1+ $ImportDirName = " Import"
2+ $ImportRoot = " .\$ImportDirName \"
3+ $SafesImportFile = " $ImportRoot \SafesList.csv"
4+ $ObjectsImportFile = " $ImportRoot \FileList.csv"
5+ $PropertiesImportFile = " $ImportRoot \ObjectProperties.csv"
6+ $PoliciesImportFile = " $ImportRoot \Policies.xml"
7+
8+ $ExportDirName = " Export"
9+ $ExportRoot = " .\$ExportDirName \"
10+ $SafesExportFile = " $ExportRoot \Safes.csv"
11+ $AccountsListExportFile = " $ExportRoot \AccountsList.csv"
12+ $InUsePropExportFile = " $ExportRoot \InUseProperties.csv"
13+ $InUsePropUniqueExportFile = " $ExportRoot \InUsePropUnique.csv"
14+ $AccountsExportFile = " $ExportRoot \Accounts.csv"
15+ $LinksExportFile = " $ExportRoot \Links.csv"
16+
17+ <#
18+ Command to generate EVD Export required
19+
20+ .\exportVaultData.exe \VaultFile=vault.ini \CredFile=admin.cred \target=File \UseQualifier=All \BundleTransaction=Yes \FilesList=.\CSV\FileList.csv \OwnersList=.\CSV\OwnersList.csv \SafesList=.\CSV\SafesList.csv \GroupsList=.\CSV\GroupsList.csv \UsersList=.\CSV\UsersList.csv \ObjectProperties=.\CSV\ObjectProperties.csv
21+ #>
22+ $PSStyle.Progress.View = ' Classic'
23+ $progressUpdates = 10000
24+ $timerStart = Get-Date
25+
26+ IF (! $ (Test-Path $ImportRoot )) {
27+ New-Item - Path " .\" - Name " $ImportDirName " - ItemType " directory" - ErrorAction SilentlyContinue
28+ }
29+ IF (! $ (Test-Path $ExportRoot )) {
30+ New-Item - Path " .\" - Name " $ExportDirName " - ItemType " directory" - ErrorAction SilentlyContinue
31+ }
32+
33+ ([wmi ]" win32_process.handle=`" $PID `" " 128 ) | Out-Null
34+
35+ Write-Host " Started at $ ( $timerStart ) " - ForegroundColor Cyan
36+ Write-Host ' Creating list of safes to remove'
37+
38+ [String []]$objectSafesToRemove = @ (' System' , ' Pictures' , ' VaultInternal' , ' Notification Engine' , ' SharedAuth_Internal' , ' PVWAUserPrefs' ,
39+ ' PVWAConfig' , ' PVWAReports' , ' PVWATaskDefinitions' , ' PVWAPrivateUserPrefs' , ' PVWAPublicData' , ' PVWATicketingSystem' ,
40+ ' AccountsFeed' , ' PSM' , ' xRay' , ' PIMSuRecordings' , ' xRay_Config' , ' AccountsFeedADAccounts' , ' AccountsFeedDiscoveryLogs' , ' PSMSessions' , ' PSMLiveSessions' , ' PSMUniversalConnectors' ,
41+ ' PSMNotifications' , ' PSMUnmanagedSessionAccounts' , ' PSMRecordings' , ' PSMPADBridgeConf' , ' PSMPADBUserProfile' , ' PSMPADBridgeCustom' , ' PSMPConf' , ' PSMPLiveSessions'
42+ ' AppProviderConf' , ' PasswordManagerTemp' , ' PasswordManager_Pending' , ' PasswordManagerShared' , ' SCIM Config' , ' TelemetryConfig'
43+
44+ [string []]$cpmUsers = @ (' PasswordManager' , ' PasswordManagerCP'
45+ 1 .. 20 | ForEach-Object { $cpmUsers += " PasswordManager$ ( $PSitem ) "
46+ [string []]$cpmSafes = @ ()
47+ $cpmUsers | ForEach-Object {
48+ $cpmSafes += " $ ( $PSitem ) "
49+ $cpmSafes += " $ ( $PSitem ) _Accounts"
50+ $cpmSafes += " $ ( $PSitem ) _ADInternal"
51+ $cpmSafes += " $ ( $PSitem ) _Info"
52+ $cpmSafes += " $ ( $PSitem ) _workspace"
53+ }
54+
55+ $SafesToRemove = $cpmSafes
56+ $cpmSafes = $null
57+ $SafesToRemove += $objectSafesToRemove
58+ $objectSafesToRemove = $null
59+
60+ Write-Host " A total of $ ( $SafesToRemove.Count.ToString (' N0' ) safes to remove"
61+
