Skip to content

PowerAruba/PowerArubaCP

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

PowerArubaCP

This is a Powershell module for configure an Aruba ClearPass (CPPM).

With this module (version 0.7.0) you can manage:

There is some extra feature

More functionality will be added later.

Tested with Aruba ClearPass (using release 6.8.x, 6.9.x, 6.10.x, 6.11.x and 6.12.x)
Application Licence, Service and Static Host List are not supported on Clearpass < 6.8.0
Device Fingerprint are not supported on Clearpass < 6.9.0

Usage

All resource management functions are available with the Powershell verbs GET, ADD, SET, REMOVE.
For example, you can manage NAS (NetworkDevice) with the following commands:

  • Get-ArubaCPNetworkDevice
  • Add-ArubaCPNetworkDevice
  • Set-ArubaCPNetworkDevice
  • Remove-ArubaCPNetworkDevice

Requirements

  • Powershell 5 or 6.x/7.x (Core) (If possible get the latest version)
  • A ClearPass (with release >= 6.8.x) and API Client enable

Instructions

Install the module

# Automated installation (Powershell 5 and later):
    Install-Module PowerArubaCP

# Import the module
    Import-Module PowerArubaCP

# Get commands in the module
    Get-Command -Module PowerArubaCP

# Get help
    Get-Help Add-ArubaCPNetworkDevice -Full

Examples

Connecting to the ClearPass using API

The first thing to do is to get API Client there is two methods to connect, using client_id/client_secret or token

Use API client_id/client_secret

Go on WebGUI of your ClearPass, on Guest Modules
Go on Administration => API Services => API Clients


Create a New API Client

  • Client ID : a client name (for example PowerArubaCP)
  • Operator Profile : Super Administrator
  • Grant type : Client credentials
  • Access Token Lifetime : You can increment ! (24 hours !)

Click on Create API Client

# Connect to the Aruba Clearpass using client_id/client_secret
    Connect-ArubaCP 192.0.2.1 -client_id PowerArubaCP -client_secret QRFttyxOmWX3NopMIYzKysj30wvIMxAwB6kUy7uJc67B

    Name                           Value
    ----                           -----
    token                          7aa3de0be5ea230ea92b6de0bafa14d7a76e2305
    invokeParams                   {DisableKeepAlive, SkipCertificateCheck}
    server                         192.0.2.1
    port                           443
    version                        6.8.4

Use API Token

Like for client_id/client_secret, generate a API Client but you don't need to store the Client Secret

On API Clients List, select the your client

Click on Generate Access Token


And kept the token (for example : 70680f1d19f86110800d5d5cb4414fbde7be12ae)

After connect to an Aruba ClearPass with the command Connect-ArubaCP :

# Connect to the Aruba Clearpass using Token
    Connect-ArubaCP 192.0.2.1 -token 70680f1d19f86110800d5d5cb4414fbde7be12ae

    Name                           Value
    ----                           -----
    token                          70680f1d19f86110800d5d5cb4414fbde7be12ae
    invokeParams                   {DisableKeepAlive, SkipCertificateCheck}
    server                         192.0.2.1
    port                           443
    version                        6.8.4

Invoke API

for example to get ClearPass version

# get ClearPass version using API
    Invoke-ArubaCPRestMethod -method "get" -uri "api/cppm-version"

    app_major_version   : 6
    app_minor_version   : 7
    app_service_release : 2
    app_build_number    : 105008
    hardware_version    : CLABV
    fips_enabled        : False
    eval_license        : False
    cloud_mode          : False

if you get a warning about Unable to connect Look Issue

to get API uri, go to ClearPass Swagger (https://CPPM-IP/api-docs)

And chooce a service (for example Platform)

API Client

You can create a new API Client Add-ArubaCPApiClient, retrieve its informations Get-ArubaCPApiClient or delete it Remove-ArubaCPApiClient.

# Create an API Client
    Add-ArubaCPApiClient -client_id MyAPIClient -grant_types client_credentials -profile_id 1

    client_id                    : MyAPIClient
    client_secret                : $2y$10$OXRszKzBSH7hP5QwgZ3cCuNZwbGaddb767l0Kx52Ww.RPEhBfbj6u
    client_description           :
    grant_types                  : client_credentials
    redirect_uri                 :
    operating_scope              :
    profile_id                   : 1
    auto_confirm                 : False
    enabled                      : True
    scope                        :
    user_id                      :
    access_lifetime              : 8 hours
    refresh_lifetime             : 14 days
    operating_scope_label        : ClearPass REST API
    profile_name                 : Super Administrator
    client_public                : False
    client_refresh               : False
    access_token_lifetime        : 8
    access_token_lifetime_units  : hours
    refresh_token_lifetime       : 14
    refresh_token_lifetime_units : days
    id                           : MyAPIClient
    _links                       : @{self=}


# Get information about API Client
    Get-ArubaCPApiClient -client_id MyAPIClient | Format-Table

    client_id   client_secret      client_description grant_types        redirect_uri operating_scope profile_id auto_confirm enabled scope
    ---------   -------------      ------------------ -----------        ------------ --------------- ---------- ------------ ------- -----
    MyAPIClient $2y$10$OXRszKzB...                    client_credentials                              1                 False    True

# Remove an API Client
    $ac = Get-ArubaCPApiClient -client_id MyAPIClient
    $ac | Remove-ArubaCPApiClient

    Confirm
    Are you sure you want to perform this action?
    Performing the operation "Remove API Client" on target "MyAPIClient".
    [Y] Yes  [A] Yes to All  [N] No  [L] No to All  [S] Suspend  [?] Help (default is "Y"):

Application License

You can create add Application License Add-ArubaCPApplicationLicense, retrieve its information Get-ArubaCPApplicationLicense or delete it Remove-ArubaCPApplicationLicense.

