-
Notifications
You must be signed in to change notification settings - Fork 158
Finding and updating users with duplicate UID and GUID
To use these functions the JumpCloud PowerShell module must be installed.
Find steps to install this module here..
Table of Contents:
- Finding Duplicate UID and GUID values
- Finding Users With Duplicate UID and GUID values
- Finding Users To Update With Duplicate UID and GUID Values
- Finding Available UID and GUID Values To Use To Update Duplicate Users
- Updating Users With Duplicate UID and GUID Values
function Get-DupUIDandGUIDValues
{
$DupValues = Get-JCUser -returnProperties unix_uid, unix_guid | Group-Object unix_guid, unix_uid | ? Count -Gt 1 | Select-Object -ExpandProperty Values | Select-Object -Unique
Return $DupValues
}The function Get-DupUIDandGUIDValues will return all duplicate unix_uid and unix_guid values. To use this function load it into the memory of a PowerShell terminal and then call the function Get-DupUIDandGUIDValues.
function Find-DupUIDandGUIDUsers
{
$DupValues = Get-JCUser -returnProperties unix_uid, unix_guid | Group-Object unix_guid, unix_uid | ? Count -Gt 1 | Select-Object -ExpandProperty Values | Select-Object -Unique
$ResultsArray = @()
ForEach ($Value in $DupValues)
{
$Results = Get-JCUser -unix_uid $Value -unix_guid $Value -returnProperties username, created, unix_uid, unix_guid
$ResultsArray += $Results
}
Return $ResultsArray
}
The function Find-DupUIDandGUIDUsers will return all users with duplicate unix_uid and unix_guid values. To use this function load it into the memory of a PowerShell terminal and then call the function Find-DupUIDandGUIDUsers.
This function can be piped into Format-Table for better readability.
Find-DupUIDandGUIDUsers | Format-Tablefunction Find-DupUIDandGUIDUsersToUpdate
{
$DupValues = Get-JCUser -returnProperties unix_uid, unix_guid | Group-Object unix_guid, unix_uid | ? Count -Gt 1 | Select-Object -ExpandProperty Values | Select-Object -Unique
$ResultsArray = @()
ForEach ($Value in $DupValues)
{
$Results = Get-JCUser -unix_uid $Value -unix_guid $Value -returnProperties username, created, unix_uid, unix_guid | Sort-Object created | Select-Object -Skip 1
$ResultsArray += $Results
}
Return $ResultsArray
}The function Find-DupUIDandGUIDUsersToUpdate is the same as the function Find-DupUIDandGUIDUsers but will skip the oldest user with a duplicate unix_uid and unix_guid value. This function isolates the users that need to be updated to ensure there are no dupliate unix_uid and unix_guid values.
To use this function load it into the memory of a PowerShell terminal and then call the function Find-DupUIDandGUIDUsersToUpdate.
This function can be piped into Format-Table for better readability.
Find-DupUIDandGUIDUsersToUpdate | Format-Tablefunction Find-AvailableUIDandGUIDValues
{
[CmdletBinding()]
param (
[int]$CounterStart = 5000
)
process
{
$UIDValues = Get-JCUser -returnProperties unix_uid | Select-Object -ExpandProperty unix_uid | Sort-Object unix_uid
$GUIDValues = Get-JCUser -returnProperties unix_guid | Select-Object -ExpandProperty unix_guid | Sort-Object unix_guid
$UIDHash = [ordered]@{}
$GUIDHash = [ordered]@{}
$UIDCounterHash = [ordered]@{}
$UIDCounter = $CounterStart
foreach ($Value in $UIDValues)
{
$UIDCounterHash.Add($UIDCounter, $UIDCounter)
$UIDCounter ++
try
{
$UIDHash.Add([int]$Value, [int]$Value)
}
catch
{
Write-Verbose "Duplicate UID $Value found"
}
}
foreach ($Value in $GUIDValues)
{
try
{
$GUIDHash.Add([int]$Value, [int]$Value)
}
catch
{
Write-Verbose "Duplicate GUID $Value found"
}
}
$AvailableValues = [ordered]@{}
foreach ($Value in $UIDCounterHash.GetEnumerator())
{
if ($UIDHash.Contains($Value.Value))
{
Write-Verbose "UID $($Value.Value) in use"
$UIDInUse = $true
}
else
{
$UIDInUse = $false
}
if ($GUIDHash.Contains($Value.Value))
{
Write-Verbose "GUID $($Value.Value) in use"
$GUIDInUse = $true
}
else
{
$GUIDInUse = $false
}
if (($UIDInUse -eq $false) -and ($GUIDInUse -eq $false))
{
$AvailableValues.Add($Value.Value, $Value.Value)
}
}
}
end
{
Return $AvailableValues
}
}
The function Find-AvailableUIDandGUIDValues can be used to find available unix_uid and unix_guid values that are not currently assigned to JumpCloud users. The parameter $CounterStart = 5000 is used to define the bottom range for the unix_uid and unix_guid value to start the search from.
