psPAS 6.4 - Update 1 (#541)

* Update ConvertTo-UnixTime.ps1

Adds logic to not perform conversion to universal time if epoch time is provided as an input.
Resolves condition where users in non GMT timezones have timezone offset applied to epoch time value.

#536

* Update Format-PASUserObject.ps1

Adds logic to only attempt conversion of expiry date value if a datetime object is provided as input.
Resolves issue where update command for user object with existing value set for expiry date causes error

#536
#539

* Update Docs

Documentation update for last release

* Update Format-PutRequestObject.ps1

Additional help text and typo correction

* Update Format-PASUserObject.Tests.ps1

* UPDATE CHANGELOG

Added latest change details

CHANGELOG.md

@@ -23,7 +23,20 @@
 ### Fixed
 - N/A
 
-## [v-next]
+## [6.4.85]
+
+### Added
+- N/A
+
+### Updated
+- N/A
+
+### Fixed
+- `Set-PASUser`
+  - Adds logic to not attempt conversion to unix time if expiry date is not a valid datetime object, this resolves an issue where an error was raised when updating an account with an existing value for the `expirydate` property
+  - Adds logic to not apply time zone offset when specifying Unix epoch time to remove an expiry date from an account which could previously result in an invalid time value in non-GMT time zones.
+
+## [6.4.80]
 
 Includes a general update across multiple module commands to ensure commands which are specific to self-hosted implementations are not able to be run against Privilege Cloud, and any commands which are specific to Privilege Cloud are not able to be run against a Self-Hosted solution.
 

README.md

@@ -986,7 +986,25 @@ Click the below dropdown to view the current list of psPAS functions and their m
 [`Remove-PASPTAIncludedTarget`][Remove-PASPTAIncludedTarget]                             |**14.0**            |Remove PTA Included Target
 [`Remove-PASPTAPrivilegedGroup`][Remove-PASPTAPrivilegedGroup]                           |**14.0**            |Remove PTA Privileged Group
 [`Remove-PASPTAPrivilegedUser`][Remove-PASPTAPrivilegedUser]                             |**14.0**            |Remove PTA Privileged User
-
+[`Set-PASIPAllowList`][Set-PASIPAllowList]                                               |**P Cloud Only**    |Set P Cloud IP Allow List
+[`Get-PASIPAllowList`][Get-PASIPAllowList]                                               |**P Cloud Only**    |Get P Cloud IP Allow List
+[`Get-PASBYOKConfig`][Get-PASBYOKConfig]                                                 |**P Cloud Only**    |Get P Cloud BYOK Config
+[`Publish-PASDiscoveredLocalAccount`][Publish-PASDiscoveredLocalAccount]                 |**P Cloud Only**    |Publish P Cloud Discovered Local Account
+[`Remove-PASDiscoveredLocalAccount`][Remove-PASDiscoveredLocalAccount]                   |**P Cloud Only**    |Delete  P Cloud Discovered Local Account
+[`Get-PASDiscoveredLocalAccountActivity`][Get-PASDiscoveredLocalAccountActivity]         |**P Cloud Only**    |Get  P Cloud Discovered Local Account Activity
+[`Get-PASDiscoveredLocalAccount`][Get-PASDiscoveredLocalAccount]                         |**P Cloud Only**    |Get  P Cloud Discovered Local Account
+[`Clear-PASDiscoveredLocalAccount`][Clear-PASDiscoveredLocalAccount]                     |**P Cloud Only**    |Clear all  P Cloud Discovered Local Accounts
+[`Add-PASDiscoveredLocalAccount`][Add-PASDiscoveredLocalAccount]                         |**P Cloud Only**    |Add  P Cloud Discovered Local Account
+
+[Get-PASIPAllowList]:/psPAS/Functions/IPALlowList/Get-PASIPAllowList
+[Set-PASIPAllowList]:/psPAS/Functions/IPALlowList/Set-PASIPAllowList
+[Get-PASBYOKConfig]:/psPAS/Functions/BYOK/Get-PASBYOKConfig
+[Publish-PASDiscoveredLocalAccount]:/psPAS/Functions/Accounts/Publish-PASDiscoveredLocalAccount
+[Get-PASDiscoveredLocalAccountActivity]:/psPAS/Functions/Accounts/Get-PASDiscoveredLocalAccountActivity
+[Get-PASDiscoveredLocalAccount]:/psPAS/Functions/Accounts/Get-PASDiscoveredLocalAccount
+[Clear-PASDiscoveredLocalAccount]:/psPAS/Functions/Accounts/Clear-PASDiscoveredLocalAccount
+[Add-PASDiscoveredLocalAccount]:/psPAS/Functions/Accounts/Add-PASDiscoveredLocalAccount
+[Remove-PASDiscoveredLocalAccount]:/psPAS/Functions/Accounts/Remove-PASDiscoveredLocalAccount
 [Add-PASPTAExcludedTarget]:/psPAS/Functions/EventSecurity/Add-PASPTAExcludedTarget.ps1
 [Add-PASPTAIncludedTarget]:/psPAS/Functions/EventSecurity/Add-PASPTAIncludedTarget.ps1
 [Add-PASPTAPrivilegedGroup]:/psPAS/Functions/EventSecurity/Add-PASPTAPrivilegedGroup.ps1