# Add Application License (Onboard)
    Add-ArubaCPApplicationLicense -product_name Onboard -license_key "-----BEGIN CLEARPASS ONBOARD LICENSE KEY----- .... "

    id                : 3002
    product_id        : 8
    product_name      : Onboard
    license_key       : -----BEGIN CLEARPASS ONBOARD LICENSE KEY-----
                        .......
                        -----END CLEARPASS ONBOARD LICENSE KEY-----
    license_type      : Evaluation
    user_count        : 100
    duration          : 90
    duration_units    : days
    license_added_on  : 18/04/2021 13:45:27
    activation_status : False
    _links            : @{self=}


# Get information about Application License
    Get-ArubaCPApplicationLicense -product_name Onboard | Format-Table

    id product_id product_name license_key
    -- ---------- ------------ -----------
    3002          8 Onboard      -----BEGIN CLEARPASS ONBOARD LICENSE KEY-----...

# Remove Application License Onboard
    $al = Get-ArubaCPApplicationLicense -product_name Onboard
    $al | Remove-ArubaCPApplicationLicense

    Confirm
    Are you sure you want to perform this action?
    Performing the operation "Remove Application License" on target "3002 (Onboard)".
    [Y] Yes  [A] Yes to All  [N] No  [L] No to All  [S] Suspend  [?] Help (default is "Y"):

Authentication Method and Source

You can retrieve its Authentication information of Method (EAP, PAP...) Get-ArubaCPAuthMethod or Source (LDAP, HTTP...) Get-ArubaCPAuthSource

# Get Auth Method information
    Get-ArubaCPAuthMethod

    id            : 1
    name          : [PAP]
    description   : Default settings for PAP
    method_type   : PAP
    details       : @{encryption_scheme=auto}
    inner_methods : {}
    _links        : @{self=}

    id            : 2
    name          : [MSCHAP]
    description   : Default settings for MSCHAP
    method_type   : MSCHAP
    details       :
    inner_methods : {}
    _links        : @{self=}

    id            : 3
    name          : [EAP TLS]
    description   : Default settings for EAP-TLS
    method_type   : EAP-TLS
    details       : @{override_cert_url=false; ocsp_enable=none; session_cache_enable=true; autz_required=true; certificate_comparison=none; 
                    session_timeout=6}
    inner_methods : {}
    _links        : @{self=}
    ...

# Get Auth Source information
    Get-ArubaCPAuthSource | Format-List

    id name                         description                                                                        type  use_for_authorization
    -- ----                         -----------                                                                        ----  ---------------------
    1 [Local User Repository]      Authenticate users against Policy Manager local user database                      Local                  True
    2 [Guest User Repository]      Authenticate guest users against Policy Manager local database                     Local                  True
    3 [Guest Device Repository]    Authenticate guest devices against Policy Manager local database                   Local                  True
    4 [Endpoints Repository]       Authenticate endpoints against Policy Manager local database                       Local                  True
    5 [Onboard Devices Repository] Authenticate Onboard devices against Policy Manager local database                 Local                  True
    6 [Admin User Repository]      Authenticate users against Policy Manager admin user database                      Local                  True
    7 [Denylist User Repository]   Denylist database with users who have exceeded bandwidth or session related limits Local                  True
    9 [Time Source]                Authorization source for implementing various time functions                       Local                  True
   10 [Social Login Repository]    Authenticate users against Policy Manager social login database                    Local                  True
  100 [Zone Cache Repository]      Access attributes cached by Context Server Actions in previous sessions            HTTP                   True
    8 [Insight Repository]         Insight database with session information for users and devices                    Local                  True

Certificate

You can retrieve its Cluster Certificate information of Method (HTTPS, RadSec, Database...) Get-ArubaCPClusterCertificate, Server (HTTPS, RadSec, Database...) Get-ArubaCPServerCertificate or Service Get-ArubaCPServiceCertificate or Certificate Trust List Get-ArubaCPServiceCertificate

# Get Cluster Certificate
    Get-ArubaCPClusterCertificate

    service_id           : 1
    service_name         : RADIUS
    certificate_type     : RADIUS Server Certificate
    subject              : CN=secure.arubademo.net
    expiry_date          : Mar 15, 2024 20:21:15 PDT
    issue_date           : Feb 12, 2023 19:21:15 PST
    issued_by            : CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US
    validity             : Valid
    root_ca_cert         :
    intermediate_ca_cert : {@{subject=CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US; 
                        expiry_date=May 03, 2031 00:00:00 PDT; issue_date=May 03, 2011 00:00:00 PDT; issued_by=CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", 
                        L=Scottsdale, ST=Arizona, C=US; validity=Valid; public_key_algorithm=RSA}, @{subject=CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, 
                        ST=Arizona, C=US; expiry_date=May 30, 2031 00:00:00 PDT; issue_date=Dec 31, 2013 23:00:00 PST; issued_by=OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy 
                        Group, Inc.", C=US; validity=Valid; public_key_algorithm=RSA}}
    cert_file            : -----BEGIN CERTIFICATE-----
                        [...]
                        -----END CERTIFICATE-----
    enabled              : True
    public_key_algorithm : RSA

    service_id           : 2
    service_name         : HTTPS(ECC)
    certificate_type     : HTTPS(ECC) Server Certificate
    subject              : CN=clearpass-sjc1.arubademo.net
    expiry_date          : Jun 07, 2025 15:36:29 PDT
    issue_date           : Jun 08, 2023 15:36:29 PDT
    issued_by            : CN=clearpass-sjc1.arubademo.net
    validity             : Valid
    root_ca_cert         :
    intermediate_ca_cert : {}
    cert_file            : -----BEGIN CERTIFICATE-----
                        [...]
                        -----END CERTIFICATE-----
    enabled              : False
    public_key_algorithm : EC

    service_id           : 7
    service_name         : HTTPS(RSA)
    certificate_type     : HTTPS(RSA) Server Certificate
    subject              : CN=*.arubademo.net
    expiry_date          : Jul 20, 2024 13:32:07 PDT
    issue_date           : Jul 24, 2023 12:43:51 PDT
    issued_by            : CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US
    validity             : Valid
    root_ca_cert         : @{subject=OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US; expiry_date=Jun 29, 2034 10:06:20 PDT; issue_date=Jun 29, 2004 10:06:20 
                        PDT; issued_by=OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US; validity=Valid; public_key_algorithm=RSA}
    intermediate_ca_cert : {@{subject=CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US; 
                        expiry_date=May 03, 2031 00:00:00 PDT; issue_date=May 03, 2011 00:00:00 PDT; issued_by=CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", 
                        L=Scottsdale, ST=Arizona, C=US; validity=Valid; public_key_algorithm=RSA}, @{subject=CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, 
                        ST=Arizona, C=US; expiry_date=May 30, 2031 00:00:00 PDT; issue_date=Dec 31, 2013 23:00:00 PST; issued_by=OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy 
                        Group, Inc.", C=US; validity=Valid; public_key_algorithm=RSA}}
    cert_file            : -----BEGIN CERTIFICATE-----
                        [...]
                        -----END CERTIFICATE-----
    enabled              : True
    public_key_algorithm : RSA

