cancel
Showing results for 
Search instead for 
Did you mean: 
bartb
Level 7
Report Inappropriate Content
Message 11 of 46

Re: McAfee Open API via PowerShell

In the interest of full disclosure, I am just starting to learn powershell as I work with this.

$epoServer="https://foo:8443"

$Credential=get-credential -Credential $null

$epoUser=$Credential.GetNetworkCredential().username

$epoPassword=$Credential.GetNetworkCredential().password

$wc=new-object System.net.WebClient

$wc.Credentials = new-object System.Net.NetworkCredential -ArgumentList ($epoUser, $epoPassword)

That's the code that I'm working with, but I don't know how to attach the $epoServer to $wc

As for what I'm trying to do, I'm trying to write a powershell script that, when passed a computer name, will delete that object from ePo.  I'm trying to avoid using the Python interface.

Re: McAfee Open API via PowerShell

$epoServer="https://foo:8443"

$Credential=get-credential -Credential $null

$epoUser=$Credential.GetNetworkCredential().username

$epoPassword=$Credential.GetNetworkCredential().password

$url="https://foo:8443/remote/system.delete?names=$pc"

$wc=new-object System.net.WebClient

$wc.Credentials = new-object System.Net.NetworkCredential -ArgumentList ($epoUser, $epoPassword)

$wc.downloadstring("$url")

You need to make sure you are contacting the right part of the ePO server. All of the webAPI is accessed through the /remote/ folder.

Then just call the bolded line and that will make the webAPI call for you.

It will be displayed and outputted as a string. So if you need to parse the information use the System.String methods.

Re: McAfee Open API via PowerShell

As, mingle1, stated - the $epoServer variable is only there to use within the $url variable.  In the event your ePO server would change (think going from test/prod/etc...).

Something like this could be used:

$epoServer = "https://foo:8443"

$url = "$epoServer/remote/system.delete?names=$pc"

You only need the server/URL when you pass it through the web client to make a connection.

Message was edited by: wp4n on 7/30/13 12:11:19 PM CDT

Re: McAfee Open API via PowerShell

Bartb,

Try this:

Add the systems you want to delete to the csv file with the first line containing the word hostname.

The rest of the script will read each record in the csv file and delete the system from EPO.  The $wc.downloadstring($url) is basically the working process of the script to send the command to EPO.

$epoServer = "https://<server>:<port>"
$Credential = get-credential -Credential $null
$epoUser = $Credential.GetNetworkCredential().username
$epoPassword = $Credential.GetNetworkCredential().password

$arrSys = Import-Csv ".\test.csv"

foreach ($sys in $arrSys) {

$compName = $sys.hostname

$url = "$epoServer/remote/system.delete?names=$compName"
$wc = new-object system.net.webclient
$wc.credentials = New-Object System.Net.NetworkCredential `
-ArgumentList ($epoUser,$epoPassword)
$wc.DownloadString($url)

}

bartb
Level 7
Report Inappropriate Content
Message 15 of 46

Re: McAfee Open API via PowerShell

Awesome!  I'm starting to get this working.  Thank you everyone for your help

I'll certainly keep asking questions, I know I'll have more.

Re: McAfee Open API via PowerShell

Does anyone happen to have a PowerShell module (created with PowerShell - not C/C+/C#/etc...)? 

dhalliday?  mingle1?

I'd be interested to see some more examples.  I think I'm about to start back up on my work that I was doing previously on this, and I'd like to keep everything coded in PowerShell to keep it open source/easily readable by other organizations.

Re: McAfee Open API via PowerShell

I don't have a module in the general sense. It is something that I am slowly working on though.

I mostly just change the url when I need to and if I need the output in a specific manner I code around that and store it.

Highlighted

Re: McAfee Open API via PowerShell

I started building out a module a few weeks back, and simply got swamped at work - haven't had time to get a copy of what's completed tossed on here.  Hopefully I can get something posted this week.

***Update - 2013/09/03 2:47PM***

Decided to review what I had completed (which isn't much), and put it on here for the time being. 

