lvfengfree/serverRoom
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
serverRoom/amt-sdk-20-0-0-1/IntelvProModule/Src/ModuleLib/Amt/AmtCmd.cs

1322 lines
42 KiB
C#
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Runtime.InteropServices;
using System.Management.Automation;
using System.Management.Automation.Provider;
using System.Management.Automation.Runspaces;
using System.Security.Principal;
using System.DirectoryServices;
using System.Diagnostics;
using System.Security.Cryptography.X509Certificates;
using Intel.Management.Wsman;
using System.Security;
namespace Intel.Management.PSModule.Amt
{
/// <summary>
/// Base class for Amt command
/// </summary>
public class AmtCmd : PSCmdlet
{
public AmtCmd()
: base()
{
_host = "localhost";
}
[Parameter(Mandatory = false, Position = 0, ValueFromPipeline = true, ValueFromPipelineByPropertyName = true,
HelpMessage = "Hostname, FQDN, or IP Address")]
public string ComputerName
{
get { return _host; }
set { _host = value; }
}
[Parameter(Mandatory = false, Position = 1, ValueFromPipeline = true, ValueFromPipelineByPropertyName = true,
HelpMessage = "Amt Client Certificate")]
public String CertificateName
{
get { return _certName; }
set { _certName = value; }
}
[Parameter(
Position = 2,
ValueFromPipeline = true,
ValueFromPipelineByPropertyName = true)]
[CredentialAttribute]
public PSCredential Credential
{
get { return _credential; }
set { _credential = value; }
}
[Parameter(Mandatory = false,
HelpMessage = "Use Transport Layer Security")]
public SwitchParameter TLS
{
get { return _useTls; }
set { _useTls = value; }
}
[Parameter(Mandatory = false,
HelpMessage = "Accept Self-Signed certificate (skips any certificate checks)")]
public SwitchParameter AcceptSelfSignedCert
{
get { return _acceptSelfSignedCertificate; }
set { _acceptSelfSignedCertificate = value; }
}
[Parameter(Mandatory = false,
HelpMessage = "treat the Password as a Digest Master")]
public SwitchParameter AsMaster
{
get { return _asMaster; }
set { _asMaster = value; }
}
protected override void ProcessRecord()
{
_conn=ConnectionManager.ActiveSession;
if (_conn == null)
{
//sending null to the connection and after then set the certificate.
_conn= CredentialManager.GetConnection(_host, _credential, _useTls, _acceptSelfSignedCertificate, _asMaster, null, null);
if(!string.IsNullOrEmpty(_certName)) //Set the certificate by inserted certificate name.
_conn.Options.SetClientCertificateByCertificateName(_certName);
}
}
protected WsmanConnection _conn;
protected PSCredential _credential;
protected string _host;
protected bool _useTls;
protected bool _acceptSelfSignedCertificate = false;
protected bool _asMaster;
protected string _certName;
}
[Cmdlet("Enter", "AmtSession", SupportsShouldProcess = true)]
public class EnterSessionCmd : PSCmdlet
{
[Parameter(Mandatory = true, Position = 0, ValueFromPipeline = true, ValueFromPipelineByPropertyName = true,
HelpMessage = "Wsman connection object")]
public Intel.Management.Wsman.WsmanConnection Connection
{
get { return _conn; }
set { _conn = value; }
}
protected override void ProcessRecord()
{
ConnectionManager.ActiveSession = _conn;
}
WsmanConnection _conn;
}
[Cmdlet(VerbsCommon.New, "AmtSession", SupportsShouldProcess = true)]
public class NewSessionCmd : AmtCmd
{
protected override void ProcessRecord()
{
base.ProcessRecord();
WriteObject(_conn);
}
}
[Cmdlet(VerbsCommon.Get, "AmtSession", SupportsShouldProcess = true)]
public class GetSessionCmd : PSCmdlet
{
public GetSessionCmd()
: base()
{
}
protected override void ProcessRecord()
{
if (ConnectionManager.ActiveSession!=null)
WriteObject(ConnectionManager.ActiveSession);
}
}
[Cmdlet("Exit", "AmtSession", SupportsShouldProcess = true)]
public class ExitSessionCmd : PSCmdlet
{
public ExitSessionCmd()
: base()
{
}
protected override void ProcessRecord()
{
ConnectionManager.ActiveSession = null;
}
}
/// <summary>
/// Gets a new Amt Connection
/// </summary>