    service_id           : 21
    service_name         : RadSec
    certificate_type     : RadSec Server Certificate
    subject              : CN=clearpass-sjc1.arubademo.net
    expiry_date          : May 11, 2025 14:33:46 PDT
    issue_date           : Nov 20, 2019 13:33:46 PST
    issued_by            : CN=clearpass-sjc1.arubademo.net
    validity             : Valid
    root_ca_cert         :
    intermediate_ca_cert : {}
    cert_file            : -----BEGIN CERTIFICATE-----
                        [...]
                        -----END CERTIFICATE-----
    enabled              : True
    public_key_algorithm : RSA

    service_id           : 106
    certificate_type     : Database Server Certificate
    subject              : O=PolicyManager, CN=clearpass-sjc1.arubademo.net
    expiry_date          : Mar 18, 2027 16:36:57 PDT
    issue_date           : Mar 18, 2022 16:36:57 PDT
    issued_by            : O=PolicyManager, CN=clearpass-sjc1.arubademo.net
    validity             : Valid
    root_ca_cert         : 
    intermediate_ca_cert : {}
    cert_file            : -----BEGIN CERTIFICATE-----
                        [...]
                        -----END CERTIFICATE-----
    enabled              : True
    public_key_algorithm : RSA

# Get Server Certificate RadSec from Server clearpass-sjc1.arubademo.net
    $server_uuid = (Get-ArubaCPServerConfiguration -name clearpass-sjc1.arubademo.net).server_uuid
    Get-ArubaCPServerCertificate -server_uuid $server_uuid -service_name "RadSec"

    service_id           : 21
    service_name         : RadSec
    certificate_type     : RadSec Server Certificate
    subject              : CN=clearpass-sjc1.arubademo.net
    expiry_date          : May 11, 2025 14:33:46 PDT
    issue_date           : Nov 20, 2019 13:33:46 PST
    issued_by            : CN=clearpass-sjc1.arubademo.net
    validity             : Valid
    root_ca_cert         :
    intermediate_ca_cert : {}
    cert_file            : -----BEGIN CERTIFICATE-----
                        [...]
                        -----END CERTIFICATE-----
    enabled              : True
    public_key_algorithm : RSA
    _links               : @{self=}

# Get Service Certificate
    Get-ArubaCPServiceCertificate

    id                   : 3147
    subject              : CN=*.arubademo.net
    expiry_date          : Jul 20, 2024 13:32:07 PDT
    issue_date           : Jul 24, 2023 12:43:51 PDT
    issued_by            : CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US
    validity             : Valid
    root_ca_cert         : @{subject=OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US; expiry_date=Jun 29, 2034 10:06:20 PDT; issue_date=Jun 29, 2004 10:06:20 
                        PDT; issued_by=OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US; validity=Valid}
    intermediate_ca_cert : {@{subject=CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US; 
                        expiry_date=May 03, 2031 00:00:00 PDT; issue_date=May 03, 2011 00:00:00 PDT; issued_by=CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", 
                        L=Scottsdale, ST=Arizona, C=US; validity=Valid}, @{subject=CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US; 
                        expiry_date=May 30, 2031 00:00:00 PDT; issue_date=Dec 31, 2013 23:00:00 PST; issued_by=OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", 
                        C=US; validity=Valid}}
    cert_file            : -----BEGIN CERTIFICATE-----
                        [...]
                        -----END CERTIFICATE-----
    _links               : @{self=}

    ...

# Get Certificate Trust List (with details)

    Get-ArubaCPCertTrustList -details

    id                  : 2029
    subject_DN          : CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB
    issue_date          : 2010/01/18 16:00:00
    expiry_date         : 2038/01/18 15:59:59
    enabled             : True
    valid               : valid
    signature_algorithm : SHA384WITHRSA
    public_key_format   : X.509
    serial_number       : 101909084537582093308941363524873193117
    cert_usage          : {Others}
    issuer_DN           : C=GB,ST=Greater Manchester,L=Salford,O=COMODO CA Limited,CN=COMODO RSA Certification Authority
    _links              : @{self=}

    id                  : 2012
    subject_DN          : OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US
    issue_date          : 1996/01/28 16:00:00
    expiry_date         : 2028/08/02 16:59:59
    enabled             : False
    valid               : valid
    signature_algorithm : SHA1WITHRSA
    public_key_format   : X.509
    serial_number       : 80507572722862485515306429940691309246
    cert_usage          : {Others}
    issuer_DN           : C=US,O=VeriSign\, Inc.,OU=Class 3 Public Primary Certification Authority
    _links              : @{self=}

    [...]

ClearPass Version

You can retrieve its informations Get-ArubaCPCPPMVersion.

# Get ClearPass Version information 
    Get-ArubaCPCPPMVersion

    app_major_version   : 6
    app_minor_version   : 9
    app_service_release : 5
    app_build_number    : 131053
    hardware_version    : CLABV
    fips_enabled        : False
    cc_enabled          : False
    eval_license        : True
    cloud_mode          : False

Device Fingerprint

You can add Device Fingerprint Add-DeviceFingerprint, retrieve its informations Get-DeviceFingerprint.

