|
| 1 | + |
| 2 | + |
| 3 | +Last release: [](https://badge.fury.io/gh/PowerAruba/powerarubacp) |
| 4 | + |
| 5 | +# PowerArubaCP |
| 6 | + |
| 7 | +This is a Powershell module for configure a Aruba ClearPass (CPPM). |
| 8 | + |
| 9 | +With this module (version 0.1.0) you can manage: |
| 10 | + |
| 11 | +- Invoke API using Invoke-ArubaCPRestMethod |
| 12 | + |
| 13 | +More functionality will be added later. |
| 14 | + |
| 15 | +Tested with Aruba ClearPass (using release 6.7.x) |
| 16 | + |
| 17 | +# Usage |
| 18 | + |
| 19 | +All resource management functions are available with the Powershell verbs GET, ADD, SET, REMOVE. |
| 20 | +<!-- For example, you can manage Vlans with the following commands: |
| 21 | +- `Get-ArubaSWVlans` |
| 22 | +- `Add-ArubaSWVlans` |
| 23 | +- `Set-ArubaSWVlans` |
| 24 | +- `Remove-ArubaSWVlans` |
| 25 | +--> |
| 26 | + |
| 27 | +# Requirements |
| 28 | + |
| 29 | +- Powershell 5 (If possible get the latest version) |
| 30 | +- A ClearPass (with release 6.7.x ) and API Client enable |
| 31 | + |
| 32 | +# Instructions |
| 33 | +### Install the module |
| 34 | +```powershell |
| 35 | +# Automated installation (Powershell 5): |
| 36 | + Install-Module PowerArubaCP |
| 37 | +
|
| 38 | +# Import the module |
| 39 | + Import-Module PowerArubaCP |
| 40 | +
|
| 41 | +# Get commands in the module |
| 42 | + Get-Command -Module PowerArubaCP |
| 43 | +
|
| 44 | +# Get help |
| 45 | + Get-Help Connect-ArubaCP -Full |
| 46 | +``` |
| 47 | + |
| 48 | +# Examples |
| 49 | + |
| 50 | +### Connecting to the ClearPass using API |
| 51 | + |
| 52 | +The first thing to do is to get API Client Token |
| 53 | + |
| 54 | +Go on WebGUI of your ClearPass, on Guest Modules |
| 55 | + |
| 56 | +Go on `Adminstration` => `API Services` => `API Clients` |
| 57 | + |
| 58 | + |
| 59 | +Create a `New API Client` |
| 60 | +- Client ID : a client name (for example PowerArubaCP) |
| 61 | +- Operator Profile : Super Administrator |
| 62 | +- Grant type : Client credentials |
| 63 | +- Access Token Lifetime : You can increment ! (24 hours !) |
| 64 | + |
| 65 | +Click on `Create API Client` (you don't need to store the Client Secet) |
| 66 | + |
| 67 | +On `API Clients List`, select the your client |
| 68 | + |
| 69 | + |
| 70 | +Click on `Generate Access Token` |
| 71 | + |
| 72 | + |
| 73 | +And kept the token (for example : 70680f1d19f86110800d5d5cb4414fbde7be12ae) |
| 74 | + |
| 75 | + |
| 76 | +After connect to a Aruba ClearPass with the command `Connect-ArubaCP` : |
| 77 | + |
| 78 | +```powershell |
| 79 | +# Connect to the Aruba Clearpass |
| 80 | + Connect-ArubaCP 192.0.2.1 -token 70680f1d19f86110800d5d5cb4414fbde7be12ae |
| 81 | +
|
| 82 | +``` |
| 83 | + |
| 84 | +### Invoke API |
| 85 | +for example to get ClearPass version |
| 86 | + |
| 87 | +```powershell |
| 88 | +# get ClearPass version using API |
| 89 | + Invoke-ArubaCPRestMethod -method "get" -uri "api/cppm-version" |
| 90 | +
|
| 91 | + app_major_version : 6 |
| 92 | + app_minor_version : 7 |
| 93 | + app_service_release : 2 |
| 94 | + app_build_number : 105008 |
| 95 | + hardware_version : CLABV |
| 96 | + fips_enabled : False |
| 97 | + eval_license : False |
| 98 | + cloud_mode : False |
| 99 | +``` |
| 100 | +to get API uri, go to ClearPass Swagger (https://CPPM-IP/api-docs) |
| 101 | + |
| 102 | + |
| 103 | +And choice a service (for example Platform) |
| 104 | + |
| 105 | + |
| 106 | +<!-- |
| 107 | +### NAD Management |
| 108 | +
|
| 109 | +You can create a new LUN `Add-ArubaSWVlans`, retrieve its information `Get-ArubaSWVlans`, modify its properties `Set-ArubaSWVLans`, or delete it `Remove-ArubaSWVlans`. |
| 110 | +
|
| 111 | +```powershell |
| 112 | +# Create a vlan |
| 113 | + Add-ArubaSWVlans -id 85 -Name 'PowerArubaSW' -is_voice_enabled |
| 114 | +
|
| 115 | + uri : /vlans/85 |
| 116 | + vlan_id : 85 |
| 117 | + name : PowerArubaSW |
| 118 | + status : VS_PORT_BASED |
| 119 | + type : VT_STATIC |
| 120 | + is_voice_enabled : False |
| 121 | + is_jumbo_enabled : True |
| 122 | + is_dsnoop_enabled : False |
| 123 | +
|
| 124 | +
|
| 125 | +# Get information about vlan |
| 126 | + Get-ArubaSWVlans -name PowerArubaSW | ft |
| 127 | +
|
| 128 | + uri vlan_id name status type is_voice_enabled is_jumbo_enabled is_dsnoop_enabled is_management_vlan |
| 129 | + --- ------- ---- ------ ---- ---------------- ---------------- ----------------- ------------------ |
| 130 | + /vlans/85 85 PowerArubaSW VS_PORT_BASED VT_STATIC False True False False |
| 131 | +
|
| 132 | +
|
| 133 | +# Remove a vlan |
| 134 | + Remove-ArubaSWVlans -id 85 |
| 135 | +``` |
| 136 | +--> |
| 137 | + |
| 138 | +### Disconnecting |
| 139 | + |
| 140 | +```powershell |
| 141 | +# Disconnect from the Aruba ClearPass |
| 142 | + Disconnect-ArubaCP |
| 143 | +``` |
| 144 | + |
| 145 | +# Author |
| 146 | + |
| 147 | +**Alexis La Goutte** |
| 148 | +- <https://github.com/alagoutte> |
| 149 | +- <https://twitter.com/alagoutte> |
| 150 | + |
| 151 | +# Special Thanks |
| 152 | + |
| 153 | +- Warren F. for his [blog post](http://ramblingcookiemonster.github.io/Building-A-PowerShell-Module/) 'Building a Powershell module' |
| 154 | +- Erwan Quelin for help about Powershell |
| 155 | + |
| 156 | +# License |
| 157 | + |
| 158 | +Copyright 2018 Alexis La Goutte and the community. |
0 commit comments