[Cmdlet(VerbsCommon.New, "AmtConnection", SupportsShouldProcess = true)]
public class GetConnectionCmd : AmtCmd
{
protected override void ProcessRecord()
{
base.ProcessRecord();
WriteObject(_conn);
}
}
/// <summary>
/// Gets the Product version string from Wsman Identify
/// </summary>
[Cmdlet(VerbsCommon.Get, "AmtProduct", SupportsShouldProcess = true)]
public class GetProductCmd : AmtCmd
{
public GetProductCmd()
: base()
{
}
protected override void ProcessRecord()
{
base.ProcessRecord();
IManagedInstance response = _conn.Identify();
string product = "Unknown";
IWsmanItem item = response.GetProperty("ProductVersion");
if (!item.IsNull)
product = item.ToString();
WriteObject(product);
}
}//end GetProductVersionCmd
/// <summary>
/// Sets the Newtork Admin Crediential
/// </summary>
[Cmdlet(VerbsCommon.Set, "AmtAdminAcl", SupportsShouldProcess = true)]
public class SetAdminAclCmd : AmtCmd
{
[Parameter(Mandatory = true, Position = 2, ValueFromPipeline = true, ValueFromPipelineByPropertyName = true,
HelpMessage = "New Admin Password")]
public System.Security.SecureString Password
{
get { return _newPassword; }
set { _newPassword = value; }
}
[Parameter(Mandatory = false, Position = 3, ValueFromPipeline = true, ValueFromPipelineByPropertyName = true,
HelpMessage = "Admin Account name")]
public string Username
{
get { return _user; }
set { _user = value; }
}
protected override void ProcessRecord()
{
base.ProcessRecord();
IManagedInstance settingsObj = _conn.NewInstance("SELECT * FROM AMT_GeneralSettings");
string realm=settingsObj.GetProperty("DigestRealm").ToString();
IManagedReference refToService = _conn.NewReference("AMT_AuthorizationService");
IManagedInstance inputObj = null;
IManagedInstance outObj = null;
if (_user==null)
{
//
inputObj = refToService.CreateMethodInput("GetAdminAclEntry");
outObj = refToService.InvokeMethod(inputObj);
switch (outObj.GetProperty("ReturnValue").ToString())
{
case "0":
_user = outObj.GetProperty("Username").ToString();
break;
case "1":
throw new WsmanInvokeException("Internal Error");
default:
throw new WsmanInvokeException("AMT error " + outObj.GetProperty("ReturnValue").ToString());
}
}
inputObj = refToService.CreateMethodInput("SetAdminAclEntryEx");
inputObj.SetProperty("Username", _user);
string hash = CredentialManager.GetStringFromSecureString(_newPassword);
inputObj.SetProperty("DigestPassword", CredentialManager.GetBase64PasswordHash(_user, realm, hash));
outObj = refToService.InvokeMethod(inputObj);
switch (outObj.GetProperty("ReturnValue").ToString())
{
case "0":
break;
case "1":
throw new WsmanInvokeException("Internal Error");
case "12":
throw new WsmanInvokeException("Invalid Name");
case "13":
throw new WsmanInvokeException("Flash write limit exceeded");
case "2054":
throw new WsmanInvokeException("Invalid Password");
case "2075":
throw new WsmanInvokeException("Audit Failed");
default:
throw new WsmanInvokeException("AMT error " + outObj.GetProperty("ReturnValue").ToString());
}
}
System.Security.SecureString _newPassword;
string _user;
}//End SetAdminAclCmd
/// <summary>
/// Gets the Digest Realm
/// </summary>
[Cmdlet(VerbsCommon.Get, "AmtDigestRealm", SupportsShouldProcess = true)]
public class GetDigestRealmCmd : AmtCmd
{
protected override void ProcessRecord()
{
base.ProcessRecord();
IManagedInstance settingsObj = _conn.NewInstance("SELECT * FROM AMT_GeneralSettings");
WriteObject(settingsObj.GetProperty("DigestRealm").ToString());
}
}//End GetDigestRealm
[Cmdlet(VerbsLifecycle.Disable, "Amt",
SupportsShouldProcess = true)]
public class DisableAmtCmd : AmtCmd
{
[Parameter(Mandatory = false,
HelpMessage = "Fully unconfigure the client by removing all non-factory data")]
public SwitchParameter Full
{
get { return _useFull; }
set { _useFull = value; }
}
protected override void ProcessRecord()
{
base.ProcessRecord();
IManagedReference refToService = _conn.NewReference("AMT_SetupAndConfigurationService");