Tests/Format-PASUserObject.Tests.ps1

@@ -53,7 +53,7 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') {
 					'UserName'   = 'SomeUser'
 					'FirstName'  = 'Some'
 					'LastName'   = 'User'
-					'ExpiryDate' = '10/31/2018'
+					'ExpiryDate' = $(Get-Date -Day 31 -Month 10 -Year 2018 -Hour 0 -Minute 0 -Second 0 -Millisecond 0)
 					'workStreet' = 'SomeStreet'
 					'homePage'   = 'www.geocities.com'
 					'faxNumber'  = '1979'

docs/_data/navigation.yml

@@ -131,6 +131,18 @@ commands:
         url: /commands/Publish-PASDiscoveredAccount
       - title: "Add-PASPersonalAdminAccount"
         url: /commands/Add-PASPersonalAdminAccount
+      - title: "Publish-PASDiscoveredLocalAccount"
+        url: /commands/Publish-PASDiscoveredLocalAccount
+      - title: "Get-PASDiscoveredLocalAccountActivity"
+        url: /commands/Get-PASDiscoveredLocalAccountActivity
+      - title: "Get-PASDiscoveredLocalAccount"
+        url: /commands/Get-PASDiscoveredLocalAccount
+      - title: "Clear-PASDiscoveredLocalAccount"
+        url: /commands/Clear-PASDiscoveredLocalAccount
+      - title: "Add-PASDiscoveredLocalAccount"
+        url: /commands/Add-PASDiscoveredLocalAccount
+      - title: "Remove-PASDiscoveredLocalAccount"
+        url: /commands/Remove-PASDiscoveredLocalAccount
 
   - title: "Applications"
     children:
@@ -377,6 +389,18 @@ commands:
       - title: "Get-PASUserTypeInfo"
         url: /commands/Get-PASUserTypeInfo
 
+  - title: "BYOK"
+    children:
+      - title: "Get-PASBYOKConfig"
+        url: /commands/Get-PASBYOKConfig
+
+  - title: "IP Allow List"
+    children:
+      - title: "Get-PASIPAllowList"
+        url: /commands/Get-PASIPAllowList
+      - title: "Set-PASIPAllowList"
+        url: /commands/Set-PASIPAllowLists
+
 # documentation links
 docs:
   - title: Installation
@@ -435,3 +459,7 @@ docs:
         url: https://www.powershellgallery.com/packages/VaultControl/
       - title: "PSMPSession"
         url: https://www.powershellgallery.com/packages/PSMPSession/
+      - title: "IdentityCommand"
+        url: https://www.powershellgallery.com/packages/IdentityCommand/
+      - title: "IdentityCommand.DPA"
+        url: https://www.powershellgallery.com/packages/IdentityCommand.DPA/

docs/collections/_commands/New-PASSession.md

@@ -840,8 +840,8 @@ Accept wildcard characters: False
 Specify the URL value of the CyberArk Identity Portal to authenticate against.
 