62+ Write-Host " Completed work with safes to remove at $ ( Get-Date ) , starting work on safe import" - ForegroundColor Cyan
63+
64+ [string []]$extraSafesToRemove = @ (' PSM-PIDMSCCWPRPSM01' , ' PSM-RecordingsDWS1' , ' PSM-RecordingsLIN' , ' PSM-RecordingsLIN4' , ' PSM-RecordingsLINUX' ,
65+ ' PSM-RecordingsWIN' , ' PSM-RecordingsWIN2' , ' PSM-RecordingsWIN4' , ' PSM-RecordingsWIN6' , ' PSMLiveSessions_old' , ' PSMRecordings_ADWIN' ,
66+ ' PSMRecordingsENCASE' , ' PSMRecordingsENCASE1' , ' PSMRecordingsLIN' , ' PSMRecordingsLIN4' , ' PSMrecordingsSCC' , ' PSMRecordingsWIN' , ' PSMRecordingsWIN4' ,
67+ ' PSMRecordingsWIN6' , ' PSMSessions_OLD' , ' PSMSessions_OLD' , ' PSMUnmanagedSessionA-OLD' , ' CyberarkLOGS' , ' PSM_OlD'
68+
69+ $SafesToRemove += $extraSafesToRemove
70+ $extraSafesToRemove = $null
71+
72+ $SafeFile = Import-Csv $SafesImportFile - Header SafeID, Safe, LocationID, LocationName, Size, MaxSize, % UsedSize, LastUsed, VirusFree, TextOnly, AccessLocation, SecurityLevel, Delay, FromHour, ToHour, DailyVersions, MonthlyVersions, YearlyVersions, LogRetentionPeriod, ObjectsRetentionPeriod, RequestRetentionPeriod, ShareOptions, ConfirmersCount, ConfirmType, DefaultAccessMarks, DefaultFileCompression, DefaultReadOnly, QuotaOwner, UseFileCategories, RequireReasonToRetrieve, EnforceExlusivePasswords, RequireContentValidation, CreationDate, CreatedBy, NumberOfPasswordVersions
73+ Write-Host " Imported $ ( $SafeFile.Count.ToString (' N0' ) Safes"
74+ $Safes = $SafeFile | Select-Object - Property SafeID, Safe | Where-Object { $PSItem.Safe -notIn $safesToRemove }
75+ $SafeFile = $null
76+ Write-Host " Afrer removing out of scope safes $ ( $Safes.Count.ToString (' N0' ) remain"
77+ [hashtable ]$SafesHT = $null
78+ [hashtable ]$SafesHT = @ {}
79+ $null = $Safes | ForEach-Object {
80+ Try {
81+ $SafesHT.Add ($PSitem.SafeID , $PSItem.Safe )
82+ }
83+ catch {
84+ Write-Error " Error on $item "
85+ Write-Error $PSItem
86+ }
87+ }
88+ $Safes | Sort-Object - Property Safe | Export-Csv $SafesExportFile
89+ $Safes = $null
90+ $SafeFile = $null
91+ Write-Host " Safe hashtable created with $ ( $SafesHT.Count.ToString (' N0' ) entries"
92+ Write-Host " Completed work with safes at $ ( Get-Date ) , starting work on objects" - ForegroundColor Cyan
93+
94+ Write-Host ' Starting to import objects'
95+ $AccountsFile = Import-Csv $ObjectsImportFile - Header SafeID, Safe, Folder, FileID, FileName, InternalName, Size, CreatedBy, CreationDate, LastUsedBy, LastUsedDate, ModificationDate, ModifiedBy, DeletedBy, DeletionDate, LockDate, LockBy, LockedByUserID, Accessed, New, Retrieved, Modified, IsRequestNeeded, ValidationStatus, Type, CompressedSize, LastModifiedDate, LastModifiedBy, LastUsedByHuman, LastUsedHumanDate, LastUsedByComponent, LastUsedComponentDate
96+ Write-Host " Imported $ ( $AccountsFile.Count.ToString (' N0' ) objects"
97+ $AccountsListTemp = $AccountsFile | Where-Object { ' 2' -eq $PSitem.Type } | Select-Object - Property SafeID, Safe, FileID, FileName, DeletionDate
98+ $AccountsList = $AccountsListTemp | ForEach-Object {
99+ IF ([string ]::IsNullOrEmpty($PSItem.DeletionDate )) {
100+ If ($Null -ne $SafesHT [$ ($PSitem.SafeID )]) {
101+ $PSitem
102+ }
103+ }
104+ }
105+
106+ [hashtable ]$AccountsListHT = $null
107+ [hashtable ]$AccountsListHT = @ {}
