[CmdletBinding()]
param (
[Parameter(ValueFromPipeline=$true)]
[string]
$Record
)
try {
# このセクションでは、PAMユーザーレコード情報を取り込みます。
Write-Debug "Decoding and converting the PAM User Record Information from Base64"
$RecordJsonAsB64 = [System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($Record))
if (-not $RecordJsonAsB64) {
throw "Failed to decode the PAM User Record Information from Base64."
}
Write-Debug "Converting the decoded JSON to PowerShell object"
$RecordParams = $RecordJsonAsB64 | ConvertFrom-Json
if (-not $RecordParams) {
throw "Failed to convert the decoded JSON to PowerShell object."
}
Write-Debug "PAM User Record Information successfully retrieved and converted."
}
catch {
Write-Error "An error occurred while processing the PAM User Record Information: $_"
}
finally {
Write-Debug "Completed processing the PAM User Record Information."
}
# セクション終了
try {
# このセクションでは、すべての関連レコード、スクリプトに添付されたレコード、およびそれらのパラメータ情報を取り込みます。
Write-Debug "Decoding and converting all associated records from Base64"
$recordsJSON = [System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($RecordParams.records))
if (-not $recordsJSON) {
throw "Failed to decode the associated records from Base64."
}
Write-Debug "Converting the decoded JSON to PowerShell object"
$records = $recordsJSON | ConvertFrom-Json
if (-not $records) {
throw "Failed to convert the decoded JSON to PowerShell object."
}
Write-Debug "Associated records successfully retrieved and converted."
}
catch {
Write-Error "An error occurred while processing the associated records: $_"
}
finally {
Write-Debug "Completed processing the associated records."
}
# セクション終了
try {
# このセクションでは、ユーザーレコードからのパラメータを定義します。"remotecomp" と "service" は、PAMユーザーレコード内のカスタムフィールドから取得されます。
Write-Debug "Defining parameters from the User Record"
$ErrorActionPreference = 'Stop'
$DebugPreference = 'Continue'
$remoteComputer = ($records | Where-Object {$_.uid -eq $RecordParams.userRecordUid}).remotecomp
if (-not $remoteComputer) {
throw "Failed to retrieve 'remotecomp' from the User Record."
}
$serviceName = ($records | Where-Object {$_.uid -eq $RecordParams.userRecordUid}).service
if (-not $serviceName) {
throw "Failed to retrieve 'service' from the User Record."
}
$user = ($RecordParams.user)
if (-not $user) {
throw "Failed to retrieve 'user' from the User Record."
}
$newPassword = ($RecordParams.newPassword)
if (-not $newPassword) {
throw "Failed to retrieve 'newPassword' from the User Record."
}
Write-Debug "Parameters from the User Record successfully defined."
}
catch {
Write-Error "An error occurred while defining parameters from the User Record: $_"
}
finally {
Write-Debug "Completed defining parameters from the User Record."
}
# セクション終了
Write-Debug "Running Post-Rotation Script on = $($RecordParams.userRecordUid)"
# サービスの停止を試みます
Write-Debug "Stopping $serviceName"
try {
sc.exe \\$remoteComputer stop $serviceName
Write-Debug "$serviceName stop command executed."
# Wait for the service to stop
Start-Sleep -Seconds 5
} catch {
Write-Error "Failed to stop $serviceName. Error: $_"
exit 1
}
# サービスのパスワードを変更することを試みます
Write-Debug "Changing $serviceName password"
try {
sc.exe \\$remoteComputer config $serviceName obj= $user password= $newPassword
Write-Debug "$serviceName password change command executed."
# Wait after changing the password
Start-Sleep -Seconds 5
} catch {
Write-Error "Failed to change password for $serviceName. Error: $_"
exit 1
}
# サービスの再起動を試みます
Write-Debug "Restarting $serviceName"
try {
sc.exe \\$remoteComputer start $serviceName
Write-Debug "$serviceName start command executed."
} catch {
Write-Error "Failed to start $serviceName. Error: $_"
exit 1
}
# 完了メッセージ
Write-Debug "$serviceName operations completed successfully."