Skip to content

Releases: pspete/psPAS

v6.4.85

04 Jun 21:49
Compare
Choose a tag to compare

psPAS v6.4.85

[6.4.85]

Added

  • N/A

Updated

  • N/A

Fixed

  • Set-PASUser
    • Adds logic to not attempt conversion to unix time if expiry date is not a valid datetime object, this resolves an issue where an error was raised when updating an account with an existing value for the expirydate property
    • Adds logic to not apply time zone offset when specifying Unix epoch time to remove an expiry date from an account which could previously result in an invalid time value in non-GMT time zones.

v6.4.80

01 May 21:32
Compare
Choose a tag to compare

psPAS v6.4.80

6.4.80

Includes a general update across multiple module commands to ensure commands which are specific to self-hosted implementations are not able to be run against Privilege Cloud, and any commands which are specific to Privilege Cloud are not able to be run against a Self-Hosted solution.

Added

  • Get-PASIPAllowList
    • Privilege Cloud only command to show IP Allow List
  • Set-PASIPAllowList
    • Privilege Cloud only command to set IP Allow List
  • Get-PASBYOKConfig
    • Privilege Cloud only command to show BYOK Config
  • Publish-PASDiscoveredLocalAccount
    • Privilege Cloud only command to publish discovered local account
  • Get-PASDiscoveredLocalAccountActivity
    • Privilege Cloud only command to show discovered local account activity
  • Get-PASDiscoveredLocalAccount
    • Privilege Cloud only command to show local discovered account details
  • Clear-PASDiscoveredLocalAccount
    • Privilege Cloud only command to delete all discovered local accounts from the Pending Accounts list.
  • Add-PASDiscoveredLocalAccount
    • Privilege Cloud only command to add a specific local account to the Discovered Accounts list
  • Remove-PASDiscoveredLocalAccount
    • Privilege Cloud only command to remove a local account from the Discovered Accounts list

Updated

  • Invoke-PASRestMethod
    • Improvements to error handling

Fixed

  • Get-PASPSMRecording
    • Fixes result paging issue
  • Get-PASPSMSession
    • Fixes result paging issue