Current functions:

-  Connect-MFEServer

-  Get-MFEVersion

-  Get-MFEServerTask

-  Enable-MFEServerTask

-  Disable-MFEServerTask

-  Get-MFESystem

Message was edited by: wp4n on 9/3/13 2:54:01 PM CDT

Re: McAfee Open API via PowerShell

I just had to build a new one for a migration we are doing for EEPC:

$epoServer = "https://<server>:<port>"

$Credential = get-credential -Credential $null

$epoUser = $Credential.GetNetworkCredential().username

$epoPassword = $Credential.GetNetworkCredential().password

#Source File

$list = ".\computers.csv"

Function getEPOInfo {

          param (

 

          [Parameter(Mandatory=$true)]

          $system

 

          )

          $file = ".\output.xml"

          $xml = ".\compInfo.xml"

 

          [System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true}

          $url = "$epoServer/remote/system.find?searchText=$system&:output=xml"

          $wc = new-object system.net.webclient

          $wc.credentials = New-Object system.Management.Automation.PSCredential($epoUser,$epoPassword)

          $webpage = $wc.DownloadString($url)

 

          $webpage | out-file $file -Force

          gc $file | Select-Object -skip 1 | sc $xml -Force

 

          $xmldata = [xml](gc $xml)

 

          $xmlRoot = $xmldata.result.list.row

 

          $parentID = $xmlRoot."EPOComputerProperties.ParentID"

 

          $userName = $xmlRoot."EPOComputerProperties.UserName"

 

          $array = $parentID,$userName

          $array

}

function eeAddUser {

 

          param (

 

          [Parameter(Mandatory=$true)]

          $iD,$userDN

 

          )

          [System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true}

          $url = "$epoServer/remote/eeadmin.assignUser?systemNode=TRUE&nodeId=$iD&dn=$userDN"

          $wc = new-object system.net.webclient

          $wc.credentials = New-Object system.Management.Automation.PSCredential($epoUser,$epoPassword)

          $webpage = $wc.DownloadString($url)

}

#Import Active Directory Module

Import-Module ActiveDirectory

$arrSystems = Import-Csv $list

foreach ($sys in $arrSystems) {

 

          $sysName = $sys.hostname

 

          $epoInfo = getEPOInfo $sysName

 

          $sysID = $epoInfo[0]

          $sysUser = $epoInfo[1]

 

          $user = (Get-ADUser -Identity $sysUser).DistinguishedName

 

          Write-Host "Adding $sysUser to $sysName"

          eeAddUser $sysID $user

}

Re: McAfee Open API via PowerShell

My Addition.....

Export a MachineKey so that I can use it with EETech

[CmdletBinding()]

param (

    [parameter( Mandatory = $True ) ]

          [String] $ComputerName = $env:ComputerName,

    [parameter( Mandatory = $True ) ]

    [ValidateScript({

            If ( !(Test-path -Path (Split-Path -Path $_)) ) {

                Throw "Path not valid: [ $(Split-path -path $_) ]" }

            Else { $True }

        })]

    [String] $FilePath

)

# Prevent SSL Trust Relationship Error by Accepting ALL SSL Certs

#  i.e.  Self-Signed Certs

add-type @"

    using System.Net;

    using System.Security.Cryptography.X509Certificates;

    public class TrustAllCertsPolicy : ICertificatePolicy {

        public bool CheckValidationResult(

            ServicePoint srvPoint, X509Certificate certificate,

            WebRequest request, int certificateProblem) {

            return true;

        }

    }

"@

[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy

$ePOURI = "https://MY_EPO_SERVER:8443/remote/"

$ePOcred = Get-Credential

$epoCommand = "eeadmin.exportMachineKey?"

$epoArgs = "machineName=$($ComputerName)"

Write-Verbose ($ePOURI + $epoCommand + $epoArgs)

$response = Invoke-WebRequest -Uri "$($ePOURI)$($epoCommand)$($epoArgs)" -Credential $ePOcred -TimeoutSec 15 -UseBasicParsing

[XML]$Result = $response.Content -replace ('OK:\r\n','')

Write-Verbose "Result: $Result"

If ($Result.MfeEpeExportMachineKeys.errorCode -ne 0) {

          Write-Warning "ERROR CODE: $($Result.MfeEpeExportMachineKeys.errorCode)"

          Write-Warning "ERROR: Unable to find ComputerName"

} Else {

          Write-Verbose "PASSED: Error Code - $($Result.MfeEpeExportMachineKeys.errorCode)"

          Write-Verbose "Key: $($Result.MfeEpeExportMachineKeys.current.innerXML)"

          $xml = New-Object XML

          $Key = $Result.MfeEpeExportMachineKeys.current.InnerXml

          $xml.LoadXml("<MfeEpeExportMachineKey>$Key</MfeEpeExportMachineKey>")

          $xml.Save("$FilePath")

}

More McAfee Tools to Help You

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community