108+ $AccountsList | ForEach-Object {
109+ Try {
110+ $AccountsListHT.Add (" $ ( $PSitem.SafeID ) _$ ( $PSItem.FileID ) " , " "
111+ }
112+ catch {
113+ Write-Error " Error on $item "
114+ Write-Error $PSItem
115+ }
116+ }
117+
118+ $SafesToRemove = $Null
119+ $AccountsFile = $null
120+ Write-Host " Afrer removing out of scope safes, file type of file, and deleted items, $ ( $AccountsList.Count.ToString (' N0' ) password objects remain"
121+ $AccountsList | Export-Csv $AccountsListExportFile
122+
123+ Write-Host " Completed work with objects at $ ( Get-Date ) , starting work on properties" - ForegroundColor Cyan
124+
125+ [string []]$baseProps = @ (' PolicyID' , ' DeviceType' , ' CPMDisabled' , ' CPMErrorDetails' , ' CPMStatus' , ' Description' , ' LimitDomainAccess' , ' AccountIDCode'
126+ [string []]$ExtraProps = @ (' ExtraPass1Safe' , ' ExtraPass1Folder' , ' ExtraPass1Name' , ' ExtraPass2Safe' , ' ExtraPass2Folder' , ' ExtraPass2Name' , ' ExtraPass3Safe' , ' ExtraPass3Folder' , ' ExtraPass3Name'
127+ [xml ]$xml = Get-Content $PoliciesImportFile
128+ $Nodes = $xml.SelectNodes (' //Property'
129+ [string []]$InUseProps = $nodes.Name | Select-Object - Unique | Sort-Object
130+ Write-Host " Completed work with $ ( $ (Get-Item $PoliciesImportFile ).name) at $ ( Get-Date ) , starting work on object properties"
131+
132+ $InUseProps += $baseProps
133+ $baseProps = $null
134+ $InUseProps += $ExtraProps
135+ $ExtraProps = $null
136+ Write-Host " Found a total of $ ( $InUseProps.Count.ToString (' N0' ) in scoppe unique properties"
137+
138+ Write-Host ' Starting import of objects properties'
139+ $ObjectFile = Import-Csv $PropertiesImportFile - Header ObjectPropertyId, ObjectPropertyName, SafeId, FileId, ObjectPropertyValue, Options
140+ Write-Host " Imported $ ( $ObjectFile.Count.ToString (' N0' ) object properties"
141+ Write-Host " Import completed at $ ( Get-Date ) , dropping all properties in a out of scope safe"
142+ $InUsePropertiesSafes = $ObjectFile | ForEach-Object {
143+ If ($Null -ne $SafesHT [$ ($PSitem.SafeID )]) {
144+ $PSitem
145+ }
146+ }
147+ $InUseProperties = $InUsePropertiesSafes | ForEach-Object {
148+ If ($Null -ne $AccountsListHT [" $ ( $PSitem.SafeID ) _$ ( $PSItem.FileID ) "
149+ $PSitem
150+ }
151+ }
152+
153+ $ObjectFile = $null
154+ Write-Host " After removing object propterties in out of scope safes $ ( $InUseProperties.Count.ToString (' N0' ) password object properties remain"
155+ $InUseProperties | Export-Csv $InUsePropExportFile
156+ Write-Host " Export completed of all properties at $ ( Get-Date ) , exporting list of unique property types"
157+ [PSCustomObject ]$InUseUniqueProperties = $InUseProperties.ObjectPropertyName | Select-Object - Unique
158+
159+ $InUseUniquePropertiesList = $InUseUniqueProperties | ForEach-Object { iF ($PSItem -in $InUseProps ) {
160+ $PSItem
161+ }
162+ }
163+ $InUseUniqueProperties = $null
164+ ' Property' | Out-File $InUsePropUniqueExportFile
165+ $InUseUniquePropertiesList | Out-File - Append $InUsePropUniqueExportFile
166+ Write-Host " A total of $ ( $InUseUniqueProperties.Count.ToString (' N0' ) unique object properties found"
167+
168+ Write-Host " Completed work with Properties at $ ( Get-Date ) , starting work on Accounts Hash Table" - ForegroundColor Cyan