v6.3.78

21 Mar 23:24
Compare
Choose a tag to compare

psPAS v6.3.78

Added

  • N/A

Updated

  • Get-PASPSMRecording
    • In-line with PVWA default operation:
      • Changed the default limit for each page of results to 100, in-line with PVWA default values
      • Updated to return recordings from the last 48 hours by default when FromTime & ToTime parameters are not specified.
    • When specifying ToTime without FromTime, recordings from the 48 hours before ToTime are returned.
      • This avoids potential for unintentionally long running queries which return details of many recording from the vault.
  • Set-PASUser
    • Updated to query for, and send, any existing user properties, which are not being specifically updated, with the request.
      • Previously, due to the PUT operation used by the API, any properties not specified in a request would be cleared on the user object.
      • This update allows single properties to be updated without having to specify all properties.
    • Allows Empty argument for unAuthorizedInterfaces & vaultAuthorization parameters to enable set values to be cleared.
    • Corrects ValidateSet for unAuthorizedInterfaces parameter.
  • Set-PASSafe
    • Updated to query for, and send, any existing properties, which are not being specifically updated, with the request.
      • Previously, due to the PUT operation used by the API, any properties not specified in a request would be cleared on the object.
      • This update allows single properties to be updated without having to specify all properties.
  • Set-PASOpenIDConnectProvider
    • Updated to query for, and send, any existing properties, which are not being specifically updated, with the request.
      • Previously, due to the PUT operation used by the API, any properties not specified in a request would be cleared on the object.
      • This update allows single properties to be updated without having to specify all properties.
      • Number of mandatory parameters required to be specified has been reduced
  • Set-PASPTARule
    • Updated to query for, and send, any existing properties, which are not being specifically updated, with the request.
      • Previously, due to the PUT operation used by the API, any properties not specified in a request would be cleared on the object.
      • This update allows single properties to be updated without having to specify all properties.
      • Number of mandatory parameters required to be specified has been reduced
  • Set-PASDirectoryMapping
    • Updated to query for, and send, any existing properties, which are not being specifically updated, with the request.
      • Previously, due to the PUT operation used by the API, any properties not specified in a request would be cleared on the object.
      • This update allows single properties to be updated without having to specify all properties.
      • Number of mandatory parameters required to be specified has been reduced
  • New-PASOnboardingRule
    • Reordered parameters to simplify tab completion options
  • Set-PASOnboardingRule
    • Updated to query for, and send, any existing properties, which are not being specifically updated, with the request.
      • Previously, due to the PUT operation used by the API, any properties not specified in a request would be cleared on the object.
      • This update allows single properties to be updated without having to specify all properties.
      • Number of mandatory parameters required to be specified has been reduced
  • Set-PASPlatformPSMConfig
    • Updated to query for, and send, any existing properties, which are not being specifically updated, with the request.
      • Previously, due to the PUT operation used by the API, any properties not specified in a request would be cleared on the object.
      • This update allows single properties to be updated without having to specify all properties.
      • Number of mandatory parameters required to be specified has been reduced
  • Set-PASSafeMember
    • Updated to query for, and send, any existing properties, which are not being specifically updated, with the request.
      • Previously, due to the PUT operation used by the API, any properties not specified in a request would be cleared on the object.
      • This update allows single properties to be updated without having to specify all properties.
  • New-PASUser
    • In-line with update to Set-PASUser
      • Allows Empty argument for unAuthorizedInterfaces & vaultAuthorization parameters.
      • Corrects ValidateSet for unAuthorizedInterfaces parameter.
  • Get-PASComponentDetail
    • Adds assertion that command specifying PTA component must be executed against a self hosted implementation as invocation against privilege cloud is not supported.
  • Add-PASAccountACL
    • Adds assertion that command must be executed against a self hosted implementation as invocation against privilege cloud is not supported.
  • Get-PASAccountACL
    • Adds assertion that command must be executed against a self hosted implementation as invocation against privilege cloud is not supported.
  • Remove-PASAccountACL
    • Adds assertion that command must be executed against a self hosted implementation as invocation against privilege cloud is not supported.
  • Invoke-PASCPMOperation
    • Adds assertion that Gen1 verify task must be executed against a self hosted implementation as invocation against privilege cloud is not supported.
  • Set-PASAccount
    • Adds assertion that Gen1 task must be executed against a self hosted implementation as invocation against privilege cloud is not supported.
  • Close-PASSession
    • Adds assertion that Shared Authentication logoff request is executed against a self hosted implementation as invocation against privilege cloud is not supported.
  • New-PASSession
    • Adds assertion that Shared Authentication logon request is executed against a self hosted implementation as invocation against privilege cloud is not supported.
  • Add-PASPolicyACL
    • Adds assertion that command must be executed against a self hosted implementation as invocation against privilege cloud is not supported.
  • Get-PASPolicyACL
    • Adds assertion that command must be executed against a self hosted implementation as invocation against privilege cloud is not supported.
  • Remove-PASPolicyACL
    • Adds assertion that command must be executed against a self hosted implementation as invocation against privilege cloud is not supported.
  • Remove-PASSafeMember
    • Adds assertion that command using Gen1 parameters must be executed against a self hosted implementation as invocation against privilege cloud is not supported.
  • Assert-VersionRequirement
    • Updates helper function to provide ability to assert if command is being run against self-hosted or privilege cloud implementation.

Fixed

  • N/A

v6.2.68

20 Feb 20:02
Compare
Choose a tag to compare

psPAS v6.2.68

6.2.68

Introducing enhancements to psPAS session related data.

Using the Get-PASSession command, users of the module can now get data on session start time, elapsed time since authentication as well as details of the last command run, the raw results returned from the api, as well as any detail of the last error which may have been received during the session.

This update makes troubleshooting API commands and expected results much easier from both an end user and module support perspective.

PS> Get-PASSession

Name                           Value
----                           -----
BaseURI                        https://sometenant.privilegecloud.cyberark.cloud/PasswordVault
User                           someuser@cyberark.cloud.1312
ExternalVersion                14.0.0
WebSession                     Microsoft.PowerShell.Commands.WebRequestSession
StartTime                      20/02/2024 18:14:01
ElapsedTime                    00:04:03
LastCommand                    System.Management.Automation.InvocationInfo
LastCommandTime                20/02/2024 18:18:03
LastCommandResults             {"Users":[{"id":26,"username":"[email protected]","source":"CyberArk","userType":"SomeType",...
LastError                      {"ErrorCode":"PASWS041E","ErrorMessage":"You are not authorized to perform this action."}
LastErrorTime                  20/02/2024 18:13:12

To realise this update, lots of module wide changes to all module commands have been required; while no change to the general operation of the psPAS module should be noticed - do raise an issue if something does not appear correct.

Added

  • N/A

Updated

  • Get-PASSession
    • makes additional information available to users running the command
      • authentication time
      • session length
      • last command and result data
      • last error details
  • New-PASPSMSession
    • RDP and PSMGW connections will be automatically opened when issuing connection request.
  • New-PASSession
    • Adds logic around getting the logged on user name for either self-hosted or privilege cloud deployments
  • PSM Session Data Formats
    • Adds Start & End to standard table view output
    • Formats Start & End as standard datetime instead of unixtime.

