· 6 years ago · Jan 09, 2020, 03:16 PM
1#################################################################################
2#
3# DISCLAIMER: EXAMPLE ONLY
4#
5# Execute this example at your own risk. The console, target machines and
6# databases should be backed up prior to executing this example. Ivanti does
7# not warrant that the functions contained in this example will be
8# uninterrupted or free of error. The entire risk as to the results and
9# performance of this example is assumed by the person executing the example.
10# Ivanti is not responsible for any damage caused by this example.
11#
12#################################################################################
13
14CLS
15
16# session credential this acts as the Windows userr logged into the console similar to the scheduler
17# Change Password to the password to use for the session
18# Chnage API Server to the target server hosting the application
19
20<#-- i am not typing an admin password in here when i can just use a PSCredential.
21$secpasswd = ConvertTo-SecureString "Password" -AsPlainText -Force
22$global:ExampleRestApiCredential = New-Object System.Management.Automation.PSCredential ("Domain\user", $secpasswd)
23$pw = @{ClearText = (New-Object PSCredential "user", $global:ExampleRestApiCredential.Password).GetNetworkCredential().Password} | ConvertTo-Json -Depth 20
24Invoke-RestMethod -Credential $global:ExampleRestApiCredential https://API Server:3121/st/console/api/v1.0/sessioncredentials -body $pw -Method Post -ContentType "application/json"
25#>
26
27#---------- us PSCredential.
28$credential = get-credential
29$pw = @{
30 ClearText = $credential.GetNetworkCredential().Password
31} | ConvertTo-Json -Depth 20
32
33Invoke-RestMethod -Credential $credential -Uri https://wsrvshav001.vidanthealth.org:3121/st/console/api/v1.0/sessioncredentials -body $pw -Method Post -ContentType "application/json"
34
35# Reboot the machine to scan immediately after deployment
36$reboot = $false
37
38# Deploy ALL missing patches
39$deployPatches = $false
40
41# Delete the sample data from the application
42$deleteSampleData = $true
43
44# IP Address, NETBios Name or FQDN
45$machineToScan = "wsrvdashtst01"
46
47# What CVE do you want to add to the patch group and deploy to the machine to scan?
48#
49# The null patches is always scanned for. This will be in addition to
50#
51# Example @("CVE1", "CVE2")
52$cveList = @()
53
54#$loggedOnUserName = "$env:USERDOMAIN\$env:USERNAME"
55$loggedOnUserName = $credential.UserName
56
57# The Console's IP Address, NETBios Name or FQDN
58#$apiServer = "$env:computername.$env:userdnsdomain" #"$env:USERDOMAIN"
59# chnage APIserver to target console
60$apiServer = "wsrvshav001.vidanthealth.org" #"$env:USERDOMAIN"
61$apiLocalPort = 3121
62
63$Uris =
64@{
65 AssetScanTemplates = "https://$apiServer`:$apiLocalPort/st/console/api/v1.0/asset/scantemplates"
66 Credentials = "https://$apiServer`:$apiLocalPort/st/console/api/v1.0/credentials"
67 sessioncredentials = "https://$apiServer`:$apiLocalPort/st/console/api/v1.0/sessioncredentials"
68 servicecredentials = "https://$apiServer`:$apiLocalPort/st/console/api/v1.0/servicecredentials"
69 CertificateConsole = "https://$apiServer`:$apiLocalPort/st/console/api/v1.0/configuration/certificate"
70 DistributionServers = "https://$apiServer`:$apiLocalPort/st/console/api/v1.0/distributionservers"
71 Hypervisors = "https://$apiServer`:$apiLocalPort/st/console/api/v1.0/virtual/hypervisors"
72 IPRanges = "https://$apiServer`:$apiLocalPort/st/console/api/v1.0/ipranges"
73 MachineGroups = "https://$apiServer`:$apiLocalPort/st/console/api/v1.0/machinegroups"
74 MetadataVendors = "https://$apiServer`:$apiLocalPort/st/console/api/v1.0/metadata/vendors"
75 NullPatch = "https://$apiServer`:$apiLocalPort/st/console/api/v1.0/patches?bulletinIds=MSST-001"
76 Operations = "https://$apiServer`:$apiLocalPort/st/console/api/v1.0/operations"