IManagedInstance inputObj = refToService.CreateMethodInput("PartialUnprovision");
if (_useFull)
{
WriteVerbose("Removing all non-factory passwords and certificates");
inputObj = refToService.CreateMethodInput("Unprovision");
inputObj.SetProperty("ProvisioningMode", "1");
}
IManagedInstance outObj = refToService.InvokeMethod(inputObj);
switch (outObj.GetProperty("ReturnValue").ToString())
{
case "0":
WriteVerbose("Amt successfully disabled");
break;
case "1":
AmtException.ThrowInvokeError(outObj, "Internal Error");
break;
case "16":
AmtException.ThrowInvokeError(outObj, "Not Permitted");
break;
case "36":
AmtException.ThrowInvokeError(outObj, "Invalid Parameter");
break;
case "2076":
AmtException.ThrowInvokeError(outObj, "Bocking Component");
break;
default:
AmtException.ThrowInvokeError(outObj);
break;
}
}
bool _useFull;
}
[Cmdlet(VerbsLifecycle.Disable, "AmtClientMode",
SupportsShouldProcess = true)]
public class DiableClientControlModeCmd : PSCmdlet
{
protected override void ProcessRecord()
{
Intel.Management.Mei.IMeDevice me = new Intel.Management.Mei.MeDevice();
if (!me.Unprovision())
{
throw new InvalidOperationException("Unable to unconfigure client control mode");
}
}
}
[Cmdlet(VerbsLifecycle.Enable, "AmtAdminMode",
SupportsShouldProcess = true)]
public class EnableAdminControlModeCmd : PSCmdlet,IDisposable
{
[Parameter(Mandatory = false, Position = 0, ValueFromPipeline = true, ValueFromPipelineByPropertyName = true,
HelpMessage = "NetworkAdminPassword")]
public SecureString AdminPassword
{
get { return _password; }
set
{
_password?.Dispose();
_password = value;
}
}
[Parameter(Mandatory = false, Position = 1, ValueFromPipeline = true, ValueFromPipelineByPropertyName = true,
HelpMessage = "DigitalSignalure")]
public DigitalSignatureInfo Signature
{
get { return _signature; }
set { _signature = value; }
}
[Parameter(Mandatory = false, Position = 2, ValueFromPipeline = true, ValueFromPipelineByPropertyName = true,
HelpMessage = "Force commandline password")]
public SwitchParameter Force
{
get { return _force; }
set { _force = value; }
}
[Parameter(
ValueFromPipeline = true,
ValueFromPipelineByPropertyName = true)]
[CredentialAttribute]
public PSCredential Credential
{
get { return _credential; }
set { _credential = value; }
}
private IManagedInstance UpdateChain(IManagedReference refToService, IManagedInstance serviceObj)
{
for (int i = 0; i < _signature.CertificateChain.ChainElements.Count; i++)
{
if (serviceObj.GetProperty("CertChainStatus").ToString().Equals("2"))
break;
bool isLeaf = i == 0;
bool isRoot = i == (_signature.CertificateChain.ChainElements.Count - 1);
IManagedInstance inputObj = refToService.CreateMethodInput("AddNextCertInChain");
inputObj.SetProperty("NextCertificate", Convert.ToBase64String(_signature.CertificateChain.ChainElements[i].Certificate.RawData));
inputObj.SetProperty("IsLeafCertificate", isLeaf.ToString().ToLower());
inputObj.SetProperty("IsRootCertificate", isRoot.ToString().ToLower());
IManagedInstance outObj = refToService.InvokeMethod(inputObj);
switch (outObj.GetProperty("ReturnValue").ToString())
{
case "0":
break;
case "1":
throw new WsmanInvokeException("Invalid Parameter");
case "2":
throw new WsmanInvokeException("Internal Error");
case "3":
throw new WsmanInvokeException("Invalid State");
case "4":
throw new WsmanInvokeException("Invalid certificate");
case "5":
//Chain length exceeded
throw new WsmanInvokeException("chain length exceeded");
default:
throw new WsmanInvokeException("AMT error " + outObj.GetProperty("ReturnValue").ToString());
}
serviceObj = refToService.Get(); // refresh the service Object
if (serviceObj.GetProperty("CertChainStatus").ToString().Equals("2"))
break;
}
return serviceObj;
}
protected override void ProcessRecord()
{
SetupRecord record = null;
IWsmanConnection conn = null;
Intel.Management.Mei.IMeDevice me = new Intel.Management.Mei.MeDevice();
if (_credential != null)
{
WsmanConnection tempConn = new WsmanConnection();