# Add Device Fingerprint (Device category, Family and name)
    Add-ArubaCPDeviceFingerprint -mac_address 000102030405 -device_category Server -device_family ClearPass -device_name ClearPass VM

    SUCCESS                                            _links
    -------                                            ------
    Successfully posted device fingerprint to profiler @{self=}

# Add Device Fingerprint (IP Address)
    Add-ArubaCPDeviceFingerprint -mac_address 000102030405 -ip 192.2.0.1

    SUCCESS                                            _links
    -------                                            ------
    Successfully posted device fingerprint to profiler @{self=}

# Add Device Fingerprint (hostname)
    Add-ArubaCPDeviceFingerprint -mac_address 000102030405 -hostname CPPM

    SUCCESS                                            _links
    -------                                            ------
    Successfully posted device fingerprint to profiler @{self=}

# Get information about Device Fingerprint
    Get-ArubaCPEndpoint -mac 000102030405 | Get-ArubaCPDeviceFingerprint

    ip              : 192.0.2.1
    hostname        : CPPM
    updated_at      : 1622904104
    device_category : Server
    device_name     : ClearPass
    device_family   : ClearPass
    mac             : 000102030405
    added_at        : 1622903816
    _links          : @{self=}

Endpoint

You can add Endpoint Add-ArubaCPEndpoint, retrieve its informations Get-ArubaCPEndpoint, modify its properties Set-ArubaCPEndpoint or delete it Remove-ArubaCPEndpoint.

# Add Endpoint (Known)
    Add-ArubaCPEndpoint -mac_address 00:01:02:03:04:05 -status Known

    id          : 3179
    mac_address : 000102030405
    status      : Known
    attributes  :
    _links      : @{self=}

# Get information about Endpoint
    Get-ArubaCPEndpoint | Format-table

    id mac_address  status  attributes _links
    -- -----------  ------  ---------- ------
    3004 00505690da3e Unknown            @{self=}
    3173 00155d27ec00 Unknown            @{self=}
    3003 0050569041da Unknown            @{self=}
    3002 005056afddbb Unknown            @{self=}
    3005 005056af007b Unknown            @{self=}
    3030 00505680fb94 Unknown            @{self=}

# Modified information (status and description) about Endpoint
    Get-ArubaCPEndpoint -mac_address 00:01:02:03:04:05 | Set-ArubaCPEndpoint -status "Unknown" -description "Change by PowerArubaCP"

    id          : 3179
    mac_address : 000102030405
    description : Change by PowerArubaCP
    status      : Unknown
    attributes  :
    _links      : @{self=}

# Remove Endpoint
    $ep = Get-ArubaCPEndpoint -mac_address 00:01:02:03:04:05
    $ep | Remove-ArubaCPEndpoint

    Confirm
    Are you sure you want to perform this action?
    Performing the operation "Remove Endpoint" on target "3174 (000102030405)".
    [Y] Yes  [A] Yes to All  [N] No  [L] No to All  [S] Suspend  [?] Help (default is "Y"):Y

Enforcement

You can retrieve its Enforcement Policy information (name, Type, Rules...) Get-ArubaCPEnforcementPolicy, or Enforcement Profile Get-ArubaCPEnforcementProfile Need ClearPass >= 6.11.0

# Get Enforcement Policy
    Get-ArubaCPEnforcementPolicy

    id                          : 5
    name                        : [Admin Network Login Policy]
    description                 : Enforcement policy controlling access to Policy Manager Admin
    enforcement_type            : TACACS
    default_enforcement_profile : [TACACS+ Deny Profile]
    rule_eval_algo              : evaluate-all
    rules                       : {@{enforcement_profile_names=System.Object[]; condition=System.Object[]}, @{enforcement_profile_names=System.Object[]; condition=System.Object[]}, 
                                @{enforcement_profile_names=System.Object[]; condition=System.Object[]}, @{enforcement_profile_names=System.Object[]; condition=System.Object[]}…}
    _links                      : @{self=}

    id                          : 7
    name                        : [AirGroup Enforcement Policy]
    description                 : Enforcement policy controlling access for AirGroup devices
    enforcement_type            : RADIUS
    default_enforcement_profile : [AirGroup Response]
    rule_eval_algo              : evaluate-all
    rules                       : {@{enforcement_profile_names=System.Object[]; condition=System.Object[]}, @{enforcement_profile_names=System.Object[]; condition=System.Object[]}, 
                                @{enforcement_profile_names=System.Object[]; condition=System.Object[]}, @{enforcement_profile_names=System.Object[]; condition=System.Object[]}}
    _links                      : @{self=}
    [...]

# Get Enforcement Profile
    Get-ArubaCPEnforcementProfile

    id          : 1
    name        : [Allow Access Profile]
    description : System-defined profile to allow network access
    type        : RADIUS
    action      : Accept
    _links      : @{self=}

    id          : 2
    name        : [Deny Access Profile]
    description : System-defined profile to deny network access
    type        : RADIUS
    action      : Reject
    _links      : @{self=}

    id          : 3
    name        : [Drop Access Profile]
    description : System-defined profile to drop the request
    type        : RADIUS
    action      : Drop
    _links      : @{self=}
    [...]

Local User

You can add Endpoint Add-ArubaCPLocalUser, retrieve its informations Get-ArubaCPLocalUser, modify its properties Set-ArubaCPLocalUser or delete it Remove-ArubaCPLocalUser.

# Add Local User
    $mysecurepassword = ConvertTo-SecureString MyPassword -AsPlainText -Force
    Add-ArubaCPLocaluser -user_id MyPowerArubaCP_userid -password $mysecurepassword -role_name "[Employee]"

    id                    : 3085
    user_id               : MyPowerArubaCP_userid
    username              : MyPowerArubaCP_userid
    role_name             : [Employee]
    enabled               : True
    change_pwd_next_login : False
    attributes            :
    _links                : @{self=}

# Get information about Local User
    Get-ArubaCPLocaluser | Format-Table

    id user_id               username              role_name  enabled change_pwd_next_login attributes _links
    -- -------               --------              ---------  ------- --------------------- ---------- ------
    3085 MyPowerArubaCP_userid MyPowerArubaCP_userid [Employee]    True                 False            @{self=}

# Modified information (username and and role) about Local User
    Get-ArubaCPLocaluser -user_id MyPowerArubaCP_userid | Set-ArubaCPLocaluser -username MyPowerArubaCP_username -role [Guest]

    id                    : 3085
    user_id               : MyPowerArubaCP_userid
    username              : MyPowerArubaCP_username
    role_name             : [Guest]
    enabled               : True
    change_pwd_next_login : False
    attributes            :
    _links                : @{self=}

# Remove Local User
    $lu = Get-ArubaCPLocaluser -user_id MyPowerArubaCP_userid
    $lu | Remove-ArubaCPLocaluser

    Confirm
    Are you sure you want to perform this action?
    Performing the operation "Remove Local User" on target "3085 (MyPowerArubaCP_userid)".
    [Y] Yes  [A] Yes to All  [N] No  [L] No to All  [S] Suspend  [?] Help (default is "Y"): Y

Network Device

You can create a new Network Device (NAS) Add-ArubaCPNetworkDevice, retrieve its informations Get-ArubaCPNetworkDevice, modify its properties Set-ArubaCPNetworkDevice, or delete it Remove-ArubaCPNetworkDevice.