77 Patches = "https://$apiServer`:$apiLocalPort/st/console/api/v1.0/patches"
78 PatchDeployments = "https://$apiServer`:$apiLocalPort/st/console/api/v1.0/patch/deployments"
79 PatchDeployTemplates = "https://$apiServer`:$apiLocalPort/st/console/api/v1.0/patch/deploytemplates"
80 PatchDownloads = "https://$apiServer`:$apiLocalPort/st/console/api/v1.0/patch/downloads"
81 PatchDownloadsScansPatch = "https://$apiServer`:$apiLocalPort/st/console/api/v1.0/patch/downloads/scans"
82 PatchGroups = "https://$apiServer`:$apiLocalPort/st/console/api/v1.0/patch/groups"
83 PatchMetaData = "https://$apiServer`:$apiLocalPort/st/console/api/v1.0/patch/patchmetadata"
84 PatchScans = "https://$apiServer`:$apiLocalPort/st/console/api/v1.0/patch/scans"
85 PatchScanMachines = "https://$apiServer`:$apiLocalPort/st/console/api/v1.0/patch/scans/{0}/machines"
86 PatchScanMachinesPatches = "https://$apiServer`:$apiLocalPort/st/console/api/v1.0/patch/scans/{0}/machines/{1}/patches"
87 PatchScanTemplates = "https://$apiServer`:$apiLocalPort/st/console/api/v1.0/patch/scanTemplates"
88 VCenters = "https://$apiServer`:$apiLocalPort/st/console/api/v1.0/virtual/vcenters"
89 VirtualInfrastructure = "https://$apiServer`:$apiLocalPort/st/console/api/v1.0/virtual"
90}
91
92Add-Type -AssemblyName System.Security
93#Encrypt using RSA
94function Encrypt-RSAConsoleCert
95{
96 param
97 (
98 [Parameter(Mandatory=$True, Position = 0)]
99 [Byte[]]$ToEncrypt,
100 [PSCredential]$credential
101 )
102 try
103 {
104 #$certResponse = Invoke-RestMethod $Uris.CertificateConsole -Method Get -UseDefaultCredentials -Verbose
105 $certResponse = Invoke-RestMethod $Uris.CertificateConsole -Method Get -credential $credential -Verbose
106 [Byte[]] $rawBytes = ([Convert]::FromBase64String($certResponse.derEncoded))
107 $cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2 -ArgumentList @(,$rawBytes)
108 $rsaPublicKey = $cert.PublicKey.Key;
109
110 $encryptedKey = $rsaPublicKey.Encrypt($ToEncrypt, $True);
111 return $encryptedKey
112 }
113 finally
114 {
115 $cert.Dispose();
116 }
117}
118
119function Create-CredentialRequest
120{
121 param
122 (
123 [Parameter(Mandatory=$True, Position=0)]
124 [String]$FriendlyName,
125
126 [Parameter(Mandatory=$True, Position=1)]
127 [String]$UserName,
128
129 [Parameter(Mandatory=$True, Position=2)]
130 [ValidateNotNull()]
131 [SecureString]$Password
132 )
133
134 $body = @{ "userName" = $UserName; "name" = $FriendlyName; }
135 $bstr = [IntPtr]::Zero;
136 try
137 {
138 ## Create an AES 128 Session key.
139 $algorithm = [System.Security.Cryptography.Xml.EncryptedXml]::XmlEncAES128Url
140 $aes = [System.Security.Cryptography.SymmetricAlgorithm]::Create($algorithm);
141 $keyBytes = $aes.Key;
142
143 # Encrypt the session key with the console cert
144 $encryptedKey = Encrypt-RSAConsoleCert -ToEncrypt $keyBytes -credential $credential
145 $session = @{ "algorithmIdentifier" = $algorithm; "encryptedKey" = [Convert]::ToBase64String($encryptedKey); "iv" = [Convert]::ToBase64String($aes.IV); }
146
147 # Encrypt the password with the Session key.
148 $cryptoTransform = $aes.CreateEncryptor();
149
150 # Copy the BSTR contents to a byte array, excluding the trailing string terminator.
151 $size = [System.Text.Encoding]::Unicode.GetMaxByteCount($Password.Length - 1);
152
153 $bstr = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($Password)
154 $clearTextPasswordArray = New-Object Byte[] $size
155 [System.Runtime.InteropServices.Marshal]::Copy($bstr, $clearTextPasswordArray, 0, $size)
156 $cipherText = $cryptoTransform.TransformFinalBlock($clearTextPasswordArray, 0 , $size)
157
158 $passwordJson = @{ "cipherText" = $cipherText; "protectionMode" = "SessionKey"; "sessionKey" = $session }
159 }
160 finally
161 {
162 # Ensure All sensitive byte arrays are cleared and all crypto keys/handles are disposed.