169+
170+ [hashtable ]$AccountsHT = $null
171+ [hashtable ]$AccountsHT = @ {}
172+ $total = $AccountsList.Count
173+ $progressCount = 0
174+ Write-Progress - Activity ' Populating Accounts Hash Table' - Status " 0 out of $ ( $total.ToString (' N0' ) entered"
175+ $null = $AccountsList | ForEach-Object {
176+ Try {
177+ $item = $PSItem
178+ $FileName = $PSitem.FileName
179+ $AccountID = " $ ( $Item.SafeID ) _$ ( $Item.FileID ) "
180+ [PSCustomObject ]$AccountPropList = @ (' Safe' , $ (@ {Name = ' Name' Expression = { $FileName } }), $ (@ {Name = ' AccountIDCode' Expression = { $AccountID } }))
181+ $AccountPropList += [pscustomobject ]$InUseUniquePropertiesList
182+ $AccountObject = $Item | Select-Object - Property $AccountPropList
183+ $AccountsHT.Add ($AccountID , $AccountObject )
184+ $AccountID = $null
185+ $AccountObject = $null
186+ $progressCount += 1
187+ IF ($progressCount -gt $ ($progressUpdates - 1 )) {
188+ $progressCount = 0
189+ $count = $accountsList.IndexOf ($PSItem )
190+ $progressParameters = @ {
191+ Activity = ' Populating Accounts Hash Table'
192+ Status = " $ ( $ ($count +1 ).ToString(' N0' ) out of $ ( $total.ToString (' N0' ) entered"
193+ PercentComplete = $ ($ ($count / $total ) * 100 )
194+ }
195+ Write-Progress @progressParameters
196+ }
197+ }
198+ Catch {
199+ Write-Error " Error on $item "
200+ Write-Error $PSItem
201+ # Wait-Debugger
202+ }
203+ }
204+ Write-Progress - Completed
205+
206+ $AccountsList = $null
207+ Write-Host " Account hashtable created with $ ( $AccountsHT.Count.ToString (' N0' ) entries"
208+ Write-Host " Completed work with accounts hash table at $ ( Get-Date ) , adding properties to account hash table"
209+
210+ $total = $InUseProperties.Count
211+ $progressCount = 0
212+ Write-Progress - Activity ' Adding Accounts Properties' - Status " 0 out of $ ( $total.ToString (' N0' ) entered"
213+ Start-Sleep - Milliseconds 1
214+ $null = $InUseProperties | ForEach-Object {
215+ Try {
216+ $item = $PSItem
217+ If ($item.ObjectPropertyName -in $InUseUniquePropertiesList ) {
218+ $AccountID = " $ ( $Item.SafeID ) _$ ( $Item.FileID ) "
219+ IF (! $ ([string ]::IsNullOrEmpty($ ($item.ObjectPropertyValue )))) {
220+ $AccountsHT [$AccountID ].$ ($item.ObjectPropertyName ) = $ ($item.ObjectPropertyValue ).ToString()
221+ }
222+ }
223+ $progressCount += 1
224+ IF ($progressCount -gt $ ($progressUpdates - 1 )) {
225+ $progressCount = 0
226+ $count = $InUseProperties.IndexOf ($PSItem )
227+ $progressParameters = @ {
228+ Activity = ' Adding Accounts Properties'
229+ Status = " $ ( $ ($count +1 ).ToString(' N0' ) out of $ ( $total.ToString (' N0' ) entered"
230+ PercentComplete = $ ($ ($count / $total ) * 100 )
231+ }
232+ Write-Progress @progressParameters
233+ }
234+ }
235+ Catch {
236+ Write-Error " Error on $item "
237+ Write-Error $PSItem
238+ # Wait-Debugger
239+ }
240+ }
241+ Write-Progress - Completed
242+ $InUseProperties = $null
243+ $InUseUniquePropertiesList = $null
244+ Write-Host " Completed work with accounts properties at $ ( Get-Date ) , Exporting Accounts to CSV" - ForegroundColor Cyan
245+
246+ Write-Host " Starting export of accounts to CSV at $ ( Get-Date ) "