# Create a Network Device (NAS)
    Add-ArubaCPNetworkDevice -name SW1 -ip_address 192.0.2.1 -radius_secret MySecurePassword -vendor Aruba -description "Add by PowerArubaCP"

    id            : 3004
    name          : SW1
    description   : Add by PowerArubaCP
    ip_address    : 192.0.2.1
    radius_secret :
    tacacs_secret :
    vendor_name   : Aruba
    coa_capable   : False
    coa_port      : 3799
    attributes    :
    _links        : @{self=}


# Get information about Network Device (NAS)
    Get-ArubaCPNetworkDevice -name SW1 | Format-Table

    id   name description         ip_address radius_secret tacacs_secret vendor_name coa_capable coa_port attributes
    --   ---- -----------         ---------- ------------- ------------- ----------- ----------- -------- ----------
    3004 SW1  Add by PowerArubaCP 192.0.2.1                              Aruba       False       3799

# (Re)Configure Network Device (NAS)
    Get-ArubaCPNetworkDevice -name SW1 | Set-ArubaCPNetworkDevice -ip_address 192.0.2.2 -vendor_name Hewlett-Packard-Enterprise

    id            : 3004
    name          : SW1
    description   :
    ip_address    : 192.0.2.2
    radius_secret :
    tacacs_secret :
    vendor_name   : Hewlett-Packard-Enterprise
    coa_capable   : True
    coa_port      : 3799
    attributes    :
    _links        : @{self=}

# Remove a Network Device (NAS)
    $nad = Get-ArubaCPNetworkDevice -name SW1
    $nad | Remove-ArubaCPNetworkDevice

    Confirm
    Are you sure you want to perform this action?
    Performing the operation "Remove Network device" on target "3344 (SW1)".
    [Y] Yes  [A] Yes to All  [N] No  [L] No to All  [S] Suspend  [?] Help (default is "Y"):

Network Device Group

You can create a new Network Device Group Add-ArubaCPNetworkDeviceGroup, retrieve its informations Get-ArubaCPNetworkDeviceGroup, modify its properties Set-ArubaCPNetworkDeviceGroup, or delete it Remove-ArubaCPNetworkDeviceGroup you can also add Add-ArubaCPNetworkDeviceGroupMember and remove Remove-ArubaCPNetworkDeviceGroupMeMber Member.

# Create a Network Device Group (list IP)
    Add-ArubaCPNetworkDeviceGroup -name NDG-list_ip -list_ip 192.0.2.1, 192.0.2.2

    id           : 3037
    name         : NDG-list_ip
    group_format : list
    value        : 192.0.2.1, 192.0.2.2
    _links       : @{self=}

# Create a Network Device Group (subnet)
    Add-ArubaCPNetworkDeviceGroup -name NDG-subnet -subnet 192.0.2.0/24 -description "Add via PowerArubaCP"

    id           : 3043
    name         : NDG-subnet
    description  : Add via PowerArubaCP
    group_format : subnet
    value        : 192.0.2.0/24
    _links       : @{self=}

# Get information about Network Device Group
    Get-ArubaCPNetworkDeviceGroup | Format-Table

    id name        group_format value                _links
    -- ----        ------------ -----                ------
    3037 NDG-list_ip list         192.0.2.1, 192.0.2.2 @{self=}
    3043 NDG-subnet  subnet       192.0.2.0/24         @{self=}


# (Re)Configure Network Device Group
    Get-ArubaCPNetworkDeviceGroup -name NDG-subnet | Set-ArubaCPNetworkDeviceGroup -description "Modified via PowerArubaCP"

    id           : 3043
    name         : NDG-subnet
    description  : Modified via PowerArubaCP
    group_format : subnet
    value        : 192.0.2.0/24
    _links       : @{self=}

#Add Member on the Network Device Group
    Get-ArubaCPNetworkDeviceGroup -name NDG-list_ip | Add-ArubaCPNetworkDeviceGroupMember -list_ip 192.0.2.3

    id           : 3037
    name         : NDG-list_ip
    group_format : list
    value        : 192.0.2.1, 192.0.2.2, 192.0.2.3
    _links       : @{self=}

#Remove Member on the Network Device Group
    Get-ArubaCPNetworkDeviceGroup -name NDG-list_ip | Remove-ArubaCPNetworkDeviceGroupMember -list_ip 192.0.2.1

    id           : 3037
    name         : NDG-list_ip
    group_format : list
    value        : 192.0.2.2, 192.0.2.3
    _links       : @{self=}

# Remove a Network Device Group
    Get-ArubaCPNetworkDeviceGroup -name NDG-subnet | Remove-ArubaCPNetworkDeviceGroup

    Confirm
    Are you sure you want to perform this action?
    Performing the operation "Remove Network Device Group" on target "3043 (NDG-subnet)".
    [Y] Yes  [A] Yes to All  [N] No  [L] No to All  [S] Suspend  [?] Help (default is "Y"): Y

Role

You can add Role Add-ArubaCPRole, retrieve its informations Get-ArubaCPRole, modify its properties Set-ArubaCPRole or delete it Remove-ArubaCPRole.