163 if ($clearTextPasswordArray -ne $null)
164 {
165 [Array]::Clear($clearTextPasswordArray, 0, $size)
166 }
167 if ($keyBytes -ne $null)
168 {
169 [Array]::Clear($keyBytes, 0, $keyBytes.Length);
170 }
171 if ($bstr -ne [IntPtr]::Zero)
172 {
173 [System.Runtime.InteropServices.Marshal]::ZeroFreeBSTR($bstr)
174 }
175 if ($cryptoTransform -ne $null)
176 {
177 $cryptoTransform.Dispose();
178 }
179 if ($aes -ne $null)
180 {
181 $aes.Dispose();
182 }
183 }
184 $body.Add("password", $passwordJson)
185 return ConvertTo-JSon $Body -Depth 99
186}
187function Get-PaginatedResults
188{
189 param
190 (
191 [String]$uri,
192 [PSCredential]$runAsCredential
193 )
194
195 $entireList = [System.Collections.ArrayList]@()
196 $nextUri = $uri
197 do
198 {
199 $result = Invoke-RestMethod $nextUri -Method Get -ErrorAction Stop -Credential $runAsCredential -Verbose
200 $result.value | Foreach-Object { $entireList.Add($_) }
201
202 $nextUri = $result.links.next.href
203 } until ($nextUri -eq $null)
204
205 return $entireList
206}
207
208function Remove-RestResourceSafe
209{
210 param
211 (
212 [String]$Uri,
213 [PSCredential] $runAsCredential
214 )
215 try
216 {
217 Invoke-RestMethod $uri -Method Delete -Credential $runAsCredential -Verbose > $null
218 }
219 catch
220 {
221 }
222}
223
224function Wait-Operation {
225 param(
226 [String] $OperationLocation,
227 [Int32] $TimeoutMinutes,
228 [PSCredential]$runAsCredential
229 )
230
231 $startTime = [DateTime]::Now
232 $operationResult = Invoke-RestMethod -Uri $OperationLocation -Method Get -Credential $runAsCredential -Verbose
233 while ($operationResult.Status -eq 'Running')
234 {
235 if ([DateTime]::Now -gt $startTime.AddMinutes($TimeoutMinutes))
236 {
237 throw "Timed out waiting for operation to complete"
238 }
239
240 Start-Sleep 5
241 $operationResult = Invoke-RestMethod -Uri $OperationLocation -Method Get -Credential $runAsCredential -Verbose
242 }
243
244 return $operationResult
245}
246function Add-Credential
247{
248 Param
249 (
250 [String]$credentialName,
251 [PSCredential]$credential,
252 [PSCredential]$runAsCredential
253 )
254# $body = @{ name = $credentialName; password = @{cipherText = $cipherText; protectionMode = "SessionKey"; sessionKey = "AES" }; username = $credential.UserName } | ConvertTo-Json -Depth 99
255# $response = Invoke-RestMethod -Uri $Uris.Credentials -Method Post -Body $body -ContentType "application/json" -Credential $runAsCredential -Verbose
256
257 $body = Create-CredentialRequest -FriendlyName $credentialName -UserName $credential.UserName -Password $credential.Password
258 #$response = Invoke-RestMethod -Uri $Uris.Credentials -Method Post -Body $body -ContentType "application/json" -Credential $credential -Verbose
259 #TEST cleartext credential
260 $body = @{username = "testname";name="apiremote";password = @{cleartext = "testpw"} }
261 $body = $body |ConvertTo-Json -Depth 5
262 $response = Invoke-RestMethod -Uri $Uris.Credentials -Method Post -Body $body -ContentType "application/json" -Credential $credential -Verbose
263
264 return $response
265}
266
267function Add-MachineGroup
268{
269 Param
270 (
271 [String]$groupName,
272 [String]$machineName,
273 [String]$loginCredentialid,
274 [PSCredential]$runAsCredential
275 )
276 $body =
277 @{
278 name = $groupName;
279 discoveryFilters = @(
280 @{
281 AdminCredentialId = $loginCredentialid;
282 category = "MachineName";
283 name = $machineName
284 })
285 } | ConvertTo-Json -Depth 99
286 $response = Invoke-RestMethod -Uri $Uris.MachineGroups -Method Post -Body $body -ContentType "application/json" -Credential $runAsCredential