tempConn.Address = "http://localhost:16992/wsman";
tempConn.SetCredentials(_credential.UserName, _credential.Password.Copy());
conn = tempConn;
}
else
{
conn = me.LocalConnection;
}
IManagedReference refToService = conn.NewReference("SELECT * FROM AMT_GeneralSettings");
IManagedInstance settingsObj = refToService.Get();
refToService = conn.NewReference("SELECT * FROM IPS_HostBasedSetupService");
IManagedInstance serviceObj = refToService.Get();
IManagedInstance inputObj = null;
if (serviceObj.GetProperty("CurrentControlMode").ToString().Equals("1"))
{
inputObj = refToService.CreateMethodInput("UpgradeClientToAdmin");
}
else
{
inputObj = refToService.CreateMethodInput("AdminSetup");
if (_password != null && !_force)
{
Exception exp = new AmtException("This operation requires the use of the force switch");
ErrorRecord error = new ErrorRecord(exp, exp.GetType().Name, ErrorCategory.SecurityError, this);
WriteError(error);
}
if (_password == null)
{
this.Host.UI.Write("Enter password: ");
_password = this.Host.UI.ReadLineAsSecureString();
}
inputObj.SetProperty("NetAdminPassEncryptionType", "2");
inputObj.SetProperty("NetworkAdminPassword", me.GetPasswordHash("admin", settingsObj.GetProperty("DigestRealm").ToString(), _password));
}
inputObj.SetProperty("McNonce", _signature.McNonce);
//update certChain
X509ChainElement elt = _signature.CertificateChain.ChainElements[0];//0 is leaf Count -1 is root
inputObj.SetProperty("SigningAlgorithm", "2");
inputObj.SetProperty("DigitalSignature", _signature.Signature);
serviceObj = UpdateChain(refToService, serviceObj);
IManagedInstance outObj = refToService.InvokeMethod(inputObj);
string result = outObj.GetProperty("ReturnValue").ToString();
switch (result)
{
case "0":
/* foreach (IWsmanItem item in conn.ExecQuery("SELECT * FROM IPS_ProvisioningAuditRecord"))
{
record = new SetupRecord(item.Object);
}*/
break;
case "1":
throw new WsmanInvokeException("Internal Error");
case "2":
throw new WsmanInvokeException("Invalid State");
case "3":
throw new WsmanInvokeException("Invalid Parameter");
case "4":
throw new WsmanInvokeException("Method Disabled");
case "5":
throw new WsmanInvokeException("Authentication Failed");
case "6":
throw new WsmanInvokeException("Flash write limit exceeded");
default:
throw new WsmanInvokeException("AMT error " + result);
}
WriteObject(record);
}
PSCredential _credential;
SecureString _password;
DigitalSignatureInfo _signature;
bool _force;
#region IDisposable Implementation
private bool _disposed = false;
/// <summary>
/// Implement IDisposable method
/// </summary>
/// <param name="disposing"></param>
protected virtual void Dispose(bool disposing)
{
if (_disposed)
return;
if (disposing)
{
_password?.Dispose();
_credential.Password?.Dispose();
}
_disposed = true;
}
public void Dispose()
{
Dispose(true);
GC.SuppressFinalize(this);
}
~EnableAdminControlModeCmd()
{
Dispose(false);
}
#endregion
}
[Cmdlet(VerbsCommon.Get, "AmtHostSetupRecord",
SupportsShouldProcess = true)]
public class GetHostSetupRecordCmd : AmtCmd
{
protected override void ProcessRecord()
{
base.ProcessRecord();
SetupRecord record = null;
foreach (IWsmanItem item in _conn.ExecQuery("SELECT * FROM IPS_ProvisioningAuditRecord"))
{
record = new SetupRecord(item.Object);
}
if (record != null) WriteObject(record);
}
}
[Cmdlet(VerbsLifecycle.Enable, "AmtClientMode",
SupportsShouldProcess = true)]
public class EnableClientControlModeCmd : PSCmdlet , IDisposable
{
[Parameter(Mandatory = false, Position = 0, ValueFromPipeline = true, ValueFromPipelineByPropertyName = true,
HelpMessage = "NetworkAdminPassword")]
public System.Security.SecureString AdminPassword
{
get { return _secPassword; }
set { _secPassword = value; }
}
[Parameter(Mandatory = false, Position = 1, ValueFromPipeline = true, ValueFromPipelineByPropertyName = true,
HelpMessage = "DigitalSignature")]
public DigitalSignatureInfo Signature
{
get { return _signature; }