# Add Role
    Add-ArubaCPRole -name PowerArubaCP_role

    id   name              _links
    --   ----              ------
    3028 PowerArubaCP_role @{self=}

# Get information about Role
    Get-ArubaCPRole | Format-Table

    id name                            description
    -- ----                            -----------
     3 [Guest]                         Default role for a Guest
    12 [TACACS+ Read-only Admin]       Read-only administrator role for Policy Manager Admin
    13 [TACACS+ API Admin]             API administrator role for Policy Manager Admin
    14 [TACACS+ Help Desk]             Help desk role for Policy Manager Admin
    15 [TACACS+ Receptionist]          Receptionist role for Policy Manager Admin
    16 [TACACS+ Network Admin]         Network administrator role for Policy Manager Admin
    18 [TACACS+ Super Admin]           Super administrator role for Policy Manager Admin
    20 [Contractor]                    Default role for a contractor
    21 [Other]                         Default role for another user or device
    22 [Employee]                      Default role for an employee
    [...]

# Modified information (description) about a role
    Get-ArubaCPRole -name PowerArubaCP_role | Set-ArubaCPRole -description "Change by PowerArubaCP"

    id   name              description            _links
    --   ----              -----------            ------
    3028 PowerArubaCP_role Change by PowerArubaCP @{self=}

# Remove Role
    $r = Get-ArubaCPRole -name PowerArubaCP_role
    $r | Remove-ArubaCProle

    Confirm
    Are you sure you want to perform this action?
    Performing the operation "Remove Role" on target "3028 (PowerArubaCP_role)".
    [Y] Yes  [A] Yes to All  [N] No  [L] No to All  [S] Suspend  [?] Help (default is "Y"): Y

Server

You can get Server Configuration Get-ArubaCPServerConfiguration, or version Get-ArubaCPServerVersion.

# Get Server Configuration
    Get-ArubaCPServerConfiguration

    name                       : CPPM
    local_server               : True
    server_uuid                : 443c73db-aab3-49e4-a701-c21ef6945776
    server_dns_name            : CPPM
    fqdn                       :
    server_ip                  :
    management_ip              : 10.200.11.159
    ipv6_server_ip             :
    ipv6_management_ip         :
    is_publisher               : True
    extras                     :
    is_insight_enabled         : True
    is_insight_primary         : True
    is_perfmon_enabled         : t
    replication_status         : ENABLED
    last_replication_timestamp :
    is_profiler_enabled        : True
    _links                     : @{self=}

# Get Server Version
    Get-ArubaCPServerVersion

    cppm_version  guest_version installed_patches
    ------------  ------------- -----------------
    6.10.0.180076 6.10.0.180076 {}

Service

You can retrieve information about Service Get-ArubaCPService, enable it Enable-ArubaCPService, or disable it Disable-ArubaCPService.

#Get List of Service
    Get-ArubaCPService | Format-Table

    id name                                         type        template                         enabled order_no _links
    -- ----                                         ----        --------                         ------- -------- ------
    10 [Aruba Device Access Service]                TACACS      TACACS+ Enforcement                 True        3 @{self=}
    1  [Policy Manager Admin Network Login Service] TACACS      TACACS+ Enforcement                 True        1 @{self=}
    2  [AirGroup Authorization Service]             RADIUS      RADIUS Enforcement ( Generic )      True        2 @{self=}
    11 [Guest Operator Logins]                      Application Aruba Application Authentication    True        4 @{self=}
    13 [Device Registration Disconnect]             WEBAUTH     Web-based Authentication            True        6 @{self=}
    12 [Insight Operator Logins]                    Application Aruba Application Authentication    True        5 @{self=}

#Enable service on Guest Operator Logins
    Get-ArubaCPService -Name "[Guest Operator Logins]" | Enable-ArubaCPService

    id       : 11
    name     : [Guest Operator Logins]
    type     : Application
    template : Aruba Application Authentication
    enabled  : True
    order_no : 4
    _links   : @{self=}

#Disable service on Guest Operator Logins (id)
    Get-ArubaCPService -id 11 | Disable-ArubaCPService

    id       : 11
    name     : [Guest Operator Logins]
    type     : Application
    template : Aruba Application Authentication
    enabled  : False
    order_no : 4
    _links   : @{self=}

Static Host List

You can add Static Host List Add-ArubaCPStaticHostList, retrieve its informations Get-ArubaCPStaticHostList, modify its properties Set-ArubaCPStaticHostList or delete it Remove-ArubaCPStaticHostList, you can also add Add-ArubaCPStaticHostListMember and Remove Remove-ArubaCPStaticHostListMember Member (MAC or IPAddress).

#Add Static Host List (with IPAddress)
    Add-ArubaCPStaticHostList -name SHL-list-IPAddress -host_format list -host_type IPAddress -host_entries_address 192.0.2.1 -host_entries_description "Add via PowerArubaCP"

    id           : 3040
    name         : SHL-list-IPAddress
    host_format  : list
    host_type    : IPAddress
    host_entries : {@{host_address=192.0.2.1; host_address_desc=Add via PowerArubaCP}}
    _links       : @{self=}

#Add Static Host List (with MACAddress)
    Add-ArubaCPStaticHostList -name SHL-list-MACAddress -host_format list -host_type MACAddress -host_entries_address 00:01:02:03:04:05 -host_entries_description "Add via PowerArubaCP"

    id           : 3041
    name         : SHL-list-MACAddress
    host_format  : list
    host_type    : MACAddress
    host_entries : {@{host_address=00-01-02-03-04-05; host_address_desc=Add via PowerArubaCP}}
    _links       : @{self=}

#Get list of Static Host List
    Get-ArubaCPStaticHostList | Format-Table

    id name                host_format host_type  host_entries                                                                _links
    -- ----                ----------- ---------  ------------                                                                ------
    3040 SHL-list-IPAddress  list        IPAddress  {@{host_address=192.0.2.1; host_address_desc=Add via PowerArubaCP}}         @{self=}
    3041 SHL-list-MACAddress list        MACAddress {@{host_address=00-01-02-03-04-05; host_address_desc=Add via PowerArubaCP}} @{self=}