287 return $response
288}
289
290function Add-CveToPatchGroup
291{
292 Param
293 (
294 [String]$id,
295 [String]$cve,
296 [PSCredential]$runAsCredential
297 )
298
299 $body = @{ Cve = $cve; } | ConvertTo-Json -Depth 99
300 Invoke-RestMethod -Uri "$($Uris.PatchGroups)/$($id)/patches/cve" -Method Post -Body $body -ContentType "application/json" -Credential $runAsCredential > $null
301}
302
303function Add-NullPatchToPatchGroup
304{
305 Param
306 (
307 [String]$id,
308 [PSCredential]$runAsCredential
309 )
310
311 $nullPatchResult = Invoke-RestMethod -Uri $Uris.NullPatch -Method Get -Credential $runAsCredential -Verbose
312 foreach($value in $nullPatchResult.value)
313 {
314 foreach ($vulnerability in $value.vulnerabilities)
315 {
316 $body = ConvertTo-Json -Depth 99 -InputObject @(, $vulnerability.id)
317 Invoke-RestMethod -Uri "$($Uris.PatchGroups)/$($id)/patches" -Method POST -Body $body -ContentType "application/json" -Credential $runAsCredential > $null
318 }
319 }
320}
321
322function Add-PatchGroup
323{
324 Param
325 (
326 [String]$groupName,
327 [PSCredential]$runAsCredential
328 )
329 $body = @{ name = $groupName; } | ConvertTo-Json -Depth 99
330 $response = Invoke-RestMethod -Uri $Uris.PatchGroups -Method Post -Body $body -ContentType "application/json" -Credential $runAsCredential
331 return $response
332}
333
334function Add-PatchScanTemplate
335{
336 Param
337 (
338 [String]$templateName,
339 [String]$patchGroupId,
340 [PSCredential]$runAsCredential
341 )
342 $body = @{ name = $templateName; PatchFilter = @{ patchGroupFilterType = 'Scan'; patchGroupIds = @($patchGroupId) }} | ConvertTo-Json -Depth 99
343 $response = Invoke-RestMethod -Uri $Uris.PatchScanTemplates -Method Post -Body $body -ContentType "application/json" -Credential $runAsCredential -Verbose
344 return $response
345}
346
347function Add-PatchDeployTemplate
348{
349 Param
350 (
351 [String]$templateName,
352 [PSCredential]$runAsCredential
353 )
354
355 #never reboot
356 if ($reboot)
357 {
358 # You want to reboot the machine immediately
359 $body =@{
360 name = $templateName;
361 PostDeploymentReboot = @{
362 options = @{
363 powerState = 'Restart';
364 countdownMinutes = 2;
365 extendMinutes = 1;
366 forceActionAfterMinutes = 1;
367 loggedOnUserAction = 'ForceActionAfterMinutes';
368 systemDialogSeconds = 10;
369 userOptions = 'AllowExtension';
370 }
371 when = 'ImmediateIfRequired'
372 }
373 } | ConvertTo-Json -Depth 99;
374 }
375 else
376 {
377 $body =@{
378 name = $templateName;
379 PostDeploymentReboot = @{
380 when = 'NoReboot'
381 }
382 } | ConvertTo-Json -Depth 99;
383 }
384
385 $response = Invoke-RestMethod -Uri $Uris.PatchDeployTemplates -Method Post -Body $body -ContentType "application/json" -Credential $runAsCredential -Verbose
386 return $response
387}
388
389function Invoke-PatchAndDeploy
390{
391 Param
392 (
393 [String]$ScanTemplateName,
394 [String]$MachineGroupName,
395 [String]$DeployTemplateName,
396 [String]$ScanName,
397 [String]$runAsCredentialId,
398 [PSCredential]$runAsCredential
399 )
400
401 # Find scan template
402 $allScanTemplates = Get-PaginatedResults $Uris.PatchScanTemplates $runAsCredential
403 $foundScanTemplate = $allScanTemplates | Where-Object { $_.Name -eq $ScanTemplateName }
404 if ($null -eq $foundScanTemplate)
405 {
406 Write-Error ("could not find patch scan template with name " + $ScanTemplateName)
407 }
408
409 # find machine group
410 $allMachineGroups = Get-PaginatedResults $Uris.MachineGroups $runAsCredential
