This blog is a follow up to my last blog where I featured a powershell script for acquiring data for configured content switching virtual servers on a NetScaler appliance.  This article features a powershell script that acquires configuration data for NetScaler Gateway.  If you haven’t read the last blog to this series, you can locate it here:

The script featured in this article will output data relating to a NetScaler Gateway virtual server.  Below is an example of the output:

Example Output

NetScaler Object Values
NetScaler Gateway Virtual Server
NetScalerGatewayName AGX.Xlion.Net
Protocol SSL
IPAddress 192.168.1.142
Port 443
MaxAAAUsers 5
CertKey Name Wildcard
Certificate File Name certnew.cer
Certificate Key File Name /nsconfig/ssl/Wildcard.Key
LDAP Authentication Policy Name Xlion_LDAP_Pol
LDAP Authentication Profile Name Xlion_LDAP_Server
LDAP Authentication Policy Expression ns_true
LDAP Authentication Policy Priority 100
LDAP Authentication Server IP Address 192.168.1.145
LDAP Authentication Server Port 389
LDAP Authentication Server Base OU=Users,OU=Citrix Infrastructure,DC=XLion,DC=Net
LDAP Authentication Server Bind DN CN=Administrator,OU=Users,OU=Citrix Infrastructure,DC=XLion,DC=Net
NetScaler Gateway Session Policy Name StoreFront_Policy
NetScaler Gateway Session Policy Expression ns_true
NetScaler Gateway Session Profile Name Storefront_Profile
NetScaler Gateway Session Policy Priority 100
NetScaler Gateway Session Profile Web Interface URL http://CitrixSF1.Xlion.Net/Citrix/LionWeb

Below are the main Nitro APIs utilized in the script:

[com.citrix.netscaler.nitro.resource.config.vpn.vpnvserver] – Configuration for VPN virtual server resource.

[com.citrix.netscaler.nitro.resource.config.ssl.sslcertkey] – Configuration for certificate key resource.

[com.citrix.netscaler.nitro.resource.config.authentication.authenticationldappolicy] – Authentication configuration.

[com.citrix.netscaler.nitro.resource.config.authentication.authenticationldapaction] – Authentication configuration.

[com.citrix.netscaler.nitro.resource.config.vpn.vpnsessionpolicy] – Configuration for VPN session policy resource.

[com.citrix.netscaler.nitro.resource.config.vpn.vpnsessionaction] – Configuration for VPN session action resource.

[com.citrix.netscaler.nitro.resource.config.vpn.vpnvserver_authenticationldappolicy_binding] – Binding class showing the authentication ldap policy that can be bound to vpnvserver.

[com.citrix.netscaler.nitro.resource.config.vpn.vpnvserver_vpnsessionpolicy_binding] – Binding class showing the vpnsessionpolicy that can be bound to vpnvserver.

[com.citrix.netscaler.nitro.resource.config.ssl.sslcertkey_sslvserver_binding] – Binding class showing the sslvserver that can be bound to sslcertkey.

Below is the powershell script utilized to generate the output for Load Balancing virtual servers:

$nsip = ‘192.168.1.140’
$user = ‘nsroot’
$pass = ‘nsroot’

$path1 = “C:\Nitro\ns-10.1-122.17-sdk.tar\ns-10.1-122.17-sdk\ns_nitro-csharp_dara_122_17\lib\Newtonsoft.Json.dll”
$O = [System.Reflection.Assembly]::LoadFile($path1)
$path = “C:\Nitro\ns-10.1-122.17-sdk.tar\ns-10.1-122.17-sdk\ns_nitro-csharp_dara_122_17\lib\nitro.dll”
$O = [System.Reflection.Assembly]::LoadFile($path)
$nitrosession = new-object com.citrix.netscaler.nitro.service.nitro_service($nsip,”http”)
$session = $nitrosession.login($user,$pass)

$BeginHTMLTable = “<table border=1px width=800px>”
$EndHTMLTable = “</table>”
$BeginRow = “<tr>”
$EndRow = “</tr>”
$TableHeading = “<th>NetScaler Object</th> <th>Values</th>”
$HTMLFile = “c:\Scripts\NS_NSG_HTML.htm”
$BeginHTMLTable | Add-Content $HTMLFile
$TableHeading | Add-Content $HTMLFile

$AllNetScalerGatewayObj = [com.citrix.netscaler.nitro.resource.config.vpn.vpnvserver]::get($nitrosession)
$AllSSLCerts = [com.citrix.netscaler.nitro.resource.config.ssl.sslcertkey]::get($nitrosession)
$AllLDAPAuthenticationPolicies = [com.citrix.netscaler.nitro.resource.config.authentication.authenticationldappolicy]::get($nitrosession)
$AllLDAPAuthenticationProfiles = [com.citrix.netscaler.nitro.resource.config.authentication.authenticationldapaction]::get($nitrosession)
$AllSessionPolicies = [com.citrix.netscaler.nitro.resource.config.vpn.vpnsessionpolicy]::get($nitrosession)
$AllSessionProfiles = [com.citrix.netscaler.nitro.resource.config.vpn.vpnsessionaction]::get($nitrosession)

foreach ($a in $AllNetScalerGatewayObj)