#(Re)Configure a Static Host List
    Get-ArubaCPStaticHostList -name SHL-list-IPAddress | Set-ArubaCPStaticHostList -description "My SHL IP Address"

    id           : 3040
    name         : SHL-list-IPAddress
    description  : My SHL IP Address
    host_format  : list
    host_type    : IPAddress
    host_entries : {@{host_address=192.0.2.1; host_address_desc=Add via PowerArubaCP}}
    _links       : @{self=}


#Add Member on the Static Host List
    Get-ArubaCPStaticHostList -name SHL-list-MACAddress | Add-ArubaCPStaticHostListMember -host_entries_address 00:01:02:03:04:06 -host_entries_description "Add via PowerArubaCP"

    id           : 3041
    name         : SHL-list-MACAddress
    host_format  : list
    host_type    : MACAddress
    host_entries : {@{host_address=00-01-02-03-04-05; host_address_desc=Add via PowerArubaCP}, @{host_address=00-01-02-03-04-06; 
                host_address_desc=Add via PowerArubaCP}}
    _links       : @{self=}


#Remove Member on the Static Host List
    Get-ArubaCPStaticHostList -name SHL-list-MACAddress | Remove-ArubaCPStaticHostListMember -host_entries_address 00:01:02:03:04:06

    id           : 3041
    name         : SHL-list-MACAddress
    host_format  : list
    host_type    : MACAddress
    host_entries : {@{host_address=00-01-02-03-04-05; host_address_desc=Add via PowerArubaCP}, @{host_address=00-01-02-03-04-06; 
                host_address_desc=Add via PowerArubaCP}}
    _links       : @{self=}

#Remove Static Host List
    Get-ArubaCPStaticHostList -name SHL-list-MACAddress | Remove-ArubaCPStaticHostList

    Confirm
    Are you sure you want to perform this action?
    Performing the operation "Remove Static Host List" on target "3041 (SHL-list-MACAddress)".
    [Y] Yes  [A] Yes to All  [N] No  [L] No to All  [S] Suspend  [?] Help (default is "Y"): Y

Attribute

You can add Attribute Add-ArubaCPAttributesMember, modify its Set-ArubaCPAttributesMember or remove it Remove-ArubaCPAttributesMember for Endpoint, Local User and Network Device

#Add Attribute name "Location and Syslocation" with value PowerArubaCP to network Device NAD-PowerArubaCP
    Get-ArubaCPNetworkDevice -name NAD-PowerArubaCP | Add-ArubaCPAttributesMember -name "Location", "syslocation" -value "PowerArubaCP", "PowerArubaCP"

    id            : 3125
    name          : NAD-PowerArubaCP
    description   : Add by PowerArubaCP
    ip_address    : 192.0.2.1
    radius_secret :
    tacacs_secret :
    vendor_name   : Aruba
    coa_capable   : False
    coa_port      : 3799
    attributes    : @{syslocation=PowerArubaCP; Location=PowerArubaCP}
    _links        : @{self=}

#Set Attribute name "Disabled By" with value PowerArubaCP to Local User MyPowerArubaCP_userid
    Get-ArubaCPLocalUser -user_id MyPowerArubaCP_userid | Set-ArubaCPAttributesMember -attributes @{"Disabled by"="PowerArubaCP"}

    id                    : 3059
    user_id               : MyPowerArubaCP_userid
    username              : MyPowerArubaCP_userid
    role_name             : [Guest]
    enabled               : True
    change_pwd_next_login : False
    attributes            : @{Disabled by=PowerArubaCP}
    _links                : @{self=}

#Remove Attribute name "Disabled By" with value PowerArubaCP to Endpoint 00:01:02:03:04:05
    Get-ArubaCPEndpoint -mac_address 00:01:02:03:04:05 | Remove-ArubaCPAttributesMember -name "Disabled by"

    id          : 3001
    mac_address : 000102030405
    description :
    status      : Unknown
    attributes  : @{Compromised=true}
    _links      : @{self=}

VM

You can use PowerArubaCP for help to deploy ClearPass on VMware ESXi (With a vCenter) You need to have VMware.PowerCLI and Set-VMKeystrokes from William Lam

You can use the following cmdlet (on this order)

  • Deploy-ArubaCPVm Deploy CPPM OVA with add hard disk
  • Set-ArubaCPVmFirstBoot Configure first boot (Model, encrypt...)
  • Set-ArubaCPVmSetup Configure hostname, IP Address, NTP...
  • Set-ArubaCPVmAddLicencePlatform Add Licence Platform
  • Set-ArubaCPVmUpdate Update CPPM (using HTTP(S) or SSH)

a video will be online to see an example of auto deployement

MultiConnection

From release 0.4.0, it is possible to connect on same times to multi ClearPass You need to use -connection parameter to cmdlet

For example to get Static Host List of 2 CPPM

# Connect to first ClearPass
    $cppm1 = Connect-ArubaCP 192.0.2.1 -SkipCertificateCheck -DefaultConnection:$false

#DefaultConnection set to false is not mandatory but only don't set the connection info on global variable

# Connect to second ClearPass
    $cppm2 = Connect-ArubaCP 192.0.2.2 -SkipCertificateCheck -DefaultConnection:$false

# Get Static Host List for first ClearPass
   Get-ArubaCPStaticHostList -connection $cppm1 | Format-Table

  id name                description host_format host_type  value                 _links
  -- ----                ----------- ----------- ---------  -----                 ------
3001 SHL-list-IPAddress              list        IPAddress                        @{self=}
....

# Get Static Host List for second ClearPass
   Get-ArubaCPStaticHostList -connection $cppm2 | Format-Table

  id name                description host_format host_type  value                 _links
  -- ----                ----------- ----------- ---------  -----                 ------
3001 SHL-list-MACAddress             list        MACAddress                       @{self=}
...