411 $foundMachineGroup = $allMachineGroups | Where-Object { $_.Name -eq $MachineGroupName }
412 if ($null -eq $foundMachineGroup)
413 {
414 Write-Error ("could not find machine group with name " + $MachineGroupName)
415 }
416
417 # Find deploy template
418 $allDeployTemplates = Get-PaginatedResults $Uris.PatchDeployTemplates $runAsCredential
419 $foundDeployTemplate = $allDeployTemplates | Where-Object { $_.Name -eq $DeployTemplateName }
420 if ($null -eq $foundDeployTemplate)
421 {
422 Write-Error ("could not find patch deploy template with name " + $DeployTemplateName)
423 }
424
425 # perform the scan
426 $body = @{ MachineGroupIds = @( $foundMachineGroup.id ); Name = $ScanName; TemplateId = $foundScanTemplate.id; RunAsCredentialId = $runAsCredentialId } | ConvertTo-Json -Depth 99
427 Write-Host "Starting scan"
428 $scanOperation = Invoke-WebRequest -Uri $Uris.PatchScans -Method Post -Body $body -Credential $runAsCredential -Verbose -ContentType 'application/json'
429
430 # wait for scan to complete
431 $completedScan = Wait-Operation $scanOperation.headers['Operation-Location'] 5 $runAsCredential
432
433 # get the scan id for future use
434 $scan = Invoke-RestMethod -Uri $completedScan.resourceLocation -Credential $runAsCredential -Verbose -Method GET
435 Write-Host ( "Scan complete " + $scan.id)
436
437 # get the scan id for future use
438 $machines = Invoke-RestMethod -Uri $scan.links.machines.href -Credential $runAsCredential -Verbose -Method GET
439
440 foreach ($machineScanned in $machines)
441 {
442 foreach ($value in $machineScanned.value)
443 {
444 if (($value.installedPatchCount -gt 0) -or ($value.missingPatchCount -gt 0))
445 {
446 $patches = Invoke-RestMethod -Uri $value.links.patches.href -Credential $runAsCredential -Verbose -Method GET
447 foreach ($patch in $patches.value)
448 {
449 if ($deployPatches -eq $false -or $patch.scanState -ne "MissingPatch")
450 {
451 Write-Host ( $patch.bulletinId + " / " + $patch.kb + " (" + $patch.scanState + ") - NOT being deployed." )
452 }
453 else
454 {
455 Write-Host ( $patch.bulletinId + " / " + $patch.kb + " (" + $patch.scanState + ") - DEPLOYING." )
456 }
457 }
458 }
459 else
460 {
461 Write-Host ( "No patches were found")
462 }
463 }
464 }
465 # perform the deployment
466 if ($deployPatches)
467 {
468 Write-Host "Starting deployment"
469 $body = @{ ScanId=$scan.id; TemplateId = $foundDeployTemplate.id; RunAsCredentialId = $runAsCredentialId } | ConvertTo-Json -Depth 99
470 $deploy = Invoke-WebRequest -Uri $Uris.PatchDeployments -Method Post -Body $body -Credential $runAsCredential -Verbose -ContentType 'application/json'
471
472 # wait until deployment has a deployment resource location
473 $operationUri = $deploy.Headers['Operation-Location']
474 $operation = Invoke-RestMethod -Uri $operationUri -Credential $runAsCredential -Verbose -Method GET
475
476 while((($null -eq $operation.resourceLocation) -or ($operation.operation -eq "PatchDownload")) -and -not ($operation.status -eq "Succeeded"))
477 {
478 if (($operation.operation -eq "PatchDownload") -and ($null -ne $operation.percentComplete))
479 {
480 Write-Host ("Downloading patches..." + $operation.percentComplete + "%")
481 }
482 Start-Sleep -Seconds 1
483 $operation = Invoke-RestMethod -Uri $operationUri -Credential $runAsCredential -Verbose -Method GET
484 }
485
486 # It's possible we didn't have anything to patch in which case we're already succeeded.
487 # If so, don't both getting machine statuses as it will never return anything good.