set { _signature = value; }
}
protected override void ProcessRecord()
{
SetupRecord record = null;
if (_secPassword == null)
{
this.Host.UI.Write("Enter password: ");
_secPassword = this.Host.UI.ReadLineAsSecureString();
}
IWsmanConnection conn = ConnectionManager.LocalSession;
IManagedReference refToService = conn.NewReference("SELECT * FROM AMT_GeneralSettings");
IManagedInstance settingsObj = refToService.Get();
refToService = conn.NewReference("SELECT * FROM IPS_HostBasedSetupService");
IManagedInstance inputObj = refToService.CreateMethodInput("Setup");
inputObj.SetProperty("NetAdminPassEncryptionType", "2");
inputObj.SetProperty("NetworkAdminPassword",
Mei.MeDevice.HashPassword("admin", settingsObj.GetProperty("DigestRealm").ToString(),_secPassword));
if (_signature != null && _signature.CertificateChain.ChainElements.Count > 0)
{
inputObj.SetProperty("McNonce", _signature.McNonce);
X509ChainElement elt = _signature.CertificateChain.ChainElements[0];
System.Security.Cryptography.RSACryptoServiceProvider p = (System.Security.Cryptography.RSACryptoServiceProvider)elt.Certificate.PublicKey.Key;
bool b = p.VerifyData(_signature.GetRawData(), "SHA256", Convert.FromBase64String(_signature.Signature));
b.ToString();
inputObj.SetProperty("Certificate", Convert.ToBase64String(elt.Certificate.RawData));
inputObj.SetProperty("SigningAlgorithm", "2");
inputObj.SetProperty("DigitalSignature", _signature.Signature);
}
IManagedInstance outObj = refToService.InvokeMethod(inputObj);
string result = outObj.GetProperty("ReturnValue").ToString();
switch (result)
{
case "0":
conn.Close();
break;
case "1":
throw new WsmanInvokeException("Internal Error");
case "2":
throw new WsmanInvokeException("Invalid State");
case "3":
throw new WsmanInvokeException("Invalid Parameter");
case "4":
throw new WsmanInvokeException("Method Disabled");
case "5":
throw new WsmanInvokeException("Authentication Failed");
case "6":
throw new WsmanInvokeException("Flash write limit exceeded");
default:
throw new WsmanInvokeException("AMT error " + result);
}
WriteObject(record);
}
SecureString _secPassword;
DigitalSignatureInfo _signature;
#region IDisposable Implementation
private bool _disposed = false;
/// <summary>
/// Implement IDisposable method
/// </summary>
/// <param name="disposing"></param>
protected virtual void Dispose(bool disposing)
{
if (_disposed)
return;
if (disposing)
{
_secPassword?.Dispose() ;
}
_disposed = true;
}
public void Dispose()
{
Dispose(true);
GC.SuppressFinalize(this);
}
~EnableClientControlModeCmd()
{
Dispose(false);
}
#endregion
}
[Cmdlet(VerbsLifecycle.Start, "AmtConfiguration",
SupportsShouldProcess = true)]
public class StartConfigurationCmd : PSCmdlet
{
public StartConfigurationCmd()
: base()
{
_ipv = Intel.Management.Mei.InternetProtocolVersionType.IPv4;
}
[Parameter(Mandatory = false, Position = 0, ValueFromPipeline = true, ValueFromPipelineByPropertyName = true,
HelpMessage = "One Time Password")]
public string Otp
{
get { return _otp; }
set { _otp = value; }
}
[Parameter(Mandatory = false, Position = 1, ValueFromPipeline = true, ValueFromPipelineByPropertyName = true,
HelpMessage = "Internet Protocol Version")]
public Intel.Management.Mei.InternetProtocolVersionType ProtocolVersion
{
get { return _ipv; }
set { _ipv = value; }
}
[Parameter(Mandatory = false, Position = 2, ValueFromPipeline = true, ValueFromPipelineByPropertyName = true,
HelpMessage = "Manageablity Engine Device")]
public Intel.Management.Mei.MeDevice MeDevice
{
get { return _me; }
set { _me = value; }
}
protected override void ProcessRecord()
{
if (_me == null)
_me = new Intel.Management.Mei.MeDevice();
if (_me.StartRemoteConfiguration(_otp, _ipv == Intel.Management.Mei.InternetProtocolVersionType.Ipv6))
{
Host.UI.WriteLine("AMT configuration service started");
}
else
{
Host.UI.WriteLine("Failed to start configuration service");
}
}
string _otp;
Intel.Management.Mei.MeDevice _me;