#Each cmdlet can use -connection parameter

Filtering

For Invoke-ArubaCPRestMethod, it is possible to use -filter parameter You need to use ClearPass API syntax :

Description JSON Filter Syntax
No filter, matches everything {}
Field is equal to "value" {"fieldName":"value"} or {"fieldName":{"$eq":"value"}}
Field is one of a list of values {"fieldName":["value1", "value2"]} or {"fieldName":{"$in":["value1", "value2"]}}
Field is not one of a list of values {"fieldName":{"$nin":["value1", "value2"]}}
Field contains a substring "value" {"fieldName":{"$contains":"value"}}
Field is not equal to "value" {"fieldName":{"$ne":"value"}}
Field is greater than "value" {"fieldName":{"$gt":"value"}}
Field is greater than or equal to "value" {"fieldName":{"$gte":"value"}}
Field is less than "value" {"fieldName":{"$lt":"value"}}
Field is less than or equal to "value" {"fieldName":{"$lte":"value"}}
Field matches a regular expression (case-sensitive) {"fieldName":{"$regex":"regex"}}
Field matches a regular expression (case-insensitive) {"fieldName":{"$regex":"regex", "$options":"i"}}
Field exists (does not contain a null value) {"fieldName":{"$exists":true}}
Field is NULL {"fieldName":{"$exists":false}}
Combining filter expressions with AND {"$and":[ filter1, filter2, ... ]}
Combining filter expressions with OR {"$or":[ filter1, filter2, ... ]}
Inverting a filter expression {"$not":{ filter }}
Field is greater than or equal to 2 and less than 5 {"fieldName":{"$gte":2, "$lt":5}} {"$and":[ {"fieldName":{"$gte":2}}, {"fieldName":{"$lt":5}} ]}

For Get-XXX cmdlet like Get-ArubaCPNetwork, it is possible to using some helper filter (-filter_attribute, -filter_type, -filter_value)

# Get NetworkDevice named NAD-PowerArubaCP
    Get-ArubaCPNetworkDevice -name NAD-PowerArubaCP
...

# Get NetworkDevice contains NAD-PowerArubaCP
    Get-ArubaCPNetworkDevice -name NAD-PowerArubaCP -filter_type contains
...

# Get NetworkDevice where ip_address equal 192.168.1.1
    Get-ArubaCPNetworkDevice -filter_attribute ip_address -filter_type equal -filter_value 192.168.1.1
...

Actually, support only equal and contains filter type

Disconnecting

# Disconnect from the Aruba ClearPass
    Disconnect-ArubaCP

Issue

Unable to connect (certificate)

if you use Connect-ArubaCP and get Unable to Connect (certificate)

The issue coming from use Self-Signed or Expired Certificate for switch management

Try to connect using Connect-ArubaCP -SkipCertificateCheck

How to contribute

Contribution and feature requests are more than welcome. Please use the following methods:

  • For bugs and issues, please use the issues register with details of the problem.
  • For Feature Requests, please use the issues register with details of what's required.
  • For code contribution (bug fixes, or feature request), please request fork PowerArubaCP, create a feature/fix branch, add tests if needed then submit a pull request.

Contact

Currently, @alagoutte started this project and will keep maintaining it. Reach out to me via Twitter, Email (see top of file) or the issues Page here on GitHub. If you want to contribute, also get in touch with me.

List of available command

Add-ArubaCPApiClient
Add-ArubaCPApplicationLicense
Add-ArubaCPAttributesMember
Add-ArubaCPDeviceFingerprint
Add-ArubaCPEndpoint
Add-ArubaCPLocaluser
Add-ArubaCPNetworkDevice
Add-ArubaCPNetworkDeviceGroup
Add-ArubaCPNetworkDeviceGroupMember
Add-ArubaCPRole
Add-ArubaCPStaticHostList
Add-ArubaCPStaticHostListMember
Confirm-ArubaCPApiClient
Confirm-ArubaCPApplicationLicense
Confirm-ArubaCPEndpoint
Confirm-ArubaCPLocalUser
Confirm-ArubaCPNetworkDevice
Confirm-ArubaCPNetworkDeviceGroup
Confirm-ArubaCPRole
Confirm-ArubaCPServerCertificate
Confirm-ArubaCPService
Confirm-ArubaCPStaticHostList
Connect-ArubaCP
Convert-ArubaCPCIDR2Mask
Deploy-ArubaCPVm
Disable-ArubaCPService
Disconnect-ArubaCP
Enable-ArubaCPService
Format-ArubaCPMacAddress
Get-ArubaCPApiClient
Get-ArubaCPApplicationLicense
Get-ArubaCPAuthMethod
Get-ArubaCPAuthSource
Get-ArubaCPCertTrustList
Get-ArubaCPClusterCertificate
Get-ArubaCPCPPMVersion
Get-ArubaCPDeviceFingerprint
Get-ArubaCPEndpoint
Get-ArubaCPEnforcementPolicy
Get-ArubaCPEnforcementProfile
Get-ArubaCPLocaluser
Get-ArubaCPNetworkDevice
Get-ArubaCPNetworkDeviceGroup
Get-ArubaCPRole
Get-ArubaCPServerCertificate
Get-ArubaCPServerConfiguration
Get-ArubaCPServerVersion
Get-ArubaCPService
Get-ArubaCPServiceCertificate
Get-ArubaCPStaticHostList
Invoke-ArubaCPRestMethod
Remove-ArubaCPApiClient
Remove-ArubaCPApplicationLicense
Remove-ArubaCPAttributesMember
Remove-ArubaCPEndpoint
Remove-ArubaCPLocalUser
Remove-ArubaCPNetworkDevice
Remove-ArubaCPNetworkDeviceGroup
Remove-ArubaCPNetworkDeviceGroupMember
Remove-ArubaCPRole
Remove-ArubaCPStaticHostList
Remove-ArubaCPStaticHostListMember
Set-ArubaCPAttributesMember
Set-ArubaCPCipherSSL
Set-ArubaCPEndpoint
Set-ArubaCPLocalUser
Set-ArubaCPNetworkDevice
Set-ArubaCPNetworkDeviceGroup
Set-ArubaCPRole
Set-ArubaCPStaticHostList
Set-ArubaCPuntrustedSSL
Set-ArubaCPVmAddLicencePlatform
Set-ArubaCPVmApiClient
Set-ArubaCPVmFirstBoot
Set-ArubaCPVmSetup
Set-ArubaCPVmUpdate
Show-ArubaCPException

Author

Alexis La Goutte

Special Thanks

  • Warren F. for his blog post 'Building a Powershell module'
  • Erwan Quelin for help about Powershell

License

Copyright 2018 Alexis La Goutte and the community.