# Script to solve issue with Samsung ELM Key # # Created by Arnaud Pain # November, 2017 # Version 1.0 <# .SYNOPSIS List Samsung Devices on which Samsung SAFE API Available is False and create a new property. This new property will be used as filter to apply a new policy with the "Good" ELM Key .DESCRIPTION This script will log into a XenMobile Server, list the Samsung devices, ..., Create new Property #> #region connect to XMS # Bypass certificate verification to enable access with XMS IP Address [System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true} # Connect to XMS server $host.ui.RawUI.ForegroundColor = "White" $XMS = Read-Host -Prompt 'Please provide url of the XMS Server' # Function XMS-Test to verify FQDN if script run from Internet $DNSName = $XMS Function XMS-Test { trap [System.Management.Automation.MethodInvocationException]{ write-host "Warning: " -ForegroundColor Red; write-host "Host does not exist Please verify the address provided" -Foregroundcolor Yellow; $host.ui.RawUI.ForegroundColor = "white"; exit} write-host ([System.Net.Dns]::GetHostAddresses($XMS)>$null) $host.ui.RawUI.ForegroundColor = "Green" write-host " Host verification successful" $host.ui.RawUI.ForegroundColor = "White" write-host " " } # Function to check if port 4443 is opened Function Port-Test { $test=(New-Object System.Net.Sockets.TcpClient).Connect($XMS, 4443) trap [System.Management.Automation.MethodInvocationException]{ write-host "Warning: " -ForegroundColor Red; write-host "Port 4443 is not opened" -Foregroundcolor Yellow; $host.ui.RawUI.ForegroundColor = "white"; exit} $host.ui.RawUI.ForegroundColor = "Green" write-host " Port 4443 is open" $host.ui.RawUI.ForegroundColor = "White" } # Check if XMS server can be resolved $host.ui.RawUI.ForegroundColor = "Yellow" write-host "Verifying Host:" $XMS $host.ui.RawUI.ForegroundColor = "white" XMS-Test # Check if port 4443 is opened $host.ui.RawUI.ForegroundColor = "Yellow" write-host "Verifying if port 4443 is open for" $XMS write-host " " $host.ui.RawUI.ForegroundColor = "white" Port-Test # Get Login credentials write-host "Please provide username and password" $Credential = get-credential $null # Check Credentials before continue $log = '{{"login":"{0}","password":"{1}"}}' $cred = ($log -f $Credential.UserName, $Credential.GetNetworkCredential().Password) $headers=@{"Content-Type" = "application/json"} $Url = "https://${XMS}:4443/xenmobile/api/v1/authentication/login" $json=Invoke-RestMethod -Uri $url -Body $cred -Headers $headers -Method POST $headers.add("auth_token",$json.auth_token) #endregion #region function to create a new device property Function Add-New-Dev-Prop { $newpropname = "Samsung SAFE Regularization" $newpropvalue = "true" Write-host "$(Get-Date): Add New Device Property"$newpropname" to ID" $id $req= ' { "name": "' + $newpropname + '", "value": "' + $newpropvalue +'" } ' $invokereq=Invoke-RestMethod -Uri https://${XMS}:4443/xenmobile/api/v1/device/property/$id -Body $req -Headers $headers -Method Post $host.ui.RawUI.ForegroundColor = "Green" Write-Host "$(Get-Date): Device Property"$newpropname" has been successfully added to ID "$id $host.ui.RawUI.ForegroundColor = "white" } #endregion #region Retrieve List of enrolled Devices $devBody= ' { "start": 0, "limit": 10000 } ' $dev=Invoke-RestMethod -Uri https://${XMS}:4443/xenmobile/api/v1/device/filter -Body $devBody -Headers $headers -Method Post -Verbose:$false $count = $dev.matchedRecords $value=0 write-host "$(Get-Date):"$count" Total Devices enrolled" #endregion #region Retrieve List of Samsung Devices for($v=0;$v -lt $count;$v++) { $cprop=$dev.filteredDevicesDataList[$v].properties.length for($w=0;$w -lt $cprop;$w++) { $test = $dev.filteredDevicesDataList[$v].properties[$w].name if($test -eq "SAMSUNG_MDM_VERSION") { $value ++ } } } write-host "$(Get-Date): Found"$value" Samsung Devices" #endregion #region Retrieve Samsung Devices with SAMSUNG_MDM_VERSION greater than 1 $value=0 for($v=0;$v -lt $count;$v++) { $cprop=$dev.filteredDevicesDataList[$v].properties.length for($w=0;$w -lt $cprop;$w++) { $test = $dev.filteredDevicesDataList[$v].properties[$w].name $testv = $dev.filteredDevicesDataList[$v].properties[$w].value if(($test -eq "SAMSUNG_MDM_VERSION") -and ($testv -gt 1)) { $value ++ } } } write-host "$(Get-Date): Found"$value" Samsung Devices with SAMSUNG_MDM_VERSION greater than 1" #endregion #region Retrieve Samsung Devices with SAMSUNG_SAFE API Available set to False $value=0 for($v=0;$v -lt $count;$v++) { $cprop=$dev.filteredDevicesDataList[$v].properties.length for($w=0;$w -lt $cprop;$w++) { $test = $dev.filteredDevicesDataList[$v].properties[$w].name $testv = $dev.filteredDevicesDataList[$v].properties[$w].value if(($test -eq "SAMSUNG_MDM") -and ($testv -eq 0)) { $value ++ } } } write-host "$(Get-Date): Found"$value" Samsung Devices with SAMSUNG_SAFE API Available set to False" #endregion # Invoke the function to create a new property for the Samsung Devices with SAMSUNG_SAFE API Available set to False $value=0 for($v=0;$v -lt $count;$v++) { if($dev.filteredDevicesDataList[$v].id -eq "2660") { $id=$dev.filteredDevicesDataList[$v].id Add-New-Dev-Prop $value++ } } write-host "$(Get-Date):"$value" Devices are now with the New Property" #endregion