{
$BeginRow = “<tr>” | Add-Content $HTMLFile
“<td bgcolor=#808080> <font face=garamond>NetScaler Gateway Virtual Server </font></td><td bgcolor=#808080></td>” | Add-Content $HTMLFile
$EndRow = “</tr>” | Add-Content $HTMLFile

$BeginRow = “<tr>” | Add-Content $HTMLFile
$VNSGName = $a.name
“<td> <font face=garamond>NetScalerGatewayName </font></td><td><font face=garamond>” + $VNSGName + “</font></td>” | Add-Content $HTMLFile
$EndRow = “</tr>” | Add-Content $HTMLFile

$BeginRow = “<tr>” | Add-Content $HTMLFile
$VProtocol = $a.servicetype
“<td><font face=garamond>Protocol </font></td><td><font face=garamond>” + $VProtocol + “</font></td>” | Add-Content $HTMLFile
$EndRow = “</tr>” | Add-Content $HTMLFile

$BeginRow = “<tr>” | Add-Content $HTMLFile
$VIP = $a.ipv46
“<td><font face=garmond>IPAddress </font></td><td><font face=garamond>” + $VIP + “</font></td>” | Add-Content $HTMLFile
$EndRow = “</tr>” | Add-Content $HTMLFile

$BeginRow = “<tr>” | Add-Content $HTMLFile
$VPort = $a.port
“<td><font face=garamond >Port </font></td><td><font face=garamond>” + $VPort + “</font></td>” | Add-Content $HTMLFile
$EndRow = “</tr>” | Add-Content $HTMLFile

$BeginRow = “<tr>” | Add-Content $HTMLFile
$VAAAUsers = $a.maxaaausers
“<td><font face=garamond >MaxAAAUsers </font></td><td><font face=garamond>” + $VAAAUsers + “</font></td>” | Add-Content $HTMLFile
$EndRow = “</tr>” | Add-Content $HTMLFile

$NSGvServerLDAPAuthenticationPolicyObj = [com.citrix.netscaler.nitro.resource.config.vpn.vpnvserver_authenticationldappolicy_binding]::get($nitrosession,$a.name)
$NSGvServerSessionPolicyObj = [com.citrix.netscaler.nitro.resource.config.vpn.vpnvserver_vpnsessionpolicy_binding]::get($nitrosession,$a.name)
foreach ($b in $AllSSLCerts)

{ $SSLCertKeyBinding = [com.citrix.netscaler.nitro.resource.config.ssl.sslcertkey_sslvserver_binding]::get($nitrosession,$b.certkey)
if ($SSLCertKeyBinding.servername -eq $a.name)
{
$BeginRow = “<tr>” | Add-Content $HTMLFile
$VCertKey = $b.certkey
“<td><font face=garamond >CertKey Name </font></td><td><font face=garamond>” + $VCertKey + “</font></td>” | Add-Content $HTMLFile
$EndRow = “</tr>” | Add-Content $HTMLFile

$BeginRow = “<tr>” | Add-Content $HTMLFile
$VCert = $b.cert
“<td><font face=garamond >Certificate File Name </font></td><td><font face=garamond>” + $VCert + “</font></td>” | Add-Content $HTMLFile
$EndRow = “</tr>” | Add-Content $HTMLFile

$BeginRow = “<tr>” | Add-Content $HTMLFile
$VKey = $b.key
“<td><font face=garamond >Certificate Key File Name </font></td><td><font face=garamond>” + $VKey + “</font></td>” | Add-Content $HTMLFile
$EndRow = “</tr>” | Add-Content $HTMLFile
}

} #end of $AllSSLCerts foreach loop.

foreach ($c in $AllLDAPAuthenticationPolicies)

{
if ($NSGvServerLDAPAuthenticationPolicyObj.policy -eq $c.name)
{
$BeginRow = “<tr>” | Add-Content $HTMLFile
$VPolicyName = $c.name
“<td><font face=garamond >LDAP Authentication Policy Name </font></td><td><font face=garamond>” + $VPolicyName + “</font></td>” | Add-Content $HTMLFile
$EndRow = “</tr>” | Add-Content $HTMLFile

$BeginRow = “<tr>” | Add-Content $HTMLFile
$VProfileName = $c.reqaction
“<td><font face=garamond >LDAP Authentication Profile Name </font></td><td><font face=garamond>” + $VProfileName + “</font></td>” | Add-Content $HTMLFile
$EndRow = “</tr>” | Add-Content $HTMLFile

$BeginRow = “<tr>” | Add-Content $HTMLFile
$VAuthPolicyExp = $c.rule
“<td><font face=garamond >LDAP Authentication Policy Expression </font></td><td><font face=garamond>” + $VAuthPolicyExp + “</font></td>” | Add-Content $HTMLFile
$EndRow = “</tr>” | Add-Content $HTMLFile

