Set-PASDirectoryMapping
Set-PASDirectoryMapping
SYNOPSIS
Updates an existing Directory Mapping for a directory
SYNTAX
Set-PASDirectoryMapping [-DirectoryName] <String> [-MappingID] <String> [[-MappingName] <String>]
[[-LDAPBranch] <String>] [[-DomainGroups] <String[]>] [[-VaultGroups] <String[]>] [[-Location] <String>]
[[-LDAPQuery] <String>] [[-MappingAuthorizations] <Authorizations>] [[-UserActivityLogPeriod] <Int32>]
[-UsedQuota <Int32>] [-AuthorizedInterfaces <String[]>] [-EnableENEWhenDisconnected <Boolean>] [-WhatIf]
[-Confirm] [<CommonParameters>]
DESCRIPTION
Updates a directory mapping.
Membership of the Vault Admins group required.
Minimum required version 10.7
EXAMPLES
EXAMPLE 1
Get-PASDirectoryMapping -DirectoryName $Directory -MappingID $ID |
Set-PASDirectoryMapping -DirectoryName $Directory -MappingAuthorizations AddUpdateUsers, AuditUsers
Configures the AddUpdateUsers & AuditUsers authorisations on the mapping.
Minimum required version 10.7
EXAMPLE 2
Set-PASDirectoryMapping -DirectoryName $DirectoryName -MappingID $MappingID -MappingName $MappingName -LDAPBranch $LDAPBranch `
-MappingAuthorizations AddUpdateUsers, ActivateUsers & ResetUsersPasswords
Sets AddUpdateUsers, ActivateUsers & ResetUsersPasswords authorisations on the directory mapping
Minimum required version 10.7
EXAMPLE 3
Set-PASDirectoryMapping -DirectoryName $DirectoryName -MappingID $MappingID -MappingName $MappingName -LDAPBranch $LDAPBranch `
-UserActivityLogPeriod 365
Sets UserActivityLogPeriod for the mapping to 365
Minimum required version 10.10
PARAMETERS
-DirectoryName
The name of the directory the mapping is for.
Type: String
Parameter Sets: (All)
Aliases:
Required: True
Position: 1
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
-MappingID
The ID of the Directory Mapping to Update
Type: String
Parameter Sets: (All)
Aliases:
Required: True
Position: 2
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
-MappingName
The name of the PAS role that will be created.
Type: String
Parameter Sets: (All)
Aliases:
Required: False
Position: 3
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
-LDAPBranch
The LDAP branch that will be used for external directory queries
Type: String
Parameter Sets: (All)
Aliases:
Required: False
Position: 4
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
-DomainGroups
Users who belong to these LDAP groups will be automatically assigned to the relevant roles in the PAS system.
Type: String[]
Parameter Sets: (All)
Aliases:
Required: False
Position: 5
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
-VaultGroups
A list of Vault groups that a mapped user will be added to.
Type: String[]
Parameter Sets: (All)
Aliases:
Required: False
Position: 6
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
-Location
The path of the Vault location that mapped users are added under.
This value cannot be updated.
Type: String
Parameter Sets: (All)
Aliases:
Required: False
Position: 7
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
-LDAPQuery
Match LDAP query results to mapping
Type: String
Parameter Sets: (All)
Aliases:
Required: False
Position: 8
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
-MappingAuthorizations
Specify authorizations that will be applied when an LDAP User Account is created in the Vault.
To apply specific authorizations to a mapping, the user must have the same authorizations.
Possible authorizations:
- AddSafes
- AuditUsers
- AddUpdateUsers
- ResetUsersPasswords
- ActivateUsers
- ManageServerFileCategories
- BackupAllSafes
- RestoreAllSafes
Type: Authorizations
Parameter Sets: (All)
Aliases:
Accepted values: AddUpdateUsers, AddSafes, AddNetworkAreas, ManageServerFileCategories, AuditUsers, BackupAllSafes, RestoreAllSafes, ResetUsersPasswords, ActivateUsers
Required: False
Position: 9
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
-UserActivityLogPeriod
Retention period in days for user activity logs
Minimum required version 10.10
Type: Int32
Parameter Sets: (All)
Aliases:
Required: False
Position: 10
Default value: 0
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
Type: SwitchParameter
Parameter Sets: (All)
Aliases: wi
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
-Confirm
Prompts you for confirmation before running the cmdlet.
Type: SwitchParameter
Parameter Sets: (All)
Aliases: cf
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
-AuthorizedInterfaces
Sets the authorized interface from the available interfaces defined by the license.
Requires 14.0
Type: String[]
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
-EnableENEWhenDisconnected
Whether or not to monitor this user type’s activity.
Requires 14.0
Type: Boolean
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
-UsedQuota
Sets the disk quota allocated to the user in MB.
Requires 14.0
Type: Int32
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.