diff --git a/README.md b/README.md index 621eaa2..638cc10 100644 --- a/README.md +++ b/README.md @@ -102,6 +102,11 @@ Die grundlegende Funktionalität wurde mit folgenden Komponenten implementiert: - `scripts/powershell/create_user.ps1`: PowerShell-Skript zum Erstellen eines einzelnen Benutzers. - `scripts/powershell/create_users_csv.ps1`: PowerShell-Skript zum Erstellen mehrerer Benutzer aus CSV. +- `scripts/powershell/check_environment.ps1`: Prüft, ob `ActiveDirectory`-Modul vorhanden ist und zeigt die ausführende Identität an. + +API endpoints: +- `public/api/powershell_check.php`: Ruft `check_environment.ps1` auf und gibt ein JSON-Objekt mit `actor`, `module_installed`, `can_new_aduser` zurück. + Bitte testen zuerst mit `powershell.dry_run = true` und prüfen sie die resultierenden Meldungen in UI. diff --git a/public/api/powershell_check.php b/public/api/powershell_check.php new file mode 100644 index 0000000..bd10313 --- /dev/null +++ b/public/api/powershell_check.php @@ -0,0 +1,45 @@ + false, 'message' => 'Not authenticated']); + exit; +} + +$scriptDir = $config['powershell']['script_dir'] ?? __DIR__ . '/../../scripts/powershell'; +$script = $scriptDir . DIRECTORY_SEPARATOR . 'check_environment.ps1'; +$exe = $config['powershell']['exe'] ?? 'powershell'; +$executionPolicy = $config['powershell']['execution_policy'] ?? 'Bypass'; + +if (!file_exists($script)) { + header('Content-Type: application/json'); + echo json_encode(['success' => false, 'message' => 'Script not found: ' . $script]); + exit; +} + +$cmd = sprintf('%s -NoProfile -NonInteractive -ExecutionPolicy %s -File "%s"', $exe, $executionPolicy, $script); + +$output = []; +$returnVar = null; +exec($cmd . ' 2>&1', $output, $returnVar); +$json = implode("\n", $output); + +// Attempt to parse JSON +$decoded = json_decode($json, true); +if ($decoded === null) { + header('Content-Type: application/json'); + echo json_encode(['success' => false, 'message' => 'Invalid JSON output', 'raw' => $json]); + exit; +} + +header('Content-Type: application/json'); +echo json_encode($decoded); +exit; diff --git a/scripts/powershell/check_environment.ps1 b/scripts/powershell/check_environment.ps1 new file mode 100644 index 0000000..811cdea --- /dev/null +++ b/scripts/powershell/check_environment.ps1 @@ -0,0 +1,17 @@ +# Returns JSON with information about the environment and AD module availability +Try { + $actor = [System.Security.Principal.WindowsIdentity]::GetCurrent().Name +} Catch { + $actor = $null +} + +# Does the ActiveDirectory module exist? +$module = Get-Module -ListAvailable -Name ActiveDirectory -ErrorAction SilentlyContinue +$hasModule = $module -ne $null + +# Is New-ADUser available? +$canNewAdUser = (Get-Command New-ADUser -ErrorAction SilentlyContinue) -ne $null + +$output = @{ success = $true; actor = $actor; module_installed = $hasModule; can_new_aduser = $canNewAdUser } +Write-Output ($output | ConvertTo-Json -Compress) +exit 0 diff --git a/scripts/powershell/create_users_csv.ps1 b/scripts/powershell/create_users_csv.ps1 index af438a3..7f1782a 100644 --- a/scripts/powershell/create_users_csv.ps1 +++ b/scripts/powershell/create_users_csv.ps1 @@ -13,7 +13,10 @@ try { } $csvFile = [string]$meta.input_file -$delimiter = [string]($meta.delimiter ?? ',') +# PowerShell 5.1 doesn't support the null-coalescing operator '??'. +# Use an explicit check here to set the default delimiter. +$delimiter = [string]$meta.delimiter +if ([string]::IsNullOrWhiteSpace($delimiter)) { $delimiter = ',' } $hasHeader = [bool]($meta.has_header -as [bool]) $dryRun = [bool]($meta.dry_run -as [bool])