From 9cee2e8f3d411c339b997fcd9b7590a8c0fae9dd Mon Sep 17 00:00:00 2001 From: djpbessems Date: Thu, 11 Mar 2021 09:05:38 +0100 Subject: [PATCH] Change vApp type;Generate all user passwords --- scripts/ADDS/payload/scripts/03.Users.yml | 16 ++++++++++++---- scripts/Update-OvfConfiguration.yml | 2 +- 2 files changed, 13 insertions(+), 5 deletions(-) diff --git a/scripts/ADDS/payload/scripts/03.Users.yml b/scripts/ADDS/payload/scripts/03.Users.yml index 0082ebf..83469be 100644 --- a/scripts/ADDS/payload/scripts/03.Users.yml +++ b/scripts/ADDS/payload/scripts/03.Users.yml @@ -1,16 +1,15 @@ Users: - DistinguishedName: CN=Jane Doe,OU=Employees,OU=Non-privileged,OU=User accounts - # Password: Complex42! Password: "{{ password.janedoe }}" MemberOf: [] - DistinguishedName: CN=John Doe,OU=Contractors,OU=Non-privileged,OU=User accounts - Password: Complex42! + Password: "{{ password.johndoe }}" MemberOf: [] - DistinguishedName: CN=admJaneD,OU=Administrators,OU=Privileged,OU=User accounts - Password: Complex42! + Password: "{{ password.amdjaned }}" MemberOf: [] - DistinguishedName: CN=zzLDAP,OU=Service accounts,OU=Privileged,OU=User accounts - Password: Complex42! + Password: "{{ password.zzldap }}" MemberOf: [] --- @@ -18,3 +17,12 @@ Variables: - Name: password.janedoe Expression: | & "$($PSScriptRoot)\..\Provision-VaultPassword.ps1" -VaulSecret $Parameter['vault.secret'] -Username 'janedoe' -VaultAPIAddress $Parameter['vault.api'] -VaultToken $Parameter['vault.token'] -VaultPwPolicy $Parameter['vault.pwpolicy'] +- Name: password.johndoe + Expression: | + & "$($PSScriptRoot)\..\Provision-VaultPassword.ps1" -VaulSecret $Parameter['vault.secret'] -Username 'johndoe' -VaultAPIAddress $Parameter['vault.api'] -VaultToken $Parameter['vault.token'] -VaultPwPolicy $Parameter['vault.pwpolicy'] +- Name: password.amdjaned + Expression: | + & "$($PSScriptRoot)\..\Provision-VaultPassword.ps1" -VaulSecret $Parameter['vault.secret'] -Username 'amdjaned' -VaultAPIAddress $Parameter['vault.api'] -VaultToken $Parameter['vault.token'] -VaultPwPolicy $Parameter['vault.pwpolicy'] +- Name: password.zzldap + Expression: | + & "$($PSScriptRoot)\..\Provision-VaultPassword.ps1" -VaulSecret $Parameter['vault.secret'] -Username 'zzldap' -VaultAPIAddress $Parameter['vault.api'] -VaultToken $Parameter['vault.token'] -VaultPwPolicy $Parameter['vault.pwpolicy'] diff --git a/scripts/Update-OvfConfiguration.yml b/scripts/Update-OvfConfiguration.yml index 7ab202f..7e920af 100644 --- a/scripts/Update-OvfConfiguration.yml +++ b/scripts/Update-OvfConfiguration.yml @@ -109,7 +109,7 @@ PropertyCategories: - standalone UserConfigurable: true - Key: vault.token - Type: string + Type: password Label: Vault API token Description: An access token which has permissions to read/write to the Vault secrets engine DefaultValue: ''