247+ $Accounts = $AccountsHT.Values | Where-Object { $PSitem.PSObject.Properties -notmatch ' ExtraPass.*' | Select-Object - ExcludeProperty @ (' ExtraPass1Safe' , ' ExtraPass1Folder' , ' ExtraPass1Name' , ' ExtraPass2Safe' , ' ExtraPass2Folder' , ' ExtraPass2Name' , ' ExtraPass3Safe' , ' ExtraPass3Folder' , ' ExtraPass3Name'
248+ $Accounts | Export-Csv $AccountsExportFile
249+ $Accounts = $null
250+ Write-Host " Export of accounts to CSV completed at $ ( Get-Date ) "
251+
252+ Write-Host " Starting to find account links at $ ( Get-Date ) , removing all extra fields"
253+ $LinksPrep = $AccountsHT.Values | Where-Object { $PSitem.PSObject.Properties -match ' ExtraPass.*' | Select-Object - Property @ (' Safe' , ' Name' , ' Username' , ' Address' , ' ExtraPass1Safe' , ' ExtraPass1Folder' , ' ExtraPass1Name' , ' ExtraPass2Safe' , ' ExtraPass2Folder' , ' ExtraPass2Name' , ' ExtraPass3Safe' , ' ExtraPass3Folder' , ' ExtraPass3Name'
254+ Write-Host " Completed removing all extra fields at $ ( Get-Date ) , find accounts with logon accounts"
255+ $linkLogon = $LinksPrep | Where-Object { ($Null -ne $PSitem.ExtraPass1Safe ) -or ($Null -ne $PSitem.ExtraPass1Folder ) -or ($Null -ne $PSitem.ExtraPass1Name ) }
256+ Write-Host " Completed finding accounts with logon accounts at $ ( Get-Date ) and found $ ( $linkLogon.count.ToString (' N0' ) accounts, finding accounts with enable or other linked accounts"
257+ $linkEnable = $LinksPrep | Where-Object { ($Null -ne $PSitem.ExtraPass2Safe ) -or ($Null -ne $PSitem.ExtraPass2Folder ) -or ($Null -ne $PSitem.ExtraPass2Name ) }
258+ Write-Host " Completed finding accounts with enable or other linked accounts at $ ( Get-Date ) and found $ ( $linkEnable.count.ToString (' N0' ) accounts, finding accounts with reconcile accounts"
259+ $linkRecon = $LinksPrep | Where-Object { ($Null -ne $PSitem.ExtraPass3Safe ) -or ($Null -ne $PSitem.ExtraPass3Folder ) -or ($Null -ne $PSitem.ExtraPass3Name ) }
260+ Write-Host " Completed finding accounts with reconcile accounts at $ ( Get-Date ) and found $ ( $linkRecon.count.ToString (' N0' ) accounts, merging found accounts"
261+ $LinksPrep = $null
262+
263+ $linksMerge += $linkLogon
264+ $linksMerge += $linkEnable
265+ $linksMerge += $linkRecon
266+
267+ Write-Host " Completed merging account lists at $ ( Get-Date ) and found $ ( $linksMerge.count.ToString (' N0' ) accounts, removing duplicate accounts"
268+
269+ $links = $linksMerge | Select-Object - Property * - Unique
270+
271+ Write-Host " Completed removing dupliate accounts at $ ( Get-Date ) and found $ ( $links.count.ToString (' N0' ) unique accounts"
272+
273+ Write-Host " Starting export of account links to CSV at $ ( Get-Date ) "
274+ $Links | Export-Csv $LinksExportFile
275+ Write-Host " Export of account links to CSV completed at $ ( Get-Date ) "
276+
277+ Write-Host " Completed export of accounts properties at $ ( Get-Date ) ."
278+ $timerEnd = Get-Date
279+ Write-Host " Completed $ ( $timerEnd ) " - ForegroundColor Cyan
280+ New-TimeSpan - Start $timerStart - End $timerEnd
281+ Write-Host " It took $ ( $ (New-TimeSpan - Start $timerStart - End $timerEnd ).ToString(' hh\:mm\:ss' ) to complete processing"
282+
283+
284+ [hashtable ]$AccountsHT = $null
285+ $Links = $null
0 commit comments