$BeginRow = “<tr>” | Add-Content $HTMLFile
$VAuthPolicyPriority = $NSGvServerLDAPAuthenticationPolicyObj.priority
“<td><font face=garamond >LDAP Authentication Policy Priority </font></td><td><font face=garamond>” + $VAuthPolicyPriority + “</font></td>” | Add-Content $HTMLFile
$EndRow = “</tr>” | Add-Content $HTMLFile
}
} #end of $AllLDAPAuthenticationPolicyObj foreach loop.

foreach ($d in $AllLDAPAuthenticationProfiles)
{
if($AllLDAPAuthenticationProfiles.name -eq $c.reqaction)
{

$BeginRow = “<tr>” | Add-Content $HTMLFile
$VAuthIPAddress = $AllLDAPAuthenticationProfiles.serverip
“<td><font face=garamond >LDAP Authentication Server IP Address </font></td><td><font face=garamond>” + $VAuthIPAddress + “</font></td>” | Add-Content $HTMLFile
$EndRow = “</tr>” | Add-Content $HTMLFile

$BeginRow = “<tr>” | Add-Content $HTMLFile
$VAuthPort = $AllLDAPAuthenticationProfiles.serverport
“<td><font face=garamond >LDAP Authentication Server Port </font></td><td><font face=garamond>” + $VAuthPort + “</font></td>” | Add-Content $HTMLFile
$EndRow = “</tr>” | Add-Content $HTMLFile

$BeginRow = “<tr>” | Add-Content $HTMLFile
$VAuthBase = $AllLDAPAuthenticationProfiles.ldapbase
“<td><font face=garamond >LDAP Authentication Server Base </font></td><td><font face=garamond>” + $VAuthBase + “</font></td>” | Add-Content $HTMLFile
$EndRow = “</tr>” | Add-Content $HTMLFile

$BeginRow = “<tr>” | Add-Content $HTMLFile
$VAuthProfilesBindDN = $AllLDAPAuthenticationProfiles.ldapbinddn
“<td><font face=garamond >LDAP Authentication Server Bind DN </font></td><td><font face=garamond>” + $VAuthProfilesBindDN + “</font></td>” | Add-Content $HTMLFile
$EndRow = “</tr>” | Add-Content $HTMLFile
}
} #end of $AllLDAPAuthenticationProfiles foreach loop.

foreach ( $e in $AllSessionPolicies )

{
if ($NSGvServerSessionPolicyObj.policy -eq $e.name)
{
$BeginRow = “<tr>” | Add-Content $HTMLFile
$VSessionPolicyName = $e.name
“<td><font face=garamond >NetScaler Gateway Session Policy Name </font></td><td><font face=garamond>” + $VSessionPolicyName + “</font></td>” | Add-Content $HTMLFile
$EndRow = “</tr>” | Add-Content $HTMLFile

$BeginRow = “<tr>” | Add-Content $HTMLFile
$VSessionExpression = $e.rule
“<td><font face=garamond >NetScaler Gateway Session Policy Expression </font></td><td><font face=garamond>” + $VSessionExpression + “</font></td>” | Add-Content $HTMLFile
$EndRow = “</tr>” | Add-Content $HTMLFile

$BeginRow = “<tr>” | Add-Content $HTMLFile
$VProfileName = $e.action
“<td><font face=garamond >NetScaler Gateway Session Profile Name </font></td><td><font face=garamond>” + $VProfileName + “</font></td>” | Add-Content $HTMLFile
$EndRow = “</tr>” | Add-Content $HTMLFile

$BeginRow = “<tr>” | Add-Content $HTMLFile
$VSessionPriority = $NSGvServerSessionPolicyObj.priority
“<td><font face=garamond >NetScaler Gateway Session Policy Priority </font></td><td><font face=garamond>” + $VSessionPriority + “</font></td>” | Add-Content $HTMLFile
$EndRow = “</tr>” | Add-Content $HTMLFile

}

} # end of $AllSessionPolicies foreach loop.

foreach ($f in $AllSessionProfiles)

{
if ($e.action -eq $f.name)
{

$BeginRow = “<tr>” | Add-Content $HTMLFile
$VWIURL = $f.wihome
“<td><font face=garamond >NetScaler Gateway Session Profile Web Interface URL </font></td><td><font face=garamond>” + $VWIURL + “</font></td>” | Add-Content $HTMLFile
$EndRow = “</tr>” | Add-Content $HTMLFile
}

}
}
$EndHTMLTable | Add-Content $HTMLFile

This article isn’t intended to teach powershell, but to provide a real-world example of how one could use powershell to generate powerful scripts to automate  tasks on the Citrix NetScaler, utilizing the Nitro API.

Note:  In order to view the script in it’s entirety, right click on the web page and click view page source.  Locate the script and copy and paste it into your favorite editor.

I hope you find this to be informative.