 E.G.:
-- https://<identity-tenant-id>.id.cyberark.cloud
-- https://<identity-tenant-id>.my.idaptive.app
+- https://identity-tenant-id.id.cyberark.cloud
+- https://identity-tenant-id.my.idaptive.app
 
 ```yaml
 Type: String
@@ -859,7 +859,7 @@ Accept wildcard characters: False
 Specify the URL value used to access the CyberArk Privilege Cloud API.
 
 E.G.:
-- https://<subdomain>.privilegecloud.cyberark.cloud
+- https://subdomain.privilegecloud.cyberark.cloud
 
 ```yaml
 Type: String

docs/collections/_docs/10-compatibility.md

@@ -198,7 +198,25 @@ If version requirement criteria are not met, operations may be prevented.
 [`Remove-PASPTAIncludedTarget`][Remove-PASPTAIncludedTarget]                             |**14.0**                                             |Remove PTA Included Target
 [`Remove-PASPTAPrivilegedGroup`][Remove-PASPTAPrivilegedGroup]                           |**14.0**                                             |Remove PTA Privileged Group
 [`Remove-PASPTAPrivilegedUser`][Remove-PASPTAPrivilegedUser]                             |**14.0**                                             |Remove PTA Privileged User
-
+[`Set-PASIPAllowList`][Set-PASIPAllowList]                                               |**P Cloud Only**                                     |Set P Cloud IP Allow List
+[`Get-PASIPAllowList`][Get-PASIPAllowList]                                               |**P Cloud Only**                                     |Get P Cloud IP Allow List
+[`Get-PASBYOKConfig`][Get-PASBYOKConfig]                                                 |**P Cloud Only**                                     |Get P Cloud BYOK Config
+[`Publish-PASDiscoveredLocalAccount`][Publish-PASDiscoveredLocalAccount]                 |**P Cloud Only**                                     |Publish P Cloud Discovered Local Account
+[`Remove-PASDiscoveredLocalAccount`][Remove-PASDiscoveredLocalAccount]                   |**P Cloud Only**                                     |Delete  P Cloud Discovered Local Account
+[`Get-PASDiscoveredLocalAccountActivity`][Get-PASDiscoveredLocalAccountActivity]         |**P Cloud Only**                                     |Get  P Cloud Discovered Local Account Activity
+[`Get-PASDiscoveredLocalAccount`][Get-PASDiscoveredLocalAccount]                         |**P Cloud Only**                                     |Get  P Cloud Discovered Local Account
+[`Clear-PASDiscoveredLocalAccount`][Clear-PASDiscoveredLocalAccount]                     |**P Cloud Only**                                     |Clear all  P Cloud Discovered Local Accounts
+[`Add-PASDiscoveredLocalAccount`][Add-PASDiscoveredLocalAccount]                         |**P Cloud Only**                                     |Add  P Cloud Discovered Local Account
+
+[Get-PASIPAllowList]:/commands/Get-PASIPAllowList
+[Set-PASIPAllowList]:/commands/Set-PASIPAllowList
+[Get-PASBYOKConfig]:/commands/Get-PASBYOKConfig
+[Publish-PASDiscoveredLocalAccount]:/commands/Publish-PASDiscoveredLocalAccount
+[Get-PASDiscoveredLocalAccountActivity]:/commands/Get-PASDiscoveredLocalAccountActivity
+[Get-PASDiscoveredLocalAccount]:/commands/Get-PASDiscoveredLocalAccount
+[Clear-PASDiscoveredLocalAccount]:/commands/Clear-PASDiscoveredLocalAccount
+[Add-PASDiscoveredLocalAccount]:/commands/Add-PASDiscoveredLocalAccount
+[Remove-PASDiscoveredLocalAccount]:/commands/Remove-PASDiscoveredLocalAccount
 [Add-PASPTAExcludedTarget]:/commands/Add-PASPTAExcludedTarget
 [Add-PASPTAIncludedTarget]:/commands/Add-PASPTAIncludedTarget
 [Add-PASPTAPrivilegedGroup]:/commands/Add-PASPTAPrivilegedGroup