Intel.Management.Mei.InternetProtocolVersionType _ipv;
} //end StartAmtConfigurationCmd class
[Cmdlet(VerbsLifecycle.Stop , "AmtConfiguration",SupportsShouldProcess = true)]
public class StopConfiguraitonCmd : AmtCmd
{
[Parameter(Mandatory = false,HelpMessage = "Stops the Configuation service without commiting changes")]
public SwitchParameter NoCommit
{
get { return _noCommit; }
set { _noCommit = value; }
}
protected override void ProcessRecord()
{
base.ProcessRecord();
IManagedReference refToService = _conn.NewReference("AMT_SetupAndConfigurationService");
if (_noCommit)
{
IManagedInstance inputObj = refToService.CreateMethodInput("ExtendProvisioningPeriod");
inputObj.SetProperty("Duration","0");
IManagedInstance outObj = refToService.InvokeMethod(inputObj);
switch (outObj.GetProperty("ReturnValue").ToString())
{
case "0":
WriteVerbose("Configuration stopped and connection closed");
ConnectionManager.Remove(_conn);
break;
case "1":
AmtException.ThrowInvokeError(outObj, "Internal Error");
break;
case "16":
AmtException.ThrowInvokeError(outObj, "Not Permitted");
break;
default:
AmtException.ThrowInvokeError(outObj);
break;
}
}
else
{
IManagedInstance inputObj = refToService.CreateMethodInput("CommitChanges");
IManagedInstance outObj = refToService.InvokeMethod(inputObj);
switch (outObj.GetProperty("ReturnValue").ToString())
{
case "0":
WriteVerbose("Configuration changes have been successfully committed and connection closed.");
ConnectionManager.Remove(_conn);
break;
case "1":
AmtException.ThrowInvokeError(outObj, "Internal Error");
break;
case "38":
AmtException.ThrowInvokeError(outObj, "Flash Write Limit Exceeded");
break;
case "2057":
AmtException.ThrowInvokeError(outObj, "Data Missing");
break;
default:
AmtException.ThrowInvokeError(outObj);
break;
}
}
}
bool _noCommit;
}
[Cmdlet(VerbsCommon.Get, "AmtUri", SupportsShouldProcess = true)]
public class GetUriCmd : PSCmdlet
{
public GetUriCmd()
{
_ipv = Intel.Management.Mei.InternetProtocolVersionType.IPv4;
}
[Parameter(Mandatory = true, Position = 0, ValueFromPipeline = true, ValueFromPipelineByPropertyName = true,
HelpMessage = "List of IP Addresses")]
public string[] AddressList
{
get { return _addresList; }
set { _addresList = value; }
}
[Parameter(Mandatory = false, Position = 1, ValueFromPipeline = true, ValueFromPipelineByPropertyName = true,
HelpMessage = "Use Transport layer security")]
public SwitchParameter Tls
{
get { return _useTls; }
set { _useTls = value; }
}
[Parameter(Mandatory = false, Position = 1, ValueFromPipeline = true, ValueFromPipelineByPropertyName = true,
HelpMessage = "Use Transport layer security")]
public SwitchParameter AcceptSelfSignedCert
{
get { return _acceptSelfSignedCertificate; ; }
set { _acceptSelfSignedCertificate = value; }
}
[Parameter(Mandatory = false, Position = 2, ValueFromPipeline = true, ValueFromPipelineByPropertyName = true,
HelpMessage = "Internet Protocol Version")]
public Intel.Management.Mei.InternetProtocolVersionType ProtocolVersion
{
get { return _ipv; }
set { _ipv = value; }
}
protected override void ProcessRecord()
{
string address = CredentialManager.GetAddress(_addresList, _ipv == Intel.Management.Mei.InternetProtocolVersionType.Ipv6);
address = CredentialManager.GetServiceUri(address, _useTls).ToString();
WriteObject(address);
}
Intel.Management.Mei.InternetProtocolVersionType _ipv;
bool _useTls;
string[] _addresList;
bool _acceptSelfSignedCertificate = false;
} //end GetUri clasee
[Cmdlet(VerbsCommon.Set, "AmtClock", SupportsShouldProcess = true)]
public class SetClockCmd : AmtCmd
{
protected override void ProcessRecord()
{
base.ProcessRecord();
DateTime standardTime = new DateTime(1970, 1, 1);
IManagedReference refToClock = _conn.NewReference("AMT_TimeSynchronizationService");
IManagedInstance inputObj = refToClock.CreateMethodInput("GetLowAccuracyTimeSynch");
IManagedInstance outObj = refToClock.InvokeMethod(inputObj);
if (!outObj.GetProperty("ReturnValue").ToString().Equals("0"))
