Tag: API

AirWatch REST API Script : change Self-Service Portal role for users

Here’s several scripts that may be very helpful for anyone that needs to change the self-service portal role for their users in AirWatch. AirWatch is becoming more robust and mature with every new release, but they still have a long way to go towards overall usability for administrators.


 

#******************************************
### AirWatch API Connection
###
### Template from https://support.air-watch.com/posts/94020718-REST-API-Authentication-in-PowerShell
###
### 2015-11-15 Brian Deyo www.briandeyo.us
#*******************************************

write-output ” __ ___ __ ”
write-output ” /\ | |__) | | /\ | / “ |__| ”
write-output ” /~~\ | | \ |/\| /~~\ | \__, | | ”
write-output ” ”

###############################
###
### BEGIN CONFIGURATION SECTION
###
###############################

###Insert AirWatch API Key here
###Consider it best practice to create an API Key for every account that needs API access. Easier to manage access that way.
###
$APIKEY = “blahblahblahAPIKey”

###Insert AirWatch Application Server URL
###The Server is the “Application Server” component of the AirWatch environment.
###
$AWHost = “xxyyy.awmdm.com/API/v1”

###Pop up to get username and password, and then encodes U & P to string
###
$Credential = Get-Credential
$EncodedUsernamePassword = [System.Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes($(‘{0}:{1}’ -f $Credential.UserName,$Credential.GetNetworkCredential().Password)))

###Define Headers to send with each API access
###Switch Basic to Directory if using AD integrated account
###
$Headers = @{‘Authorization’ = “Basic $($EncodedUsernamePassword)”;’aw-tenant-code’ = “$APIKey”;’Content-type’ = ‘application/json’}

###Define output folder for Rest Logs when the out-file cmdlet is used
###
$RestLogPath = “\\fileshare\log\location”

###############################
###
### END CONFIGURATION SECTION
###
###############################

#***********************************
# List devices for a specific user
#***********************************
#
#write-output “Type User’s email address”
#$UserEmail = Read-Host
#Invoke-RestMethod -Method Get -Uri https://$AWHost/mdm/devices/search?user=$UserEmail -Headers $Headers

#***********************************
# Set Enrollment User’s SSP Access
#***********************************
#
# Define the JSON in the $body variable. Then the Invoke-RestMethod converts to JSON on the fly
#
#$Role = “SSP ROLE NAME”
#$user = “userID”
#$body = @{
# Role = $Role
# }
#Invoke-RestMethod -Method Post -Uri https://$AWHost/system/users/$user/update -Body (ConvertTo-Json $body) -Headers $Headers

#***********************************
# Get Enrollment User Details
#***********************************
#$user = Read-Host
#$Filename = “UserDetails.txt”
#Invoke-RestMethod -Method Get -Uri https://$AWHost/system/users/$user -Headers $Headers | Out-File -Append $RestLogPath$Filename

#***********************************
# Change a single Users SSP Role
#***********************************

#$User = Read-Host
#$NewRole = “SSP ROLE NAME”
#$body = @{
# Role = $NewRole
# }
#Invoke-RestMethod -Method Post -Uri https://$AWHost/system/users/$User/update -Body (ConvertTo-Json $body) -Headers $Headers

#*************************************************************
# Search for All Users that have specific role and change it
#*************************************************************
#$CurrentRole = “SSP ROLE NAME”
#$Filename = “SSP ROLE NAME.txt”
#$UserList = Invoke-RestMethod -Method Get -Uri https://$AWHost/system/users/search?role=$CurrentRole -Headers $Headers
#$list = $UserList.Users.Id
###Save output of every UserID getting changed
#$list.value | Out-File $RestLogPath$Filename
#
### Loop to change all the roles from the dumped list
#
#$NewRole = “SSP ROLE NAME”
#foreach ($User in $list)
#{
# $UserToUpdate = $User.value
#
# $body = @
# {
# Role = $NewRole
# }
# Invoke-RestMethod -Method Post -Uri https://$AWHost/system/users/$UserToUpdate/update -Body (ConvertTo-Json $body) -Headers $Headers
#}

#************************************
# List Number of Users in Each Role
#************************************
#$RolesToCheck = @(“Basic Access”,”External Access”,”Full Access”)
#Foreach ($Role in $RolesToCheck)
#{
# $Filename = “$Role – TOTALS.txt”
# $UserList = Invoke-RestMethod -Method Get -Uri https://$AWHost/system/users/search?role=$Role -Headers $Headers
# $list = $UserList.Users.Id
# ###Save output of every UserID getting changed
# $UserList | Tee-Object $RestLogPath$Filename
#}