<# Script to create SFTP account to Bitvise WinSSHD#># stop if any error

1. <#
2.  
3. Script to create SFTP account to Bitvise WinSSHD
4. #>
5.  
6. # stop if any error occurs
7. $ErrorActionPreference = "Stop"
8.  
9. # Check for WinRM
10. Try {
11. Test-WSMan
12. }
13. # WinRM not running, lets fix it:
14. Catch {
15. Write-Verbose "WinRM is not running, trying to start it"
16. $command = "sc.exe \\$env:COMPUTERNAME config WinRM start= delayed-auto"
17. $Output = Invoke-Expression -Command $Command -ErrorAction Stop
18.  
19. if($LASTEXITCODE -ne 0){
20. Write-Error "Failed to set WinRM to delayed start: $Output"
21. }
22. else {
23. Write-Verbose "Successfully changed WinRM service to delayed start"
24. Write-Verbose "Starting WinRM"
25. Start-Service WinRM
26. Write-Verbose "Adding server to TrustedHosts"
27. $command = "winrm set winrm/config/client `'@{TrustedHosts=`"BITVISE_SERVER_ADDRESS`"}`'"
28. Write-Verbose $command
29.  
30. $Output = Invoke-Expression -Command $Command -ErrorAction Stop
31.  
32. if($LASTEXITCODE -ne 0){
33. Write-Error "Failed to trust server: $Output"
34. }
35. else {
36. Write-Verbose "Succesfully added server to WinRM TrustedHosts"
37. }
38.  
39. }
40.  
41. }
42.  
43. Function GET-Temppassword() {
44.  
45. Param(
46.  
47. [int]$length=10
48.  
49.  
50. )
51.  
52. $alphabet=$NULL;For ($a=65;$a –le 90;$a++) {$alphabet+=,[char][byte]$a }
53.  
54. For ($loop=1; $loop –le $length; $loop++) {
55.  
56. $TempPassword+=($alphabet | GET-RANDOM)
57.  
58. }
59.  
60. return $TempPassword
61.  
62. }
63.  
64. $username = "YOUR_BITVISE_HOST_USERNAME"
65. $secpasswd = ConvertTo-SecureString "YOUR_BITVISE_HOST_PASSWORD" -AsPlainText -Force
66. $Cred = New-Object System.Management.Automation.PSCredential ($username, $secpasswd)
67. $computername = "YOUR_BITVISE_HOST"
68.  
69.  
70. # show verbose messages
71. $VerbosePreference = "Continue"
72.  
73. # ask username
74. $username = Read-Host 'SFTP Username '
75. # Remove sftp_ prefix, it will be added later
76. if($username -like "sftp_*") {
77. $username = $username.Substring(5)
78. }
79. # generate password 8 chars long
80. $password = GET-Temppassword -length 8
81.  
82. Write-Verbose "USERNAME: sftp_$username"
83. Write-Verbose "PASSWORD: $password"
84.  
85. $choice = ""
86. while ($choice -notmatch "[y|n]"){
87. $choice = read-host "Continue? (Y/N)"
88. }
89.  
90. if ($choice -eq "n"){
91. Exit
92. }
93. Invoke-Command -ComputerName $computername -Credential $Cred -ArgumentList $username,$password -ScriptBlock {
94. try {
95. $cfg = New-Object -ComObject BssCfg645.BssCfg645
96.  
97. }
98. Catch {
99. Write-Error "Failed to load COM objects, Check WinsshdCfgManip.idl for version"
100. }
101. try {
102. # Lock settings so there wont be concurrency
103. $cfg.LockServerSettings()
104. # Load current settings to memory
105. $cfg.LoadServerSettings()
106. # Insert account
107. $cfg.ProcessInstruction("access.virtAccounts.New.virtAccount " + '"sftp_' + $args[0] + '"')
108. $cfg.ProcessInstruction("access.virtAccounts.New.virtPassword.Set " + '"' + $args[1] + '"')
109. $cfg.ProcessInstruction("access.virtAccounts.New.group " + '"Virtual Users"')
110. $cfg.ProcessInstruction("access.virtAccounts.New.loginAllowed " + 'yes')
111. $cfg.ProcessInstruction("access.virtAccounts.New.auth.passwordAuth " + 'required')
112. $cfg.ProcessInstruction("access.virtAccounts.New.permitRemoteAdmin " + 'no')
113. $cfg.ProcessInstruction("access.virtAccounts.New.session.mapRemoteHomeDir " + 'yes')
114. $cfg.ProcessInstruction("access.virtAccounts.New.term.shellCustom.permitTerminalShell " + 'no')
115. $cfg.ProcessInstruction("access.virtAccounts.New.term.shellCustom.permitExecRequests " + 'no')
116. $cfg.ProcessInstruction("access.virtAccounts.New.xfer.permitSftp " + 'yes')
117.  
118. #deprecated
119. #$cfg.ProcessInstruction("access.virtAccounts.New.sfsMap.useDefaultSfsMap " + 'false')
120.  
121. # Insert "Virtual mount point"
122. $cfg.ProcessInstruction("access.virtAccounts.New.xfer.mountPoints.CreateNewWithId " + '1')
123. $cfg.ProcessInstruction("access.virtAccounts.New.xfer.mountPoints.New.sfsMountPath " + '"/"')
124. $cfg.ProcessInstruction("access.virtAccounts.New.xfer.mountPoints.New.realRootPath " + '"D:\\data\\sftp\\sftp_'+$args[0]+'"')
125. $cfg.ProcessInstruction("access.virtAccounts.New.xfer.mountPoints.New.providerDll " + '"FlowSfsWin"')
126. $cfg.ProcessInstruction("access.virtAccounts.New.xfer.mountPoints.NewCommit")
127. $cfg.ProcessInstruction("access.virtAccounts.NewCommit")
128. # save settings
129. $cfg.SaveServerSettings()
130. # unlock settings
131. $cfg.UnlockServerSettings()
132.  
133. }
134. Catch {
135. Write-Error "Script failed" $_.Exception.Message
136. }
137. # Lets unlock settings so it wont stay locked forever
138. finally {
139. $cfg.UnlockServerSettings();
140.  
141. }
142.  
143. }
144.  
145. Write-Verbose "SFTP account has been created"
146. Write-Verbose "Creating directory: d:\data\sftp\sftp_$username"
147.  
148. Invoke-Command -ComputerName $computername -Credential $Cred -ScriptBlock {
149. new-item ("d:\data\sftp\sftp_" + $args[0]) -itemtype directory
150. } -ArgumentList $username | Out-Null