AmtException.ThrowInvokeError(outObj);
uint ta0 = uint.Parse(outObj.GetProperty("Ta0").ToString());
uint tm1 = (uint)DateTime.UtcNow.Subtract(standardTime).TotalSeconds;
inputObj = refToClock.CreateMethodInput("SetHighAccuracyTimeSynch");
inputObj.SetProperty("Ta0", ta0.ToString());
inputObj.SetProperty("Tm1", tm1.ToString());
inputObj.SetProperty("Tm2", tm1.ToString());
outObj = refToClock.InvokeMethod(inputObj);
if (!outObj.GetProperty("ReturnValue").ToString().Equals("0"))
AmtException.ThrowInvokeError(outObj);
}
}// End SetClockCmd
[Cmdlet(VerbsCommon.Set, "MebxPassword", SupportsShouldProcess = true)]
public class SetMebxPasswordCmd : AmtCmd
{
[Parameter(Mandatory = true, ValueFromPipeline = true, ValueFromPipelineByPropertyName = true,
HelpMessage = "Mebx Password")]
public System.Security.SecureString Password
{
get { return _password; }
set { _password = value; }
}
protected override void ProcessRecord()
{
base.ProcessRecord();
IManagedReference refToService = _conn.NewReference("AMT_SetupAndConfigurationService");
IManagedInstance inputObj = refToService.CreateMethodInput("SetMEBxPassword");
inputObj.SetProperty("Password",CredentialManager.GetStringFromSecureString(_password));
IManagedInstance outObj = refToService.InvokeMethod(inputObj);
switch (outObj.GetProperty("ReturnValue").ToString())
{
case "0":
WriteVerbose("Local ME BIOS password has been changed");
break;
case "1":
AmtException.ThrowInvokeError(outObj, "Internal Error");
break;
case "16":
WriteWarning("Changing the ME BIOS Password is not Permitted and may have already been changed.");
//AmtException.ThrowInvokeError(outObj, "Not Permitted");
break;
case "2054":
AmtException.ThrowInvokeError(outObj, "Invalid Password");
break;
default:
AmtException.ThrowInvokeError(outObj);
break;
}
}
System.Security.SecureString _password;
}
[Cmdlet(VerbsCommon.Set, "AmtHost", SupportsShouldProcess = true)]
public class SetHostCmd : AmtCmd
{
[Parameter(Mandatory = false, Position = 3, ValueFromPipeline = true, ValueFromPipelineByPropertyName = true,
HelpMessage = "Host Name")]
public string Name
{
get { return _amtHost; }
set { _amtHost = value; }
}
[Parameter(Mandatory = false, Position = 4, ValueFromPipeline = true, ValueFromPipelineByPropertyName = true,
HelpMessage = "Domain Name")]
public string Domain
{
get { return _amtDomain; }
set { _amtDomain = value; }
}
protected override void ProcessRecord()
{
base.ProcessRecord();
IManagedReference refToSettings = _conn.NewReference("AMT_GeneralSettings");
IManagedInstance settingsObj = refToSettings.Get();
settingsObj.SetProperty("HostName", _amtHost);
settingsObj.SetProperty("DomainName", _amtDomain);
refToSettings.Put(settingsObj);
}
string _amtHost;
string _amtDomain;
} // end SetHostCmd
[Cmdlet(VerbsLifecycle.Disable, "AmtTls",
SupportsShouldProcess = true)]
public class DiableTlsCmd : AmtCmd
{
protected override void ProcessRecord()
{
base.ProcessRecord();
IManagedInstance outputObj = null;
IManagedReference refToSetting = _conn.NewReference("AMT_TLSSettingData");
refToSetting.AddSelector("InstanceID", "Intel(r) AMT LMS TLS Settings");
IManagedInstance settingsObj = refToSetting.Get();
settingsObj.SetProperty("Enabled", "false");
settingsObj.SetProperty("MutualAuthentication", "false");
outputObj = refToSetting.Put(settingsObj);
outputObj = refToSetting.Get();
refToSetting = _conn.NewReference("AMT_TLSSettingData");
refToSetting.AddSelector("InstanceID", "Intel(r) AMT 802.3 TLS Settings");
settingsObj.SetProperty("Enabled", "false");
settingsObj.SetProperty("MutualAuthentication", "false");
outputObj = refToSetting.Put(settingsObj);
IManagedReference refToService = _conn.NewReference("AMT_SetupAndConfigurationService");
IManagedInstance inputObj = refToService.CreateMethodInput("CommitChanges");
IManagedInstance outObj = refToService.InvokeMethod(inputObj);
}
}//End Disable TLS
[Cmdlet(VerbsCommon.Remove, "AllITProfiles",
SupportsShouldProcess = true)]