docs/collections/_posts/2024-05-01-pspas-release-6-4.md

@@ -1,6 +1,6 @@
 ---
 title: "psPAS Release 6.4"
-date: 2024-05-01 00:00:00
+date: 2024-06-04 00:00:00
 tags:
   - Release Notes
   - Get-PASPSMRecording
@@ -15,8 +15,22 @@ tags:
   - Remove-PASDiscoveredLocalAccount
   - Invoke-PASRestMethod
   - Get-PASPSMSession
+  - Set-PASUser
 ---
 
+## **6.4.85**
+
+### Added
+- N/A
+
+### Updated
+- N/A
+
+### Fixed
+- `Set-PASUser`
+  - Adds logic to not attempt conversion to unix time if expiry date is not a valid datetime object, this resolves an issue where an error was raised when updating an account with an existing value for the `expirydate` property
+  - Adds logic to not apply time zone offset when specifying Unix epoch time to remove an expiry date from an account which could previously result in an invalid time value in non-GMT time zones.
+
 ## **6.4.80**
 
 Includes a general update across multiple module commands to ensure commands which are specific to self-hosted implementations are not able to be run against Privilege Cloud, and any commands which are specific to Privilege Cloud are not able to be run against a Self-Hosted solution.

psPAS/Private/ConvertTo-UnixTime.ps1

@@ -30,12 +30,17 @@ Get-Date | ConvertTo-UnixTime
 	)
 	begin {
 		$currentCulture = [System.Threading.Thread]::CurrentThread.CurrentCulture
+		$epoch = Get-Date 1/1/1970
 	}
 	process {
 		[System.Threading.Thread]::CurrentThread.CurrentCulture = 'en-US'
-
-		$UnixTime = [math]::Round($(Get-Date $Date.ToUniversalTime() -UFormat %s))
-
+		if ($Date -ne $epoch) {
+			#Convert Date with timezone offset
+			$UnixTime = [math]::Round($(Get-Date $Date.ToUniversalTime() -UFormat %s))
+		} Else {
+			#no timezone offset for epoch date
+			$UnixTime = [math]::Round($(Get-Date $Date -UFormat %s))
+		}
 		If ($Milliseconds) {
 			$UnixTime = $UnixTime * 1000
 		}

psPAS/Private/Format-PASUserObject.ps1

@@ -40,8 +40,11 @@ Function Format-PASUserObject {
 		switch ($UserProperties.keys) {
 
 			'ExpiryDate' {
-				#Include date string in required format
-				$UserObject['ExpiryDate'] = $UserProperties['ExpiryDate'] | ConvertTo-UnixTime
+
+				If ($($UserProperties['ExpiryDate']).GetType().FullName -eq 'System.DateTime') {
+					#Include datetime object converted into required unixtime string format
+					$UserObject['ExpiryDate'] = $UserProperties['ExpiryDate'] | ConvertTo-UnixTime
+				}
 
 			}
 

psPAS/Private/Format-PutRequestObject.ps1

@@ -2,10 +2,10 @@ Function Format-PutRequestObject {
     <#
     .SYNOPSIS
     Give source object properties, and request parameters,
-    where a property is not presnt in a request, adds the current value from the source object.
+    where a property is not present in a request, adds the current value from the source object.
 
     .DESCRIPTION
-    Long description
+    Updates a source object with additional properties from another object.
 
     .PARAMETER InputObject
     The object representing current property values of an object to be updated
@@ -22,7 +22,7 @@ Function Format-PutRequestObject {
     .EXAMPLE
     Format-PutRequestObject -InputObject $UserObject -boundParameters $BoundParameters -ParametersToRemove id
 
-    updates the bound paramter value with key/values not already included, but present in InputObject
+    updates the boundparameter value with key/values not already included, but present in InputObject
 
     .NOTES
     Pete Maan 2024