This Powershell Module is a wrapper for the API of Dracoon
Explore the docs »
Report Bug
·
Request Feature
This Powershell Module is a wrapper for the API of Dracoon. Dracoon is a solution for a secure file exchange and can be used as a cloud service or OnPremise for internal uses. Further information about Dracoon can be found at https://www.dracoon.com/.
The API is very well documented with swagger, documentation can either be found at https://dracoon.team/api/ or (for your custom installation) at https://yourdomain.com/api/.
To get a local copy up and running follow these simple steps.
All prerequisites will be installed automatically.
The releases are published in the Powershell Gallery, therefor it is quite simple:
Install-Module Dracoon -Force -AllowClobberThe AllowClobber option is currently neccessary because of an issue in the current PowerShellGet module. Hopefully it will not be needed in the future any more.
The module is a wrapper for the Dracoon API. As you have to authenticate with OAuth2.0 it is necessary to create a client application within the admin web-page. For this
- Go to System Settings / Apps in the navigation bar
- Click on the Add app button
- Enter an application name (e.g. "Powershell Scripting")
- enable all 4 checkboxes (authorization code:implicit:password:refresh token)
- Copy the Client ID and the Client Secret. Both will be referenced as
$ClientIDand$ClientSecret.
If the Application "DRACOON Legacy Scripting Support" is activated you can use dracoon_legacy_scripting as ClientID and omit the ClientSecret.
Now it's time to open the powershell. Prepare the basic variables:
$cred=Get-Credential -Message "Dracoon"
$clientId="YOU JUST CREATED IT ;-)"
$clientSecret="THIS ALSO"
$url="dracoon.mydomain.com"From here you have multiple possibilities to connect to your server and store the connection for further usage:
If you are running an older version it maybe possible to login directly. But this option is deprecated and will be removed in every installation in the future
$connection=Connect-Dracoon -Url $url -Credential $cred# Generate accesstoken
$accessToken=Request-DracoonOAuthToken -ClientID $clientId -ClientSecret $clientSecret -Url $url -Credential $cred -TokenType access
# Login with created access token
$connection=Connect-Dracoon -Url $url -AccessToken $accessToken# Create a refresh token
$refreshToken=Request-DracoonOAuthToken -ClientID $clientId -ClientSecret $clientSecret -Credential $cred -url $url -TokenType refresh
# Connect directly with the refresh token
$connection=Connect-Dracoon -ClientID $clientId -ClientSecret $clientSecret -url $url -RefreshToken $refreshToken
# Second option: Create an access token from the refreh token and login with the access token.
$accessToken=Request-DracoonOAuthToken -ClientID $clientId -ClientSecret $clientSecret -Url $url -RefreshToken $refreshToken
$connection=Connect-Dracoon -Url $url -AccessToken $accessTokenNow we are connected to your server: What can we do?
# Query all Users and display the data in a table
Get-DracoonUser -Connection $connection |ft
# Query a specific user (you have to know the login)
Get-DracoonUser -Connection $connection -Filter 'login:cn:DonaldDuck'
#Find all locked accounts and remove the users (Luckily it supports WhatIf)
Get-DracoonUser -Connection $connection -Filter 'isLocked:eq:true' |Remove-DracoonUser -connection $connection -WhatIfIf you need an overview of the existing commands use
# List available commands
Get-Command -Module Dracoon
#Get-Help for a specific command
Get-Help -Detailed Get-DracoonUsereverything else is documented in the module itself.
Are you tired of typing the URL of your Server? Do you have multiple instances? Add the possible URLs to the Tab Completer:
Add-DracoonURL "myserver.com"Now give it a try and hit TAB after any -Url Parameter. You can now choose between all previously saved server addresses.
The same mechanism kicks in for the '-Filter' parameters:
Get-DracoonUser -Connection $connection -Filter [TAB]
effectiveRoles:eq:[true or false] firstName:cn:[search String]
isLocked:eq:[true or false] lastName:cn:[search String]
login:cn:[search String]Since version 1.5.0 the module contains functions for ALL API endpoints. This was made possible with the help of Fred's AutoRest-Module. All the AutoRest functions
- are provided as-is
- no support from my side
- not tested or monitored by the pester tests
- are stored in an internal module Folder
- have the modulePrefix DracoonAR
- have to be manually activated before module usage (use
Enable-DracoonAutoRest).
If you want to enable the functions before module import you can use the following code:
#For the current session
Set-PSFConfig -Module 'Dracoon' -Name 'enableAutoRest' -Value $true -PassThru
#Enabled as default
Set-PSFConfig -Module 'Dracoon' -Name 'enableAutoRest' -Value $true -PassThru | Register-PSFConfig -Scope UserDefaultNew features will be added if any of my scripts need it ;-)
See the open issues for a list of proposed features (and known issues).
If you need a special function feel free to contribute to the project.
Contributions are what make the open source community such an amazing place to be learn, inspire, and create. Any contributions you make are greatly appreciated. For more details please take a look at the CONTRIBUTE document
Short stop:
- Fork the Project
- Create your Feature Branch (
git checkout -b feature/AmazingFeature) - Commit your Changes (
git commit -m 'Add some AmazingFeature') - Push to the Branch (
git push origin feature/AmazingFeature) - Open a Pull Request
- The module only works for unencrypted Datarooms. Simple reason: Our instances do not use the 'Client-side Encryption' feature. If your instance does provide it feel free to add the feature to the module.
Distributed under the GNU GENERAL PUBLIC LICENSE version 3. See LICENSE.md for more information.
Project Link: https://github.com/Callidus2000/Dracoon
- Friedrich Weinmann for his marvelous PSModuleDevelopment and psframework