This value is set to a default of 5000 as this is the default value that the first user created within a JumpCloud tenant is assigned. It is recommended to keep the default of 5000.
To use this function load it into the memory of a PowerShell terminal and then call the function Find-AvailableUIDandGUIDValues.
Three functions must be loaded into the memory of a PowerShell terminal to complete this process. Find the three functions to load below.
- Find-DupUIDandGUIDUsersToUpdate
- Find-AvailableUIDandGUIDValues
- Update-DuplicateUIDandGUIDValues
function Update-DuplicateUIDandGUIDValues
{
[CmdletBinding()]
param (
[int]$CounterStart = 5000
)
begin
{
$ResultsArray = @()
}
process
{
$UsersToUpdate = Find-DupUIDandGUIDUsersToUpdate
$AvailableValues = Find-AvailableUIDandGUIDValues -CounterStart $CounterStart
if ($AvailableValues.Values.Count -lt $UsersToUpdate._id.count)
{
Write-Host "Not enough available values given input parameter counter start. Try again with a new -CounterStart value (default 5000)"
Break
}
foreach ($User in $UsersToUpdate)
{
$NewValue = $AvailableValues[0]
$UpdatedUser = Set-JCUser -UserID $User._id -unix_uid $NewValue -unix_guid $NewValue | Select-Object username, unix_uid, unix_guid, _id
$AvailableValues.Remove($NewValue)
$ResultsArray += $UpdatedUser
}
}
end
{
Return $ResultsArray
}
}
Once all functions are loaded into the memory of a PowerShell terminal, call the function Update-DuplicateUIDandGUIDValues.
This function uses the function Find-DupUIDandGUIDUsersToUpdate to find users with duplicate UID and GUID values that need to be updated and then uses the function Find-AvailableUIDandGUIDValues to find open UID and GUID values to update them with.
To validate that there are no more users with dupliate UID and GUID values the command Find-DupUIDandGUIDUsersToUpdate can be run and should return zero results.
- Wiki Home
- Installing the JumpCloud PowerShell module
- Using the JumpCloud PowerShell Module
- Using the JumpCloud PowerShell Module with AWS Lambda
- PowerShell Commands Example Library
- JumpCloud Commands Gallery
- JumpCloud PowerShell YouTube Channel
- The JumpCloud Dashboard PowerShell Module
Authentication
Import and Backup
- Get JCAssociation
- New JCImportTemplate
- Import JCUsersFromCSV
- Update JCUsersFromCSV
- Get JCBackup
- Send JCPasswordReset
- Backup JCOrganization
RADIUS Reply Attributes
- Add JCRadiusReplyAttribute
- Get JCRadiusReplyAttribute
- Update JCUsersFromCSV
- Set JCRadiusReplyAttribute
- Remove JCRadiusReplyAttribute
User Functions
Administrator Functions
System Functions
- Get JCSystem
- Get JCSystemApp
- Get JCSystemKB
- Set JCSystem
- Remove JCSystem
- Get JCSystemUser
- Set JCSystemUser
- Add JCSystemUser
- Remove JCSystemUser
Command Functions
- New JCCommand
- Get JCCommand
- Import JCCommand
- Remove JCCommand
- Set JCCommand
- Invoke JCCommand
- New JCDeploymentTemplate
- Invoke JCDeployment
- Get JCCommandResult
- Remove JCCommandResult
- Get JCCommandTarget
- Add JCCommandTarget
- Remove JCCommandTarget
Group Functions
- Get JCGroup
- New JCUserGroup
- Remove JCUserGroup
- Get JCUserGroupMember
- Add JCUserGroupMember
- Remove JCUserGroupMember
- New JCSystemGroup
- Remove JCSystemGroup
- Get JCSystemGroupMember
- Add JCSystemGroupMember
- Remove JCSystemGroupMember
- Set-JCUserGroupLDAP
Policy Functions
- Get JCPolicy
- Get JCPolicyResult
- Get JCPolicyTargetSystem
- Get JCPolicyTargetGroup
- New JCPolicy
- Set JCPolicy
Event Functions
Report Functions