488 if (-not $operation.status -eq "Succeeded")
489 {
490 # start getting deployment detailed status updates
491 $statusUri = $deploy.Headers['Location'] + '/machines'
492 $machineStatuses = Invoke-RestMethod $statusUri -Credential $runAsCredential -Verbose -Method GET
493
494 # now start getting and displaying the statuses
495 while(($machineStatuses.value[0].overallState -ne "Complete") -and ($machineStatuses.value[0].overallState -ne "Failed"))
496 {
497 Write-Host ("Overall Status = " + $machineStatuses.value[0].overallState)
498 Write-Host ("Status Description = " + $machineStatuses.value[0].statusDescription)
499
500 $updateDelaySeconds = 30
501
502 # only check for new updates every $updateDelaySeconds
503 Start-Sleep -Seconds $updateDelaySeconds
504 $machineStatuses = Invoke-RestMethod $statusUri -Credential $runAsCredential -Verbose -Method GET
505 }
506 }
507 Write-Host "Deployment scheduled"
508 }
509 else
510 {
511 Write-Host "You specified NOT to Deploy the patches."
512 }
513}
514
515function Invoke-ScanAndDeploy
516{
517 Param
518 (
519 [parameter(Mandatory = $true)]
520 [String]$machineToScan = $(throw "Must supply a machine to scan."),
521 [parameter(Mandatory = $false)]
522 [String[]]$cveToScanFor,
523 [parameter(Mandatory = $true)]
524 [PSCredential]$runAsCredential = $(throw "Must supply run as credentials."),
525 [parameter(Mandatory = $true)]
526 [PSCredential]$loginCredential = $(throw "Must supply your logged on credentials.")
527 )
528
529 $toDelete = [System.Collections.ArrayList]@()
530 try
531 {
532 $uid = [Guid]::NewGuid()
533 $loginCredentialName = "Sample Admin Credential -" + $uid
534 $loginCredentialRef = Add-Credential $loginCredentialName $loginCredential $runAsCredential
535 $toDelete.Add($loginCredentialRef.links.self.href) > $null
536 $runAsCredentialName = "Sample REST Invoke Credential -" + $uid
537 $runAsCredentialRef = Add-Credential $runAsCredentialName $runAsCredential $runAsCredential
538 $toDelete.Add($runAsCredentialRef.links.self.href) > $null
539 $machineGrouplName = "Sample Machine Group -" + $uid
540 $response = Add-MachineGroup $machineGrouplName $machineToScan $loginCredentialRef.id $runAsCredential
541 $toDelete.Add($response.links.self.href) > $null
542 $patchGroupName = "Sample Patch Group -" + $uid
543 $patchGroupRef = Add-PatchGroup $patchGroupName $runAsCredential
544 Add-NullPatchToPatchGroup $patchGroupRef.id $runAsCredential
545 $cveToScanFor | ForEach-Object { Add-CveToPatchGroup $patchGroupRef.id $_ $runAsCredential }
546 $toDelete.Add($patchGroupRef.links.self.href) > $null
547 $scanTemplateName = "Sample Scan Template-" + $uid
548 $response = Add-PatchScanTemplate $scanTemplateName $patchGroupRef.id $runAsCredential
549 $toDelete.Add($response.links.self.href) > $null
550 $deployTemplateName = "Sample Deploy Template -" + $uid
551 $response = Add-PatchDeployTemplate $deployTemplateName $runAsCredential
552 $toDelete.Add($response.links.self.href) > $null
553 Invoke-PatchAndDeploy -ScanTemplateName $scanTemplateName -MachineGroupName $machineGrouplName -DeployTemplateName $deployTemplateName -ScanName $uid -RunAsCredential $runAsCredential -RunAsCredentialId $runAsCredentialRef.id
554 }
555 finally
556 {
557 if ($deleteSampleData)
558 {
559 # cleanup collateral
560 $toDelete.Reverse();
561 $toDelete | ForEach-Object { Remove-RestResourceSafe $_ $runAsCredential }
562 }
563 else
564 {
565 Write-Host "You did NOT want to delete the sample data."
566 }
567 }
568}
569
570#####################################
571# Start Script
572#####################################
573try
574{
575 # Who do you want to run the REST API invoke calls
576 #$RESTInvokeCredential = Get-Credential $loggedOnUserName
577 $RESTInvokeCredential = $loginCredential = $credential
578
579 # The machine to scan's administrator credentials
580 #$adminCredential = Get-Credential $loggedOnUserName
581 $adminCredential = $runAsCredential = $credential
582
583 Invoke-ScanAndDeploy $machineToScan $cveList $RESTInvokeCredential $adminCredential
584}
585catch [Exception]
586{
587 $private:e = $_.Exception
588 do
589 {
590 Write-Host "Error: " $private:e
591 $private:e = $private:e.InnerException
592 }
593 while ($private:e -ne $null)
594}