public class AllITProfilesCmd : AmtCmd
{
protected override void ProcessRecord()
{
base.ProcessRecord();
IManagedReference refToService = _conn.NewReference("AMT_WiFiPortConfigurationService");
refToService.AddSelector("Name", "Intel(r) AMT WiFi Port Configuration Service");
IManagedInstance inputObj = refToService.CreateMethodInput("DeleteAllITProfiles");
IManagedInstance outObj = refToService.InvokeMethod(inputObj);
switch (outObj.GetProperty("ReturnValue").ToString())
{
case "0":
break;
case "1":
AmtException.ThrowInvokeError(outObj, "Not Supported");
break;
case "2":
AmtException.ThrowInvokeError(outObj, "Failed");
break;
case "3":
AmtException.ThrowInvokeError(outObj, "Invalid Parameter");
break;
case "4":
AmtException.ThrowInvokeError(outObj, "Invalid Reference");
break;
default:
AmtException.ThrowInvokeError(outObj);
break;
}
}
}//ent Remove All IT Wireless Profiles
[Cmdlet(VerbsCommon.Remove, "AllUserProfiles",
SupportsShouldProcess = true)]
public class AllUserProfilesCmd : AmtCmd
{
protected override void ProcessRecord()
{
base.ProcessRecord();
IManagedReference refToService = _conn.NewReference("AMT_WiFiPortConfigurationService");
refToService.AddSelector("Name", "Intel(r) AMT WiFi Port Configuration Service");
IManagedInstance inputObj = refToService.CreateMethodInput("DeleteAllUserProfiles");
IManagedInstance outObj = refToService.InvokeMethod(inputObj);
switch (outObj.GetProperty("ReturnValue").ToString())
{
case "0":
break;
case "1":
AmtException.ThrowInvokeError(outObj, "Not Supported");
break;
case "2":
AmtException.ThrowInvokeError(outObj, "Failed");
break;
case "3":
AmtException.ThrowInvokeError(outObj, "Invalid Parameter");
break;
case "4":
AmtException.ThrowInvokeError(outObj, "Invalid Reference");
break;
default:
AmtException.ThrowInvokeError(outObj);
break;
}
}
}//end Remove All User Wireless Profiles
[Cmdlet(VerbsCommon.New, "AmtWirelessProfile",
SupportsShouldProcess = true)]
public class NewWirelessProfileCmd : PSCmdlet
{
protected override void ProcessRecord()
{
WriteObject( new WirelessProfile());
}
}//end Get-ValueMap
[Cmdlet(VerbsLifecycle.Enable, "AmtTrace",
SupportsShouldProcess = true)]
public class EnableTraceCmd : PSCmdlet
{
[Parameter(Mandatory = true, HelpMessage = "File for trace output")]
public string FilePath
{
get { return _filePath; }
set { _filePath = value; }
}
[Parameter(Mandatory = false, HelpMessage = "Trace Tls Handshake")]
public SwitchParameter TLS
{
get { return _traceTls; }
set { _traceTls = value; }
}
[Parameter(Mandatory = false, HelpMessage = "Trace Wsman/XML messages")]
public SwitchParameter Xml
{
get { return _traceXml; }
set { _traceXml = value; }
}
[Parameter(Mandatory = false, HelpMessage = "Trace Http protocol headers")]
public SwitchParameter Http
{
get { return _traceHttp; }
set { _traceHttp = value; }
}
protected override void ProcessRecord()
{
DefaultTraceListener listener = new DefaultTraceListener();
listener.LogFileName = _filePath;
//Default
System.Diagnostics.SourceSwitch tSwitch = new SourceSwitch("Intel.Mangement.Wsman.Trace", "Verbose");
SchannelClient.TraceSource.Switch = tSwitch;
SchannelClient.TraceSource.Listeners.Add(listener);
WsmanConnection.TraceSource.Switch = tSwitch;
WsmanConnection.TraceSource.Listeners.Add(listener);
}
bool _traceTls;
bool _traceXml;
bool _traceHttp;
string _filePath;
}//end Enable-AmtTrace
[Cmdlet(VerbsCommon.Get, "AmtValueMap",
SupportsShouldProcess = true)]
public class GetValueMapCmd : PSCmdlet
{
[Parameter(Mandatory = true, HelpMessage = "The value list containing values")]
public ValueMap Value
{
get { return _list; }
set { _list = value; }
}
protected override void ProcessRecord()
{
string[] keys = _list.Keys;
string[] values = _list.Values;
for (int i = 0; i < keys.Length; i++)
{
WriteObject(new NameValuePairItem(keys[i], values[i]));
}
}
ValueMap _list;
}//end Get-ValueMap
}//End Nampspace
Reference in New Issue View Git Blame Copy Permalink