This is an beta version for an PowerShell Module for the Ubiquiti UBNT SDN Controller API.
I started this module as an internal helper for many automated updates for my UniFi Security Gateway Firewall Rules and do a few other things (automated). I migrated everything into a regular module and published it as open source after using it for a while.
I plan to release versions that cover more and more functions. However, I need to refactor and document the code before doing so.
You will find some demo use cases within the UseCases directory.
This document is based on UniFiTooling version 1.0.11
Beta version - Work still in progress.
Please remember this before using it in production. You have been warned :)
- PowerShell 5.1, or later.
- Desktop and Core are both supported.
- Tested on:
- Windows 10, with PowerShell Desktop Version 5.1
- Windows Server 2016, with PowerShell Desktop Version 5.1
- Windows 10, with PowerShell Core Version 6.1.2
- macOS 10.14.3, with PowerShell Core Version 6.1.2
- CentOS Linux release 7.6, with PowerShell Core Version 6.1.2
- Ubiquiti UBNT SDN Controller, Version 5.10.10
- This is the only tested version
- Other (older, or newer) Ubiquiti UBNT SDN Controller Versions might work
UniFiTooling has no dependencies and it was designed to work on any operation system that runs PowerShell Desktop 5.1, or newer, or PowerShell Core Version 6.1, or newer.
There are several ways to get, install, and use this module.
Install the module with PowerShellGet directly from the Powershell Gallery, this is the recommended method!
# Install the module for the Current User
# with PowerShellGet directly from the Powershell Gallery, Preferred method
# Run in a regular or administrative PowerShell prompt (Elevated).
PS C:\> Install-Module -Name 'UniFiTooling' -Scope CurrentUser
# Install the module for the All Users
# with PowerShellGet directly from the Powershell Gallery, Preferred method.
# Run this in an administrative PowerShell prompt (Elevated).
PS C:\> Install-Module -Name 'UniFiTooling' -Scope AllUsers
PS C:\> iex (New-Object Net.WebClient).DownloadString("https://github.com/Enatec/UniFiTooling/raw/master/Install.ps1")
You will find tha latest version in the release page of the GitHub repository
Or clone this GitHub repository to your local machine, extract, go to the .\releases\UniFiTooling
directory and import the module to your session to test, but not install this module.
After installation of the Module, open a PowerShell Session (regular or elevated).
PS C:\> New-UniFiConfig -UniFiUsername 'user' -UniFiPassword 'password' -UniFiProtocol 'https' -UniFiSelfSignedCert $true -UniFiHostname 'unifi.contoso.com' -UniFiPort '8443' -Path '.\UniFiConfig.json'
Replace the values with your needs. Please also see the detailed description below.
Before using any command, you need to login to the controller.
PS C:\> Invoke-UniFiApiLogin
In version 1.0.8, this will change: You no longer need to login/authenticate. All commands will do a check and login/authenticate when needed.
This will show you the real error-message:
PS C:\> Invoke-UniFiApiLogin -verbose
Execute any command now...
PS C:\> Get-UnifiNetworkList
You should logoff after you are done! The session will timeout, but this will clean up everything for you.
PS C:\> Invoke-UniFiApiLogout
Any Feedback is appreciated! Please open a GitHub issue as Bug report if you find something not working.
Anything missing? Please open a GitHub issue as Feature request. Suggest an idea for this Module will help to improve this module.
Please read our Contribution Guide and Code of Conduct.
Early beta version, use at your own risk! Not ready for showtime (production) yet...
Keep this file in a secure place, especially in a shared environment. It contains the credentials (Yes, username and password) of your UniFi Admin User in plain text (human readable).
Here is a sample configuration:
{
"Login": {
"Username": "adminuser",
"Password": "AdminPassword"
},
"protocol": "https",
"SelfSignedCert": true,
"Hostname": "unifi.contoso.com",
"Port": 443
}
The login of a UniFi User with admin rights
The password for the user given above. It is clear text for now. I know... But the Ubiquiti UniFi Controller seems to understand plain text only.
I plan to use a hashed and/or encryted version for a future version. But during the runtime, it is still as human readable clear text in memory and the Invoke-UniFiApiLogin
furthermore, sends it as human readable clear text information within a JSON formatted body.
Valid is http
and https
. Please note: http
is untested and it might not even work!
If you use a self signed certificate and/or a certificate from an untrusted CA, you might want to use true
here.
This is a Bool, but only true
or false
for now. I use this directly in PowerShell.
Please note: I can be dangerous to trust a certificate without checking it! I think it is OK to do within an Intranet, but I would avoid doing it over the public Internet! Especially with the Invoke-UniFiApiLogin
command, because this will send the Credentials (Yes, username and password) of your UniFi Admin User in clear text in a JSON based body. If this is intercepted you might be in danger!
The Ubiquiti UniFi Controller you want to use. You can use a Fully-Qualified Host Name (FQHN) or an IP address. Please note that your certificate must match the name and/or IP address as SAN name. Otherwise you might need to set the SelfSignedCert
to true
.
The port number that you have configured on your Ubiquiti UniFi Controller.
Joerg Hochwald - http://hochwald.net
N.N. (could be you)
Copyright (c) 2019, enabling Technology All rights reserved.
BSD 3-Clause "New" or "Revised" License. Here is the the online version of the License.