Fixed

  • Add-PASGroupMember,Remove-PASGroup,Set-PASGroup
    • Standardises name of ID parameter.
    • Adds GroupID alias to ID parameter.

v6.1.62

07 Feb 00:51
Compare
Choose a tag to compare

psPAS v6.1.62

6.1.62

Added

  • N/A

Updated

  • Get-PASPSMRecording
    • Removes Offset Parameter
    • Updates FromTime & ToTime parameters to [datetime] types
    • Returns all pages of results instead of only the first page of results
  • Get-PASPSMSession
    • Removes Offset Parameter
    • Updates FromTime & ToTime parameters to [datetime] types
    • Returns all pages of results instead of only the first page of results
  • Get-PASAccount
    • Removes Offset Parameter
  • Get-PASDiscoveredAccount
    • Removes Offset Parameter

Fixed

  • Get-PASSession
    • Removes UserName from command output, avoiding error condition on expired session.
  • Get-PASPlatform
    • Adds search parameter to the default targets parameterset
  • ISPSS Error Handling
    • Fixes issue where error returned from ISPSS solution may not be handled properly

v6.1.50

01 Feb 01:32
Compare
Choose a tag to compare

psPAS v6.1.50

Module update to cover all CyberArk 14.0 API features

Added

  • New commands supported from 14.0:
    • Add-PASPTAExcludedTarget
    • Add-PASPTAIncludedTarget
    • Add-PASPTAPrivilegedGroup
    • Add-PASPTAPrivilegedUser
    • Get-PASPTAExcludedTarget
    • Get-PASPTAIncludedTarget
    • Get-PASPTAPrivilegedGroup
    • Get-PASPTAPrivilegedUser
    • Remove-PASPTAExcludedTarget
    • Remove-PASPTAIncludedTarget
    • Remove-PASPTAPrivilegedGroup
    • Remove-PASPTAPrivilegedUser
  • Get-PASLinkedGroup
    • New experimental command based on undocumented API.

Updated

  • Get-PASAccountActivity
    • Adds Gen2 replacement for deprecated Gen1 API.
    • Updates default operation to target Gen2 API.
  • Get-PASPTARiskEvent
    • New filter parameters FromTime & ToTime
    • Fixes output and result paging
  • Set-PASPTARiskEvent
    • New parameters closeReason & reasonText
    • General Fixes
  • New-PASDirectoryMapping
    • New parameters UsedQuota, AuthorizedInterfaces & EnableENEWhenDisconnected
  • Set-PASDirectoryMapping
    • New parameters UsedQuota, AuthorizedInterfaces & EnableENEWhenDisconnected

Fixed

  • Invoke-PASRestMethod
    • Avoids potential error condition when handling errors in ISPSS environments

v6.0.30

13 Nov 22:46
Compare
Choose a tag to compare

psPAS v6.0.30

Added

  • N/A

Updated

  • Add-PASPTARule & Set-PASPTARule
    • Adds scope parameters vaultUsersMode, vaultUsersList, machinesMode & machinesList
    • Includes scope property in output by default

Fixed

  • Add-PASApplication
    • Updates date format of ExpirationDate to MM/dd/yyyy. Resolves issue observed when sending date format of MM-dd-yyyy
  • Set-PASPTAEvent & Set-PASPTARiskEvent
    • Fixes issue where websession object and auth header were not being sent with the request

v6.0.21

08 Oct 19:34
Compare
Choose a tag to compare

psPAS v6.0.21

Added

  • N/A

Updated

  • N/A

Fixed

  • Debug Trace Output
    • Resolves condition where authentication password value might be revealed in debug trace output in a scenario where Set-PSDebug -Trace 2 is active in the console host.

v6.0.18

05 Oct 23:19
Compare
Choose a tag to compare

psPAS v6.0.18

Changed

  • Set-PASSafe
    • Allows 0 as valid value for parameter NumberOfDaysRetention
  • Get-PASServerWebService
    • Depreciates Gen1 endpoint from 13.2. Adds Gen2 endpoint as default.
  • Get-PASSafeShareLogo
    • Depreciates command from 13.2.
  • Invoke-PASCPMOperation
    • Depreciates Gen1 endpoint from 13.2.
  • Get-PASAccountActivity
    • Depreciates command from 13.2.
  • Add-PASPendingAccount
    • Depreciates command from 13.2.

Fixed

  • Get-PASAccount
    • Resolves issue where, if number of results of a SavedFilter are greater than the page size (either default or set via the limit parameter), only the URL of the first request sent would include the SavedFilter value.

v6.0.4

06 Sep 21:14
Compare
Choose a tag to compare

psPAS v6.0.4

  • Updated
    • Add-PASSafeMember
      • Adds 'Role' to acceptable values in ParameterSet for memberType parameter