Q. How can I bulk add entries to XML files?
A. PowerShell can utilize the System XML Writer to read in XML files and modify while actually understanding the nodes that make up an XML file. In the script below I add a large number of entries to an NPS policy export with each consisting of two blocks of XML which use some variables for the SIDs to be granted access and some identifiers. In this example I created an entry manually before I exported the source XML containing a policy which I look for and add the new entries under its entry. I import in two hash tables which contains the list of groups (and their SIDs) that I use to create all the policies I need.
[Reflection.Assembly]::LoadWithPartialName("System.Xml.Linq") | out-null
[Reflection.Assembly]::LoadWithPartialName("System.Xml") | out-null
$templateFile = "C:\PowerShell\NPSConfig_template.xml"
$outputFile= "C:\PowerShell\NPSConfig_output.xml"
$doc = [System.Xml.Linq.XDocument]::Load($templateFile);
$radiusPlaceholder = $doc.Root.Element("Children").Element("Microsoft_Internet_Authentication_Service").Element("Children").Element("RadiusProfiles").Element("Children").Element("Wireless_Authentication_VLAN291___LondonLab")
$networkPolicyPlaceholder = $doc.Root.Element("Children").Element("Microsoft_Internet_Authentication_Service").Element("Children").Element("NetworkPolicy").Element("Children").Element("Wireless_Authentication_VLAN291___LondonLab")
$vlangrouphash = Import-Clixml -Path "C:\PowerShell\vlans.xml"
$LABgrouphash = Import-Clixml -Path "C:\PowerShell\LABs.xml"
foreach ($LABNameentry in $LABgrouphash.Keys)
{
foreach ($vlanNameentry in $vlangrouphash.Keys)
{
$vlanGroupSID = $vlangrouphash[$vlanNameentry].Value
$LABGroupSID = $LABgrouphash[$LABNameentry].Value
$vlanName = $vlanNameentry.TrimEnd("GRP")
$vlanNumber = $vlanName.TrimStart("VLAN")
$LABName = $LABNameentry.TrimEnd("VLGRP")
$elementName = "Wireless_Authentication_$($vlanName)___$($LABName)"
$name = "Wireless Authentication $($vlanName) - $($LABName)"
$radiusProfilesTemplate = @"
<$elementName name="$name">
<Properties>
<IP_Filter_Template_Guid dt:dt="string" xmlns:dt="urn:schemas-microsoft-com:datatypes">{00000000-0000-0000-0000-000000000000}</IP_Filter_Template_Guid>
<Opaque_Data dt:dt="string" xmlns:dt="urn:schemas-microsoft-com:datatypes"/>
<Template_Guid dt:dt="string" xmlns:dt="urn:schemas-microsoft-com:datatypes">{00000000-0000-0000-0000-000000000000}</Template_Guid>
<msNPAllowDialin dt:dt="boolean" xmlns:dt="urn:schemas-microsoft-com:datatypes">1</msNPAllowDialin>
<msNPAllowedEapType dt:dt="bin.hex" xmlns:dt="urn:schemas-microsoft-com:datatypes">19000000000000000000000000000000</msNPAllowedEapType>
<msNPAllowedEapType dt:dt="bin.hex" xmlns:dt="urn:schemas-microsoft-com:datatypes">1a000000000000000000000000000000</msNPAllowedEapType>
<msNPAuthenticationType2 dt:dt="int" xmlns:dt="urn:schemas-microsoft-com:datatypes">5</msNPAuthenticationType2>
<msQuarantineState dt:dt="int" xmlns:dt="urn:schemas-microsoft-com:datatypes">0</msQuarantineState>
<msQuarantineUpdateNonCompliant dt:dt="boolean" xmlns:dt="urn:schemas-microsoft-com:datatypes">1</msQuarantineUpdateNonCompliant>
<msRADIUSTunnelMediumType dt:dt="int" xmlns:dt="urn:schemas-microsoft-com:datatypes">6</msRADIUSTunnelMediumType>
<msRADIUSTunnelPrivateGroupId dt:dt="string" xmlns:dt="urn:schemas-microsoft-com:datatypes">$vlanNumber</msRADIUSTunnelPrivateGroupId>
<msRADIUSTunnelType dt:dt="int" xmlns:dt="urn:schemas-microsoft-com:datatypes">13</msRADIUSTunnelType>
<msSavedMachineHealthCheckOnly dt:dt="int" xmlns:dt="urn:schemas-microsoft-com:datatypes">0</msSavedMachineHealthCheckOnly>
</Properties>
</$elementName>
"@
$NetworkPolicyTemplate = @"
<$elementName name="$name">
<Properties>
<Opaque_Data dt:dt="string" xmlns:dt="urn:schemas-microsoft-com:datatypes"/>
<Policy_Enabled dt:dt="boolean" xmlns:dt="urn:schemas-microsoft-com:datatypes">1</Policy_Enabled>
<Policy_SourceTag dt:dt="int" xmlns:dt="urn:schemas-microsoft-com:datatypes">0</Policy_SourceTag>
<Template_Guid dt:dt="string" xmlns:dt="urn:schemas-microsoft-com:datatypes">{00000000-0000-0000-0000-000000000000}</Template_Guid>
<msNPAction dt:dt="string" xmlns:dt="urn:schemas-microsoft-com:datatypes">$name</msNPAction>
<msNPConstraint dt:dt="string" xmlns:dt="urn:schemas-microsoft-com:datatypes">USERNTGROUPS("$vlanGroupSID")</msNPConstraint>
<msNPConstraint dt:dt="string" xmlns:dt="urn:schemas-microsoft-com:datatypes">USERNTGROUPS("$LABGroupSID")</msNPConstraint>
<msNPConstraint dt:dt="string" xmlns:dt="urn:schemas-microsoft-com:datatypes">MATCH("NAS-Identifier=$LABName")</msNPConstraint>
<msNPSequence dt:dt="int" xmlns:dt="urn:schemas-microsoft-com:datatypes">2</msNPSequence>
</Properties>
</$elementName>
"@
$radiusElement = [System.Xml.Linq.XElement]::Parse($radiusProfilesTemplate);
$networkPolicyElement = [System.Xml.Linq.XElement]::Parse($NetworkPolicyTemplate);
$radiusPlaceholder.AddAfterSelf($radiusElement);
$networkPolicyPlaceholder.AddAfterSelf($networkPolicyElement);
}
}
$settings = new-object System.Xml.XmlWriterSettings
$settings.Indent = $true;
$settings.Encoding = [System.Text.Encoding]::UTF8
$xmlWriter = [System.Xml.XmlWriter]::Create($outputFile,$settings)
try
{
$doc.WriteTo($xmlWriter)
}
finally
{
$xmlWriter.Close()
}
0 comments
Hide comments
