatch "Syntax error|login name was not found") { #if there is no syntax error or wrong login name
[io.file]::AppendAllText("$logFile",";OK")
}
else {
[io.file]::AppendAllText("$logFile",";NOK")
Add-Content $errorLog $result
}
Remove-SshSession -ComputerName $IPOA1
}
else {
[io.file]::AppendAllText("$logFile",";NOK")
[io.file]::AppendAllText("$logFile",";")
Add-Content $errorLog $result
Remove-SshSession -ComputerName $IPOA1
}
}
else { #do if current OA is standby
Remove-SshSession -ComputerName $IPOA1
New-SshSession -ComputerName $IPOA2 -Username $newAccount -Password $newPassword
$result = Invoke-SshCommand -ComputerName $IPOA2 -Command $ribCLadd -Quiet #creating new iLO account
if ($result -notmatch "Cannot add user") {
[io.file]::AppendAllText("$logFile",";OK")
$result = Invoke-SshCommand -ComputerName $IPOA2 -Command $ribCLedit -Quiet #demoting old account
if ($result -notmatch "Syntax error|login name was not found") { #if there is no syntax error or wrong login name
[io.file]::AppendAllText("$logFile",";OK")
}
else {
[io.file]::AppendAllText("$logFile",";NOK")
Add-Content $errorLog $result
}
Remove-SshSession -ComputerName $IPOA2
}
else {
[io.file]::AppendAllText("$logFile",";NOK")
[io.file]::AppendAllText("$logFile",";")
Add-Content $errorLog $result
Remove-SshSession -ComputerName $IPOA2
}
}
#Code for virtual connect
New-SshSession -ComputerName $IPVC1 -Username $oldAccount -Password $oldPassword
$result = Invoke-SshCommand -ComputerName $IPVC1 -Command "add user $newaccount Password=$newPassword Enabled=true Privileges=*" -Quiet #creating new account with all privileges
if ($result -ne "") { #if this is not standby VC
if ($result -notmatch "ERROR:") {
[io.file]::AppendAllText("$logFile",";OK")
Remove-SshSession -ComputerName $IPVC1
New-SshSession -ComputerName $IPVC1 -Username $newAccount -Password $newPassword #connecting with new account
$result = Invoke-SshCommand -ComputerName $IPVC1 -Command "set user $oldAccount Privileges=''" -Quiet #demoting old account
if ($result -match "SUCCESS:") {
Add-Content $logFile ";OK"
}
else {
Add-Content $logFile ";NOK"
Add-Content $errorLog $result
}
Remove-SshSession -ComputerName $IPVC1
}
else {
[io.file]::AppendAllText("$logFile",";NOK")
Add-Content $logFile ";"
Add-Content $errorLog $result
Remove-SshSession -ComputerName $IPVC1
}
}
else {
Remove-SshSession -ComputerName $IPVC1
New-SshSession -ComputerName $IPVC2 -Username $oldAccount -Password $oldPassword
$result = Invoke-SshCommand -ComputerName $IPVC2 -Command "add user $newaccount Password=$newPassword Enabled=true Privileges=*" -Quiet #creating new account with all privileges
if ($result -notmatch "ERROR:") {
[io.file]::AppendAllText("$logFile",";OK")
Remove-SshSession -ComputerName $IPVC2
New-SshSession -ComputerName $IPVC2 -Username $newAccount -Password $newPassword
$result = Invoke-SshCommand -ComputerName $IPVC2 -Command "set user $oldAccount Privileges=''" -Quiet #demoting old account
if ($result -match "SUCCESS:") {
Add-Content $logFile ";OK"
}
else {
Add-Content $logFile ";NOK"
Add-Content $errorLog $result
}
Remove-SshSession -ComputerName $IPVC2
}
else {
[io.file]::AppendAllText("$logFile",";NOK")
Add-Content $logFile ";"
Add-Content $errorLog $result
Remove-SshSession -ComputerName $IPVC2
}
}
} #end foreach