forked from Gerenios/AADInternals
-
Notifications
You must be signed in to change notification settings - Fork 0
/
SyncAgent.ps1
58 lines (48 loc) · 2.56 KB
/
SyncAgent.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
Add-Type -AssemblyName System.Web
# Registers Syncgent to the Azure AD
# Apr 2nd 2019
# Sep 7th 2022: Added UpdateTrust
function Register-SyncAgent
{
<#
.SYNOPSIS
Registers the Sync agent to Azure AD and creates a client certificate or renews existing certificate.
.DESCRIPTION
Registers the Sync agent to Azure AD with given machine name and creates a client certificate or renews existing certificate.
The filename of the certificate is <server FQDN>_<tenant id>_<agent id>_<cert thumbprint>.pfx
.Example
Get-AADIntAccessTokenForPTA -SaveToCache
Register-AADIntPTAAgent -MachineName "server1.company.com"
Sync Agent (005b136f-db3e-4b54-9d8b-8994f7717de6) registered as server1.company.com
Certificate saved to server1.company.com_513d8d3d-7498-4d8c-85ed-b485ed5c39a9_005b136f-db3e-4b54-9d8b-8994f7717de6_6464A8C05194B416B347D65F01F89FCCE66292FB.pfx
.Example
$pt=Get-AADIntAccessTokenForPTA
PS C:\>Register-AADIntPTAAgent -AccessToken $pt -MachineName "server1.company.com"
Sync Agent (005b136f-db3e-4b54-9d8b-8994f7717de6) registered as server1.company.com
Certificate saved to server1.company.com_513d8d3d-7498-4d8c-85ed-b485ed5c39a9_005b136f-db3e-4b54-9d8b-8994f7717de6_6464A8C05194B416B347D65F01F89FCCE66292FB.pfx
.Example
PS C:\>Register-AADIntPTAAgent -MachineName "server1.company.com" -UpdateTrust -PfxFileName .\server1.company.com_513d8d3d-7498-4d8c-85ed-b485ed5c39a9_005b136f-db3e-4b54-9d8b-8994f7717de6_6464A8C05194B416B347D65F01F89FCCE66292FB.pfx
Sync Agent (005b136f-db3e-4b54-9d8b-8994f7717de6) certificate renewed for server1.company.com
Certificate saved to server1.company.com_513d8d3d-7498-4d8c-85ed-b485ed5c39a9_005b136f-db3e-4b54-9d8b-8994f7717de6_449D42C1BA32B23A621EBE62329AE460FE68924B.pfx
#>
[cmdletbinding()]
Param(
[Parameter(Mandatory=$False)]
[String]$AccessToken,
[Parameter(Mandatory=$True)]
[String]$MachineName,
[Parameter(Mandatory=$False)]
[String]$FileName,
[Parameter(ParameterSetName='normal',Mandatory=$False)]
[Parameter(ParameterSetName='update',Mandatory=$True)]
[switch]$UpdateTrust,
[Parameter(ParameterSetName='update',Mandatory=$True)]
[String]$PfxFileName,
[Parameter(ParameterSetName='update',Mandatory=$False)]
[String]$PfxPassword
)
Process
{
return Register-ProxyAgent -AccessToken $AccessToken -MachineName $MachineName -FileName $FileName -AgentType Sync -UpdateTrust $UpdateTrust -PfxFileName $PfxFileName -PfxPassword $PfxPassword
}
}