#This script is provided as a base framework and may need additional changes to work in your environment. #Current this is designed to bring in users from a csv file, but this could be changed for other mediums of input. # Update lines 5-7 to get started! $fqdn = "" # example "demo.loginvsi.com" $token = "" # example "1It8mrR0us6tpI9SjTO0mdB_EBL0EuO_RkCU69GOGZs" $csvAccountRows = import-csv "" # put .csv path to import here # WARNING: This is needed to ignoring SSL/TLS certificate errors but is a security risk #------------------------------------------------------------------------------------------------------- $code = @" public class SSLHandler {public static System.Net.Security.RemoteCertificateValidationCallback GetSSLHandler() {return new System.Net.Security.RemoteCertificateValidationCallback((sender, certificate, chain, policyErrors) => { return true; });} } "@ Add-Type -TypeDefinition $code [System.Net.ServicePointManager]::ServerCertificateValidationCallback = [SSLHandler]::GetSSLHandler() #------------------------------------------------------------------------------------------------------- function CreateAccounts-FromCSV { Param ( [Parameter(Mandatory = $true)][string]$username, [Parameter(Mandatory = $true)][string]$domainId, [Parameter(Mandatory = $true)][string]$password ) # WARNING: ignoring SSL/TLS certificate errors is a security risk [System.Net.ServicePointManager]::ServerCertificateValidationCallback = [SSLHandler]::GetSSLHandler() $Body = @{ username = $username Domain = $domainId password = $password } | ConvertTo-Json $Header = @{ "Accept" = "application/json" "Authorization" = "Bearer $token" } $Parameters = @{ Uri = 'https://' + $fqdn + '/publicApi/v5/accounts' # might have to use '/publicApi/v5/accounts' depending on LE version Headers = $header Method = 'POST' Body = $Body ContentType = 'application/json' } $Response = Invoke-RestMethod @Parameters $Response } Function Update-Password{ Param ( [Parameter(Mandatory = $true)][string]$user, [Parameter(Mandatory = $true)][string]$accountid, [Parameter(Mandatory = $true)][string]$domainId, [Parameter(Mandatory = $true)][string]$password ) $body = @{ Username = $user password = $password domain = $domainId } | ConvertTo-Json $Header = @{ "Accept" = "application/json" "Authorization" = "Bearer $token" } $Parameters = @{ Uri = 'https://' + $fqdn + '/publicApi/v5/accounts/' + $accountid Headers = $header Method = 'PUT' Body = $body ContentType = 'application/json' } $response = Invoke-RestMethod @Parameters } #Begin script logic, by gathering account information $Header = @{ "Accept" = "application/json" "Authorization" = "Bearer $token" } $Parameters = @{ Uri = 'https://' + $fqdn + '/publicApi/v5/accounts' # might have to use '/publicApi/v5/accounts' depending on LE version Headers = $header Method = 'GET' ContentType = 'application/json' } $response = Invoke-RestMethod @Parameters $userlist = $response.items.username #$result = $response.items | Where $_username -match $user foreach ($csvAccountRow in $csvAccountRows){ if($userlist -contains $csvAccountRow.accountNameColumn){ write-host "User exists updating password" $accountid = $response.items | Where-Object -Property username -Contains $csvAccountRow.accountNameColumn $id = $accountid.id Update-Password -user $csvAccountRow.accountNameColumn -accountid $id -domainId $csvAccountRow.domainColumn -password $csvAccountRow.passwordColumn } else{ write-host "Account $csvAccountRow.accountNameColumn not found, creating" CreateAccounts-FromCSV -username $csvAccountRow.accountNameColumn -domainId $csvAccountRow.domainColumn $csvAccountRow.passwordColumn } }