1.1 Using the Cmdlets

To list the parameters required for any cmdlets, use the get-help cmdlets, such as:

get-help Get-DRAUser

The get-help options –Full, -Detailed, and -Examples are supported.

If you are using self-signed certificates for the DRA REST Service, you will need to override the check that the certificate is valid. Use the -IgnoreCertificateErrors parameter on each command. To also suppress the confirmation message, add the -Force parameter.

1.1.1 Properties Parameter Details

For parameter formatting or getting a list of available properties, see the sections below:

Formatting the Parameter

For any DRA request that allows you to set properties on an object, such as create or update requests, you will pass the property values as a single string on the Properties parameter. The parameter is formatted as a collection of name=value pairs, separated by semi-colons. For example:

-Properties "Description=some description;EmployeeID=z4563;Department=Accounting"

When the property value contains a semi-colon, escape the semi-colon with a second semi-colon. For example:

-Properties "Description=some description;; more description...end;EmployeeID=z4563;Department=Accounting"

When the property has multiple values, separate each value with a comma. For example:

-Properties "ConditionalStateOrProvince=TX,IA,CA"

When the values of a multi-valued property value contain a comma, enclose each value in quotes. This is very common for object properties that expect a list of distinguished names. The example shows 2 properties: Description and AcceptMessagesFrom. AcceptMessagesFrom expects a list of distinguished name values. The property value has each distinguished name surrounded by quotes and delimited by commas. Note that when a command-line parameter has embedded quotes, the quotes need to be escaped using the back tick (`).

-Properties "Description=some text;AcceptMessagesFrom=`"CN=George,OU=Accounting,DC=MyDomain,DC=corp`",
`"CN=Contact022,OU=HR,DC=MyDomain,DC=corp`",`"CN=PSGroup01,OU=Accounting,DC=MyDomain,DC=corp`""

Getting the List of Available Properties

Each DRA object has many properties. To see the property names available for any object, you can perform a Get-DRA cmdlet and query the results using PowerShell’s Get-Member cmdlet. Here are the steps to get the list of defined properties for a computer.

Run a Get-DRAComputer cmdlet and set the returned object to a local variable. For example:

$draObj = Get-DRAComputer –Domain mydomain.corp -Identifier "myComputer"
Using the local variable created in step 1, call the Get-Member cmdlet. For example:

Get-Member -InputObject $draobj -MemberType Property

Here is an image of the results:

When the Definition shows System.String[], then the property accepts multiple values.

1.1.2 Examples

A couple of examples are provided below:

Get information about a specific user:

Get-DRAUser -Identifier "CN=Alexander Pompeani,OU=Accounting,OU=Houston,DC=keystone,DC=local" 
-Domain "MyDomain.corp" -Attributes "DistinguishedName,EmployeeID,Department" 
–DRARestPort 9999 
-AssistantAdmin "myDomain\\someAA"
-AssistantAdminPassword "xxxyyy"

Attribute	Description
Get-DRAUser	The name of the cmdlet.
Domain	The parameter to specify the domain of the user in the fully qualified domain name format.
Identifier	The parameter to specify the user. You can use the distinguished name, friendly name, or display name. Note that if you use the display name, the REST endpoint will make an additional call to the DRA server to resolve the display name to the distinguished name.
Attributes	Lists the names of properties to return, separated by commas. This request will return the distinguished name, employeeID and department. If this attribute is not specified, a default set of properties will be returned. See here for more information about the default list of properties.
DRARestPort	Optional parameter that specifies the port where the DRA REST service listens for requests. If the port is not specified, the request will go to port 8755.
AssistantAdmin	Optional parameter that specifies the DRA assistant administrator user whose credentials should be used for the DRA Server operation. The default is to use the credentials of the PowerShell client user. If this is specified, the AssistantAdminPassword must also be specified.
AssistantAdminPassword	Optional parameter that specifies the password for the DRA assistant administrator. Required if AssistantAdmin is specified.

Add a New Computer

Add-DRAComputer -Domain MyDomain.corp -Properties "DistinguishedName=cn=COMPUTER123,OU=Accounting,DC=MyDomain,DC=corp;Description=Computer for powershell;TrustedForDelegation=true"

Where	Specifies
Get-DRAUser	The name of the cmdlet.
Add-DRAComputer	The parameter to specify the domain of the user in the fully qualified domain name format.
Properties	The list of properties to set for the new computer.